PHP Класс Prado\Security\TAuthManager

TAuthManager performs user authentication and authorization for a Prado application. TAuthManager works together with a {@link IUserManager} module that can be specified via the {@link setUserManager UserManager} property. If an authorization fails, TAuthManager will try to redirect the client browser to a login page that is specified via the {@link setLoginPage LoginPage}. To login or logout a user, call {@link login} or {@link logout}, respectively. The {@link setAuthExpire AuthExpire} property can be used to define the time in seconds after which the authentication should expire. {@link setAllowAutoLogin AllowAutoLogin} specifies if the login information should be stored in a cookie to perform automatic login. Enabling this feature will cause that {@link setAuthExpire AuthExpire} has no effect since the user will be logged in again on authentication expiration. To load TAuthManager, configure it in application configuration as follows,
С версии: 3.0
Автор: Qiang Xue ([email protected])
Наследование: extends Prado\TModule
Показать файл Открыть проект Примеры использования класса

Открытые методы

Метод Описание
doAuthentication ( $sender, $param ) Performs authentication.
doAuthorization ( $sender, $param ) Performs authorization.
getAllowAutoLogin ( ) : boolean
getAuthExpire ( ) : integer
getLoginPage ( ) : string
getReturnUrl ( ) : string
getReturnUrlVarName ( ) : string
getUserKey ( ) : string
getUserManager ( ) : IUserManager
init ( $config ) Initializes this module.
leave ( $sender, $param ) Performs login redirect if authorization fails.
login ( $username, $password, $expire ) : boolean Logs in a user with username and password.
logout ( ) Logs out a user.
onAuthExpire ( $param ) Performs user logout on authentication expiration.
onAuthenticate ( $param ) Performs the real authentication work.
onAuthorize ( $param ) Performs the real authorization work.
setAllowAutoLogin ( $value )
setAuthExpire ( $value )
setLoginPage ( $pagePath ) Sets the login page that the client browser will be redirected to if login is needed.
setReturnUrl ( $value ) Sets the URL that the browser should be redirected to when login succeeds.
setReturnUrlVarName ( $value )
setUserManager ( $provider )
switchUser ( $username ) : boolean Switches to a new user.
updateSessionUser ( $user ) Updates the user data stored in session.

Защищенные методы

Метод Описание
generateUserKey ( ) : string

Описание методов

doAuthentication() публичный Метод

This is the event handler attached to application's Authentication event. Do not call this method directly.
public doAuthentication ( $sender, $param )

doAuthorization() публичный Метод

This is the event handler attached to application's Authorization event. Do not call this method directly.
public doAuthorization ( $sender, $param )

generateUserKey() защищенный Метод

С версии: 3.1.1
protected generateUserKey ( ) : string
Результат string a key used to store user information in session

getAllowAutoLogin() публичный Метод

С версии: 3.1.1
public getAllowAutoLogin ( ) : boolean
Результат boolean whether to allow remembering login so that the user logs on automatically next time. Defaults to false.

getAuthExpire() публичный Метод

С версии: 3.1.3
public getAuthExpire ( ) : integer
Результат integer authentication expiration time in seconds. Defaults to zero (no expiration).

getLoginPage() публичный Метод

public getLoginPage ( ) : string
Результат string path of login page should login is required

getReturnUrl() публичный Метод

public getReturnUrl ( ) : string
Результат string URL that the browser should be redirected to when login succeeds.

getReturnUrlVarName() публичный Метод

public getReturnUrlVarName ( ) : string
Результат string the name of the session variable storing return URL. It defaults to 'AppID:ReturnUrl'

getUserKey() публичный Метод

С версии: 3.1.1
public getUserKey ( ) : string
Результат string a unique variable name for storing user session/cookie data

getUserManager() публичный Метод

public getUserManager ( ) : IUserManager
Результат IUserManager user manager instance

init() публичный Метод

This method is required by the IModule interface.
public init ( $config )

leave() публичный Метод

This is the event handler attached to application's EndRequest event. Do not call this method directly.
public leave ( $sender, $param )

login() публичный Метод

The username and password will be used to validate if login is successful. If yes, a user object will be created for the application.
public login ( $username, $password, $expire ) : boolean
Результат boolean if login is successful

logout() публичный Метод

User session will be destroyed after this method is called.
public logout ( )

onAuthExpire() публичный Метод

An 'OnAuthExpire' event will be raised if there is any handler attached to it.
public onAuthExpire ( $param )

onAuthenticate() публичный Метод

An OnAuthenticate event will be raised if there is any handler attached to it. If the application already has a non-null user, it will return without further authentication. Otherwise, user information will be restored from session data.
public onAuthenticate ( $param )

onAuthorize() публичный Метод

Authorization rules obtained from the application will be used to check if a user is allowed. If authorization fails, the response status code will be set as 401 and the application terminates.
public onAuthorize ( $param )

setAllowAutoLogin() публичный Метод

С версии: 3.1.1
public setAllowAutoLogin ( $value )

setAuthExpire() публичный Метод

С версии: 3.1.3
public setAuthExpire ( $value )

setLoginPage() публичный Метод

Login page should be specified in the format of page path.
См. также: TPageService
public setLoginPage ( $pagePath )

setReturnUrl() публичный Метод

Sets the URL that the browser should be redirected to when login succeeds.
public setReturnUrl ( $value )

setReturnUrlVarName() публичный Метод

public setReturnUrlVarName ( $value )

setUserManager() публичный Метод

public setUserManager ( $provider )

switchUser() публичный Метод

This method will logout the current user first and login with a new one (without password.)
public switchUser ( $username ) : boolean
Результат boolean if the switch is successful

updateSessionUser() публичный Метод

Updates the user data stored in session.
public updateSessionUser ( $user )