CakePHP
  • Documentation
    • Book
    • API
    • Videos
    • Reporting Security Issues
    • Privacy Policy
    • Logos & Trademarks
  • Business Solutions
  • Swag
  • Road Trip
  • Team
  • Community
    • Community
    • Get Involved
    • Issues (GitHub)
    • Bakery
    • Featured Resources
    • Training
    • Meetups
    • My CakePHP
    • CakeFest
    • Newsletter
    • Linkedin
    • YouTube
    • Facebook
    • Twitter
    • Mastodon
    • Help & Support
    • Forum
    • Stack Overflow
    • Slack
    • Paid Support
CakePHP

C CakePHP 1.2 API

  • Overview
  • Tree
  • Deprecated
  • Version:
    • 1.2
      • 4.2
      • 4.1
      • 4.0
      • 3.9
      • 3.8
      • 3.7
      • 3.6
      • 3.5
      • 3.4
      • 3.3
      • 3.2
      • 3.1
      • 3.0
      • 2.10
      • 2.9
      • 2.8
      • 2.7
      • 2.6
      • 2.5
      • 2.4
      • 2.3
      • 2.2
      • 2.1
      • 2.0
      • 1.3
      • 1.2

Classes

  • AclBase
  • AclBehavior
  • AclComponent
  • AclNode
  • AclShell
  • Aco
  • AcoAction
  • AjaxHelper
  • ApcEngine
  • ApiShell
  • App
  • AppController
  • AppHelper
  • AppModel
  • Aro
  • AuthComponent
  • BakeShell
  • BehaviorCollection
  • Cache
  • CacheEngine
  • CacheHelper
  • CakeErrorController
  • CakeLog
  • CakeSchema
  • CakeSession
  • CakeSocket
  • ClassRegistry
  • Component
  • Configure
  • ConnectionManager
  • ConsoleShell
  • ContainableBehavior
  • Controller
  • ControllerTask
  • CookieComponent
  • DataSource
  • DbAcl
  • DbAclSchema
  • DbConfigTask
  • DboAdodb
  • DboDb2
  • DboFirebird
  • DboMssql
  • DboMysql
  • DboMysqlBase
  • DboMysqli
  • DboOdbc
  • DboOracle
  • DboPostgres
  • DboSource
  • DboSqlite
  • DboSybase
  • Debugger
  • EmailComponent
  • ErrorHandler
  • ExtractTask
  • File
  • FileEngine
  • Flay
  • Folder
  • FormHelper
  • Helper
  • HtmlHelper
  • HttpSocket
  • I18n
  • I18nModel
  • i18nSchema
  • I18nShell
  • Inflector
  • IniAcl
  • JavascriptHelper
  • JsHelper
  • JsHelperObject
  • L10n
  • MagicDb
  • MagicFileResource
  • MediaView
  • MemcacheEngine
  • Model
  • ModelBehavior
  • ModelTask
  • Multibyte
  • NumberHelper
  • Object
  • Overloadable
  • Overloadable2
  • PagesController
  • PaginatorHelper
  • Permission
  • PluginTask
  • ProjectTask
  • RequestHandlerComponent
  • Router
  • RssHelper
  • Sanitize
  • Scaffold
  • ScaffoldView
  • SchemaShell
  • Security
  • SecurityComponent
  • SessionComponent
  • SessionHelper
  • SessionsSchema
  • Set
  • Shell
  • String
  • TestSuiteShell
  • TestTask
  • TextHelper
  • ThemeView
  • TimeHelper
  • TranslateBehavior
  • TreeBehavior
  • Validation
  • View
  • ViewTask
  • XcacheEngine
  • Xml
  • XmlElement
  • XmlHelper
  • XmlManager
  • XmlNode
  • XmlTextNode

Functions

  • __enclose
  • make_clean_css
  • mb_encode_mimeheader
  • mb_stripos
  • mb_stristr
  • mb_strlen
  • mb_strpos
  • mb_strrchr
  • mb_strrichr
  • mb_strripos
  • mb_strrpos
  • mb_strstr
  • mb_strtolower
  • mb_strtoupper
  • mb_substr
  • mb_substr_count
  • write_css_cache

Class AuthComponent

Authentication control component class

Binds access control with user authentication and session management.

Object
Extended by AuthComponent
Package: cake\cake\libs\controller\components
Copyright: Copyright 2005-2012, Cake Software Foundation, Inc. (http://cakefoundation.org)
License: The MIT License
Location: controller/components/auth.php

Properties summary

  • $_loggedIn public
    boolean
    Maintains current user login state.
  • $_methods public
    array
    Method list for bound controller
  • $actionMap public
    array
    Maps actions to CRUD operations. Used for controller-based validation ($validate = 'controller').
  • $actionPath public
    string

    If using action-based access control, this defines how the paths to action ACO nodes is computed. If, for example, all controller nodes are nested under an ACO node named 'Controllers', $actionPath should be set to "Controllers/".

  • $ajaxLogin public
    string

    The name of an optional view element to render when an Ajax request is made with an invalid or expired session

  • $allowedActions public
    array
    Controller actions for which user validation is not required.
  • $authError public
    string

    Error to display when user attempts to access an object or action to which they do not have acccess.

  • $authenticate public
    object
    A reference to the object used for authentication
  • $authorize public
    mixed

    The name of the component to use for Authorization or set this to 'controller' will validate against Controller::isAuthorized() 'actions' will validate Controller::action against an AclComponent::check() 'crud' will validate mapActions against an AclComponent::check() array('model'=> 'name'); will validate mapActions against model $name::isAuthorized(user, controller, mapAction) 'object' will validate Controller::action against object::isAuthorized(user, controller, action)

  • $autoRedirect public
    boolean
    Determines whether AuthComponent will automatically redirect and exit if login is successful.
  • $components public
    array
    Other components utilized by AuthComponent
  • $data public
    array
    Form data from Controller::$data
  • $fields public
    array

    Allows you to specify non-default login name and password fields used in $userModel, i.e. array('username' => 'login_name', 'password' => 'passwd').

  • $loginAction public
    mixed

    A URL (defined as a string or array) to the controller action that handles logins.

  • $loginError public
    string

    Error to display when user login fails. For security purposes, only one error is used for all login failures, so as not to expose information on why the login failed.

  • $loginRedirect public
    mixed

    Normally, if a user is redirected to the $loginAction page, the location they were redirected from will be stored in the session so that they can be redirected back after a successful login. If this session value is not set, the user will be redirected to the page specified in $loginRedirect.

  • $logoutRedirect public
    mixed

    The the default action to redirect to after the user is logged out. While AuthComponent does not handle post-logout redirection, a redirect URL will be returned from AuthComponent::logout(). Defaults to AuthComponent::$loginAction.

  • $object public
    string
    The name of model or model object, or any other object has an isAuthorized method.
  • $params public
    array
    Parameter data from Controller::$params
  • $sessionKey public
    string

    The session key name where the record of the current user is stored. If unspecified, it will be "Auth.{$userModel name}".

  • $userModel public
    string
    The name of the model that represents users which will be authenticated. Defaults to 'User'.
  • $userScope public
    array

    Additional query conditions to use when looking up and authenticating users, i.e. array('User.is_active' => 1).

Inherited Properties

  • _log

Method Summary

  • __authType() public
    Get authorization type
  • __setDefaults() public

    Attempts to introspect the correct values for object properties including $userModel and $sessionKey.

  • action() public
    Returns the path to the ACO node bound to a controller/action.
  • allow() public

    Takes a list of actions in the current controller for which authentication is not required, or no parameters to allow all actions.

  • deny() public
    Removes items from the list of allowed actions.
  • getModel() public

    Returns a reference to the model object specified, and attempts to load it if it is not found.

  • hashPasswords() public
    Hash any passwords found in $data using $userModel and $fields['password']
  • identify() public
    Identifies a user based on specific criteria.
  • initialize() public
    Initializes AuthComponent for use in the controller
  • isAuthorized() public

    Determines whether the given user is authorized to perform an action. The type of authorization used is based on the value of AuthComponent::$authorize or the passed $type param.

  • login() public

    Manually log-in a user with the given parameter data. The $data provided can be any data structure used to identify a user in AuthComponent::identify(). If $data is empty or not specified, POST data from Controller::$data will be used automatically.

  • logout() public
    Logs a user out, and returns the login action to redirect to.
  • mapActions() public
    Maps action names to CRUD operations. Used for controller-based authentication.
  • password() public
    Hash a password with the application's salt value (as defined with Configure::write('Security.salt');
  • redirect() public
    If no parameter is passed, gets the authentication redirect URL.
  • shutdown() public
    Component shutdown. If user is logged in, wipe out redirect.
  • startup() public

    Main execution method. Handles redirecting of invalid users, and processing of login form data.

  • user() public
    Get the current user from the session.
  • validate() public
    Validates a user against an abstract object.

Method Detail

__authType() public ¶

__authType( string $auth = null )

Get authorization type

Parameters
string $auth optional null
Type of authorization
Returns
array
Associative array with: type, object

__setDefaults() public ¶

__setDefaults( object $controller ,… )

Attempts to introspect the correct values for object properties including $userModel and $sessionKey.

Parameters
object $controller ,…
A reference to the instantiating controller object
Returns
boolean

action() public ¶

action( string $action = ':controller/:action' )

Returns the path to the ACO node bound to a controller/action.

Parameters
string $action optional ':controller/:action'

Optional. The controller/action path to validate the user against. The current request action is used if none is specified.

Returns
boolean
ACO node path

allow() public ¶

allow( string $action ,…, string $action ,… )

Takes a list of actions in the current controller for which authentication is not required, or no parameters to allow all actions.

Parameters
string $action ,…
Controller action name
string $action ,…
Controller action name

deny() public ¶

deny( string $action ,…, string $action ,… )

Removes items from the list of allowed actions.

Parameters
string $action ,…
Controller action name
string $action ,…
Controller action name
See
AuthComponent::allow()

getModel() public ¶

getModel( string $name = null )

Returns a reference to the model object specified, and attempts to load it if it is not found.

Parameters
string $name optional null
Model name (defaults to AuthComponent::$userModel)
Returns
object
A reference to a model object

hashPasswords() public ¶

hashPasswords( array $data )

Hash any passwords found in $data using $userModel and $fields['password']

Parameters
array $data
Set of data to look for passwords
Returns
array
Data with passwords hashed

identify() public ¶

identify( mixed $user = null , array $conditions = null )

Identifies a user based on specific criteria.

Parameters
mixed $user optional null

Optional. The identity of the user to be validated. Uses the current user session if none specified.

array $conditions optional null
Optional. Additional conditions to a find.
Returns
array
User record data, or null, if the user could not be identified.

initialize() public ¶

initialize( object $controller )

Initializes AuthComponent for use in the controller

Parameters
object $controller
A reference to the instantiating controller object

isAuthorized() public ¶

isAuthorized( string $type = null , mixed $object = null , mixed $user = null )

Determines whether the given user is authorized to perform an action. The type of authorization used is based on the value of AuthComponent::$authorize or the passed $type param.

Types: 'controller' will validate against Controller::isAuthorized() if controller instance is passed in $object 'actions' will validate Controller::action against an AclComponent::check() 'crud' will validate mapActions against an AclComponent::check() array('model'=> 'name'); will validate mapActions against model $name::isAuthorized(user, controller, mapAction) 'object' will validate Controller::action against object::isAuthorized(user, controller, action)

Parameters
string $type optional null
Type of authorization
mixed $object optional null
object, model object, or model name
mixed $user optional null
The user to check the authorization of
Returns
boolean
True if $user is authorized, otherwise false

login() public ¶

login( mixed $data = null )

Manually log-in a user with the given parameter data. The $data provided can be any data structure used to identify a user in AuthComponent::identify(). If $data is empty or not specified, POST data from Controller::$data will be used automatically.

After (if) login is successful, the user record is written to the session key specified in AuthComponent::$sessionKey.

Parameters
mixed $data optional null
User object
Returns
boolean
True on login success, false on failure

logout() public ¶

logout( mixed $url ,… )

Logs a user out, and returns the login action to redirect to.

Parameters
mixed $url ,…
Optional URL to redirect the user to after logout
Returns
string
AuthComponent::$loginAction
See
AuthComponent::$loginAction

mapActions() public ¶

mapActions( array $map = array() )

Maps action names to CRUD operations. Used for controller-based authentication.

Parameters
array $map optional array()
Actions to map

password() public ¶

password( string $password )

Hash a password with the application's salt value (as defined with Configure::write('Security.salt');

Parameters
string $password
Password to hash
Returns
string
Hashed password

redirect() public ¶

redirect( mixed $url = null )

If no parameter is passed, gets the authentication redirect URL.

Parameters
mixed $url optional null
Optional URL to write as the login redirect URL.
Returns
string
Redirect URL

shutdown() public ¶

shutdown( object $controller )

Component shutdown. If user is logged in, wipe out redirect.

Parameters
object $controller
Instantiating controller

startup() public ¶

startup( object $controller )

Main execution method. Handles redirecting of invalid users, and processing of login form data.

Parameters
object $controller
A reference to the instantiating controller object
Returns
boolean

user() public ¶

user( string $key = null )

Get the current user from the session.

Parameters
string $key optional null
field to retrive. Leave null to get entire User record
Returns
mixed
User record. or null if no user is logged in.

validate() public ¶

validate( mixed $object , mixed $user = null , string $action = null )

Validates a user against an abstract object.

Parameters
mixed $object
The object to validate the user against.
mixed $user optional null

Optional. The identity of the user to be validated. Uses the current user session if none specified. For valid forms of identifying users, see AuthComponent::identify().

string $action optional null
Optional. The action to validate against.
Returns
boolean
True if the user validates, false otherwise.
See
AuthComponent::identify()

Methods inherited from Object

Object() public ¶

Object( )

A hack to support __construct() on PHP 4 Hint: descendant classes have no PHP4 class_name() constructors, so this constructor gets called first and calls the top-layer __construct() which (if present) should call parent::__construct()

Returns
Object

__construct() public ¶

__construct( )

Class constructor, overridden in descendant classes.

__openPersistent() public ¶

__openPersistent( string $name , string $type = null )

Open the persistent class file for reading Used by Object::_persist()

Parameters
string $name
Name of persisted class
string $type optional null
Type of persistance (e.g: registry)

_persist() public ¶

_persist( string $name , string $return , $object , $type = null )

Checks for a persistent class file, if found file is opened and true returned If file is not found a file is created and false returned If used in other locations of the model you should choose a unique name for the persistent file There are many uses for this method, see manual for examples

Parameters
string $name
name of the class to persist
string $return
$object the object to persist
$object
$type optional null
Returns
boolean
Success

_savePersistent() public ¶

_savePersistent( string $name , object $object )

You should choose a unique name for the persistent file

There are many uses for this method, see manual for examples

Parameters
string $name
name used for object to cache
object $object
the object to persist
Returns
boolean
true on save, throws error if file can not be created

_set() public ¶

_set( array $properties = array() )

Allows setting of multiple properties of the object in a single line of code.

Parameters
array $properties optional array()
An associative array containing properties and corresponding values.

_stop() public ¶

_stop( $status = 0 )

Stop execution of the current script

Parameters
$status optional 0
http://php.net/exit for values

cakeError() public ¶

cakeError( string $method , array $messages = array() )

Used to report user friendly errors. If there is a file app/error.php or app/app_error.php this file will be loaded error.php is the AppError class it should extend ErrorHandler class.

Parameters
string $method
Method to be called in the error class (AppError or ErrorHandler classes)
array $messages optional array()
Message that is to be displayed by the error class
Returns
error
message

dispatchMethod() public ¶

dispatchMethod( string $method , array $params = array() )

Calls a method on this object with the given parameters. Provides an OO wrapper for call_user_func_array, and improves performance by using straight method calls in most cases.

Parameters
string $method
Name of the method to call
array $params optional array()
Parameter list to use when calling $method
Returns
mixed
Returns the result of the method call

log() public ¶

log( string $msg , integer $type = LOG_ERROR )

API for logging events.

Parameters
string $msg
Log message
integer $type optional LOG_ERROR
Error type constant. Defined in app/config/core.php.
Returns
boolean
Success of log write

requestAction() public ¶

requestAction( mixed $url , array $extra = array() )

Calls a controller's method from any location.

Parameters
mixed $url
String or array-based url.
array $extra optional array()
if array includes the key "return" it sets the AutoRender to true.
Returns
mixed

Boolean true or false on success/failure, or contents of rendered action if 'return' is set in $extra.


toString() public ¶

toString( )

Object-to-string conversion. Each class can override this method as necessary.

Returns
string
The name of this class

Properties detail

$_loggedIn ¶

public boolean

Maintains current user login state.

false

$_methods ¶

public array

Method list for bound controller

array()

$actionMap ¶

public array

Maps actions to CRUD operations. Used for controller-based validation ($validate = 'controller').

See
AuthComponent::mapActions()
array(
    'index'     => 'read',
    'add'       => 'create',
    'edit'      => 'update',
    'view'      => 'read',
    'remove'    => 'delete'
)

$actionPath ¶

public string

If using action-based access control, this defines how the paths to action ACO nodes is computed. If, for example, all controller nodes are nested under an ACO node named 'Controllers', $actionPath should be set to "Controllers/".

null

$ajaxLogin ¶

public string

The name of an optional view element to render when an Ajax request is made with an invalid or expired session

null

$allowedActions ¶

public array

Controller actions for which user validation is not required.

See
AuthComponent::allow()
array()

$authError ¶

public string

Error to display when user attempts to access an object or action to which they do not have acccess.

null

$authenticate ¶

public object

A reference to the object used for authentication

null

$authorize ¶

public mixed

The name of the component to use for Authorization or set this to 'controller' will validate against Controller::isAuthorized() 'actions' will validate Controller::action against an AclComponent::check() 'crud' will validate mapActions against an AclComponent::check() array('model'=> 'name'); will validate mapActions against model $name::isAuthorized(user, controller, mapAction) 'object' will validate Controller::action against object::isAuthorized(user, controller, action)

false

$autoRedirect ¶

public boolean

Determines whether AuthComponent will automatically redirect and exit if login is successful.

true

$components ¶

public array

Other components utilized by AuthComponent

array('Session', 'RequestHandler')

$data ¶

public array

Form data from Controller::$data

array()

$fields ¶

public array

Allows you to specify non-default login name and password fields used in $userModel, i.e. array('username' => 'login_name', 'password' => 'passwd').

array('username' => 'username', 'password' => 'password')

$loginAction ¶

public mixed

A URL (defined as a string or array) to the controller action that handles logins.

null

$loginError ¶

public string

Error to display when user login fails. For security purposes, only one error is used for all login failures, so as not to expose information on why the login failed.

null

$loginRedirect ¶

public mixed

Normally, if a user is redirected to the $loginAction page, the location they were redirected from will be stored in the session so that they can be redirected back after a successful login. If this session value is not set, the user will be redirected to the page specified in $loginRedirect.

null

$logoutRedirect ¶

public mixed

The the default action to redirect to after the user is logged out. While AuthComponent does not handle post-logout redirection, a redirect URL will be returned from AuthComponent::logout(). Defaults to AuthComponent::$loginAction.

See
AuthComponent::$loginAction
AuthComponent::logout()
null

$object ¶

public string

The name of model or model object, or any other object has an isAuthorized method.

null

$params ¶

public array

Parameter data from Controller::$params

array()

$sessionKey ¶

public string

The session key name where the record of the current user is stored. If unspecified, it will be "Auth.{$userModel name}".

null

$userModel ¶

public string

The name of the model that represents users which will be authenticated. Defaults to 'User'.

'User'

$userScope ¶

public array

Additional query conditions to use when looking up and authenticating users, i.e. array('User.is_active' => 1).

array()
OpenHub
Rackspace
Rackspace
  • Business Solutions
  • Showcase
  • Documentation
  • Book
  • API
  • Videos
  • Reporting Security Issues
  • Privacy Policy
  • Logos & Trademarks
  • Community
  • Get Involved
  • Issues (GitHub)
  • Bakery
  • Featured Resources
  • Training
  • Meetups
  • My CakePHP
  • CakeFest
  • Newsletter
  • Linkedin
  • YouTube
  • Facebook
  • Twitter
  • Mastodon
  • Help & Support
  • Forum
  • Stack Overflow
  • Slack
  • Paid Support

Generated using CakePHP API Docs