CakePHP: the rapid development php framework: Api : AuthComponent

AuthComponent Class Info:

Class Declaration:

class AuthComponent extends Object

File name:

cake/libs/controller/components/auth.php

Description:

Authentication control component class

Binds access control with user authentication and session management.

Class Inheritance

Object

Package: cake
Subpackage: cake.cake.libs.controller.components
Link: http://book.cakephp.org/view/1250/Authentication

Properties:

Show/Hide parent properties

actionMap array

Maps actions to CRUD operations. Used for controller-based validation ($validate = 'controller').
actionPath string

If using action-based access control, this defines how the paths to action ACO nodes is computed. If, for example, all controller nodes are nested under an ACO node named 'Controllers', $actionPath should be set to "Controllers/".
ajaxLogin string

The name of an optional view element to render when an Ajax request is made with an invalid or expired session
allowedActions array

Controller actions for which user validation is not required.
authenticate object

A reference to the object used for authentication
authError string

Error to display when user attempts to access an object or action to which they do not have acccess.
authorize mixed

The name of the component to use for Authorization or set this to 'controller' will validate against Controller::isAuthorized() 'actions' will validate Controller::action against an AclComponent::check() 'crud' will validate mapActions against an AclComponent::check() array('model'=> 'name'); will validate mapActions against model $name::isAuthorized(user, controller, mapAction) 'object' will validate Controller::action against object::isAuthorized(user, controller, action)
autoRedirect boolean

Determines whether AuthComponent will automatically redirect and exit if login is successful.
components array

Other components utilized by AuthComponent
data array

Form data from Controller::$data
fields array

Allows you to specify non-default login name and password fields used in $userModel, i.e. array('username' => 'login_name', 'password' => 'passwd').
flashElement string

The name of the element used for SessionComponent::setFlash
loginAction mixed

A URL (defined as a string or array) to the controller action that handles logins.
loginError string

Error to display when user login fails. For security purposes, only one error is used for all login failures, so as not to expose information on why the login failed.
loginRedirect mixed

Normally, if a user is redirected to the $loginAction page, the location they were redirected from will be stored in the session so that they can be redirected back after a successful login. If this session value is not set, the user will be redirected to the page specified in $loginRedirect.
logoutRedirect mixed

The the default action to redirect to after the user is logged out. While AuthComponent does not handle post-logout redirection, a redirect URL will be returned from AuthComponent::logout(). Defaults to AuthComponent::$loginAction.
_methods array

Method list for bound controller
object string

The name of model or model object, or any other object has an isAuthorized method.
params array

Parameter data from Controller::$params
sessionKey string

The session key name where the record of the current user is stored. If unspecified, it will be "Auth.{$userModel name}".
userModel string

The name of the model that represents users which will be authenticated. Defaults to 'User'.
userScope array

Additional query conditions to use when looking up and authenticating users, i.e. array('User.is_active' => 1).

Method Summary:

Show/Hide parent methods

action( $action = ':plugin/:controller/:action' )
allow( )
cakeError( $method, $messages = array ( ) )
__construct( )
deny( )
dispatchMethod( $method, $params = array ( ) )
getModel( $name = NULL )
hashPasswords( $data )
identify( $user = NULL, $conditions = NULL )
initialize( $controller, $settings = array ( ) )
isAuthorized( $type = NULL, $object = NULL, $user = NULL )
log( $msg, $type = 2 )
login( $data = NULL )
logout( )
mapActions( $map = array ( ) )
Object( )
password( $password )
_persist( $name, $return, $object, $type = NULL )
redirect( $url = NULL )
requestAction( $url, $extra = array ( ) )
_savePersistent( $name, $object )
_set( $properties = array ( ) )
shutdown( $controller )
startup( $controller )
_stop( $status = 0 )
toString( )
user( $key = NULL )
validate( $object, $user = NULL, $action = NULL )

action

top

Returns the path to the ACO node bound to a controller/action.

Parameters:

string $action optional ':plugin/:controller/:action'

Optional. The controller/action path to validate the user against. The current request action is used if none is specified.

Method defined in:

cake/libs/controller/components/auth.php on line 797

Return: boolean ACO node path
Access: public
Link: http://book.cakephp.org/view/1256/action

allow

top

Takes a list of actions in the current controller for which authentication is not required, or no parameters to allow all actions.

Method defined in:: cake/libs/controller/components/auth.php on line 611

Return: void
Access: public
Link: http://book.cakephp.org/view/1257/allow

cakeError

top

Used to report user friendly errors. If there is a file app/error.php or app/app_error.php this file will be loaded error.php is the AppError class it should extend ErrorHandler class.

Parameters:

string $method required

Method to be called in the error class (AppError or ErrorHandler classes)
array $messages optional array ( )

Message that is to be displayed by the error class

Method defined in:

cake/libs/object.php on line 187

Return: error message
Access: public

__construct

top

Class constructor, overridden in descendant classes.

Method defined in:: cake/libs/object.php on line 54

deny

top

Removes items from the list of allowed actions.

Method defined in:: cake/libs/controller/components/auth.php on line 634

Return: void
See: AuthComponent::allow()
Access: public
Link: http://book.cakephp.org/view/1258/deny

dispatchMethod

top

Calls a method on this object with the given parameters. Provides an OO wrapper for call_user_func_array

Parameters:

string $method required

Name of the method to call
array $params optional array ( )

Parameter list to use when calling $method

Method defined in:

cake/libs/object.php on line 107

Return: mixed Returns the result of the method call
Access: public

getModel

top

Returns a reference to the model object specified, and attempts to load it if it is not found.

Parameters:

string $name optional NULL

Model name (defaults to AuthComponent::$userModel)

Method defined in:

cake/libs/controller/components/auth.php on line 814

Return: object A reference to a model object
Access: public

hashPasswords

top

Hash any passwords found in $data using $userModel and $fields['password']

Parameters:

array $data required

Set of data to look for passwords

Method defined in:

cake/libs/controller/components/auth.php on line 920

Return: array Data with passwords hashed
Access: public
Link: http://book.cakephp.org/view/1259/hashPasswords

identify

top

Identifies a user based on specific criteria.

Parameters:

mixed $user optional NULL

Optional. The identity of the user to be validated. Uses the current user session if none specified.
array $conditions optional NULL

Optional. Additional conditions to a find.

Method defined in:

cake/libs/controller/components/auth.php on line 843

Return: array User record data, or null, if the user could not be identified.
Access: public

initialize

top

Initializes AuthComponent for use in the controller

Parameters:

object $controller required

A reference to the instantiating controller object
$settings optional array ( )

Method defined in:

cake/libs/controller/components/auth.php on line 272

Return: void
Access: public

isAuthorized

top

Determines whether the given user is authorized to perform an action. The type of authorization used is based on the value of AuthComponent::$authorize or the passed $type param.

Types: 'controller' will validate against Controller::isAuthorized() if controller instance is passed in $object 'actions' will validate Controller::action against an AclComponent::check() 'crud' will validate mapActions against an AclComponent::check() array('model'=> 'name'); will validate mapActions against model $name::isAuthorized(user, controller, mapAction) 'object' will validate Controller::action against object::isAuthorized(user, controller, action)

Parameters:

string $type optional NULL

Type of authorization
mixed $object optional NULL

object, model object, or model name
mixed $user optional NULL

The user to check the authorization of

Method defined in:

cake/libs/controller/components/auth.php on line 508

Return: boolean True if $user is authorized, otherwise false
Access: public

log

top

Convience method to write a message to CakeLog. See CakeLog::write() for more information on writing to logs.

Parameters:

string $msg required

Log message
integer $type optional 2

Error type constant. Defined in app/config/core.php.

Method defined in:

cake/libs/object.php on line 148

Return: boolean Success of log write
Access: public

login

top

Manually log-in a user with the given parameter data. The $data provided can be any data structure used to identify a user in AuthComponent::identify(). If $data is empty or not specified, POST data from Controller::$data will be used automatically.

After (if) login is successful, the user record is written to the session key specified in AuthComponent::$sessionKey.

Parameters:

mixed $data optional NULL

User object

Method defined in:

cake/libs/controller/components/auth.php on line 682

Return: boolean True on login success, false on failure
Access: public
Link: http://book.cakephp.org/view/1261/login

logout

top

Logs a user out, and returns the login action to redirect to.

Method defined in:: cake/libs/controller/components/auth.php on line 706

Return: string AuthComponent::$loginAction
See: AuthComponent::$loginAction
Access: public
Link: http://book.cakephp.org/view/1262/logout

mapActions

top

Maps action names to CRUD operations. Used for controller-based authentication.

Parameters:

array $map optional array ( )

Actions to map

Method defined in:

cake/libs/controller/components/auth.php on line 656

Return: void
Access: public
Link: http://book.cakephp.org/view/1260/mapActions

Object

top

A hack to support __construct() on PHP 4 Hint: descendant classes have no PHP4 class_name() constructors, so this constructor gets called first and calls the top-layer __construct() which (if present) should call parent::__construct()

Method defined in:: cake/libs/object.php on line 43

Return: Object

password

top

Hash a password with the application's salt value (as defined with Configure::write('Security.salt');

Parameters:

string $password required

Password to hash

Method defined in:

cake/libs/controller/components/auth.php on line 945

Return: string Hashed password
Access: public
Link: http://book.cakephp.org/view/1263/password

_persist

top

Checks for a persistent class file, if found file is opened and true returned If file is not found a file is created and false returned If used in other locations of the model you should choose a unique name for the persistent file There are many uses for this method, see manual for examples

Parameters:

string $name required

name of the class to persist
$return required
string $object required

the object to persist
$type optional NULL

Method defined in:

cake/libs/object.php on line 218

Return: boolean Success
Access: protected
Todo: add examples to manual

redirect

top

If no parameter is passed, gets the authentication redirect URL.

Parameters:

mixed $url optional NULL

Optional URL to write as the login redirect URL.

Method defined in:

cake/libs/controller/components/auth.php on line 747

Return: string Redirect URL
Access: public

requestAction

top

Calls a controller's method from any location. Can be used to connect controllers together or tie plugins into a main application. requestAction can be used to return rendered views or fetch the return value from controller actions.

Parameters:

mixed $url required

String or array-based url.
array $extra optional array ( )

if array includes the key "return" it sets the AutoRender to true.

Method defined in:

cake/libs/object.php on line 80

Return: mixed Boolean true or false on success/failure, or contents of rendered action if 'return' is set in $extra.
Access: public

_savePersistent

top

You should choose a unique name for the persistent file

There are many uses for this method, see manual for examples

Parameters:

string $name required

name used for object to cache
object $object required

the object to persist

Method defined in:

cake/libs/object.php on line 247

Return: boolean true on save, throws error if file can not be created
Access: protected

_set

top

Allows setting of multiple properties of the object in a single line of code. Will only set properties that are part of a class declaration.

Parameters:

array $properties optional array ( )

An associative array containing properties and corresponding values.

Method defined in:

cake/libs/object.php on line 166

Return: void
Access: protected

shutdown

top

Component shutdown. If user is logged in, wipe out redirect.

Parameters:

object $controller required

Instantiating controller

Method defined in:

cake/libs/controller/components/auth.php on line 955

Access: public

startup

top

Main execution method. Handles redirecting of invalid users, and processing of login form data.

Parameters:

object $controller required

A reference to the instantiating controller object

Method defined in:

cake/libs/controller/components/auth.php on line 309

Return: boolean
Access: public

_stop

top

Stop execution of the current script. Wraps exit() making testing easier.

Parameters:

$status optional 0

Method defined in:

cake/libs/object.php on line 135

Return: void
Access: public

toString

top

Object-to-string conversion. Each class can override this method as necessary.

Method defined in:: cake/libs/object.php on line 64

Return: string The name of this class
Access: public

user

top

Get the current user from the session.

Parameters:

string $key optional NULL

field to retrive. Leave null to get entire User record

Method defined in:

cake/libs/controller/components/auth.php on line 722

Return: mixed User record. or null if no user is logged in.
Access: public
Link: http://book.cakephp.org/view/1264/user

validate

top

Validates a user against an abstract object.

Parameters:

mixed $object required

The object to validate the user against.
mixed $user optional NULL

Optional. The identity of the user to be validated. Uses the current user session if none specified. For valid forms of identifying users, see AuthComponent::identify().
string $action optional NULL

Optional. The action to validate against.

Method defined in:

cake/libs/controller/components/auth.php on line 777

See: AuthComponent::identify()
Return: boolean True if the user validates, false otherwise.
Access: public

The API

AuthComponent Class Info:

Properties:

actionMap array

actionPath string

ajaxLogin string

allowedActions array

authenticate object

authError string

authorize mixed

autoRedirect boolean

components array

data array

fields array

flashElement string

loginAction mixed

loginError string

loginRedirect mixed

logoutRedirect mixed

_methods array

object string

params array

sessionKey string

userModel string

userScope array

Method Summary:

action

allow

cakeError

__construct

deny

dispatchMethod

getModel

hashPasswords

identify

initialize

isAuthorized

log

login

logout

mapActions

Object

password

_persist

redirect

requestAction

_savePersistent

_set

shutdown

startup

_stop

toString

user

validate

Class Index