PHP Class lithium\security\auth\adapter\Http
By default, the adapter uses Http Digest based authentication.
Auth::config(array('name' => array('adapter' => 'Http', 'users' => array('gwoo' => 'li3'))))
To use Basic authentication, set the
method to basic.
Auth::config(array('name' => array(
'adapter' => 'Http', 'users' => array('gwoo' => 'li3'),
'method' => 'basic'
)))
When running PHP as a CGI/FCGI PHP doesn't automatically parse the authorization
header into
PHP_AUTH_* headers. Lithium will work arround this issue by looking for
a
HTTP_AUTHORIZATION header instead. When using PHP as a CGI/FCGI in combination
with Apache you must additionally add the following rewrite rule to your configuration
in order to make the header available so Lithium can pick it up:
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
显示文件
Open project: unionofrad/lithium
Protected Properties
Property |
Type |
Description |
|
$_classes |
|
Dynamic class dependencies. |
|
Public Methods
Method |
Description |
|
__construct ( array $config = [] ) : void |
Constructor. |
|
check ( object $request, array $options = [] ) : array |
Called by the Auth class to run an authentication check against the HTTP data using the
credentials in a data container (a Request object), and returns an array of user
information on success, or false on failure. |
|
clear ( array $options = [] ) : void |
Called by Auth when a user session is terminated. Not implemented in the Form adapter. |
|
set ( array $data, array $options = [] ) : array |
A pass-through method called by Auth. Returns the value of $data, which is written to
a user's session. When implementing a custom adapter, this method may be used to modify or
reject data before it is written to the session. |
|
Protected Methods
Method |
Description |
|
_basic ( Request $request ) : void | array |
Handler for HTTP Basic Authentication |
|
_digest ( Request $request ) : boolean | array |
Handler for HTTP Digest Authentication |
|
_writeHeader ( string $string ) : void |
Helper method for writing headers. Mainly used to override the output while testing. |
|
Method Details
__construct()
public method
public __construct ( array $config = [] ) : void |
$config |
array |
- `'method'`: default: `digest` options: `basic|digest`
- `'realm'`: default: `Protected by Lithium`
- `'users'`: the users to permit. key => value pair of username => password |
return |
void |
|
_basic()
protected method
Handler for HTTP Basic Authentication
_digest()
protected method
Handler for HTTP Digest Authentication
Called by the Auth class to run an authentication check against the HTTP data using the
credentials in a data container (a Request object), and returns an array of user
information on success, or false on failure.
public check ( object $request, array $options = [] ) : array |
$request |
object |
A env container which wraps the authentication credentials used
by HTTP (usually a `Request` object). See the documentation for this
class for further details. |
$options |
array |
Additional configuration options. Not currently implemented in this
adapter. |
return |
array |
Returns an array containing user information on success, or `false` on failure. |
Called by Auth when a user session is terminated. Not implemented in the Form adapter.
public clear ( array $options = [] ) : void |
$options |
array |
Adapter-specific options. Not implemented in the `Form` adapter. |
return |
void |
|
A pass-through method called by Auth. Returns the value of $data, which is written to
a user's session. When implementing a custom adapter, this method may be used to modify or
reject data before it is written to the session.
public set ( array $data, array $options = [] ) : array |
$data |
array |
User data to be written to the session. |
$options |
array |
Adapter-specific options. Not implemented in the `Form` adapter. |
return |
array |
Returns the value of `$data`. |
Property Details
$_classes protected_oe property
Dynamic class dependencies.