1: <?php
  2: /**
  3:  * PHP 5
  4:  *
  5:  * CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
  6:  * Copyright 2005-2011, Cake Software Foundation, Inc. (http://cakefoundation.org)
  7:  *
  8:  * Licensed under The MIT License
  9:  * Redistributions of files must retain the above copyright notice.
 10:  *
 11:  * @copyright     Copyright 2005-2011, Cake Software Foundation, Inc. (http://cakefoundation.org)
 12:  * @link          http://cakephp.org CakePHP(tm) Project
 13:  * @license       MIT License (http://www.opensource.org/licenses/mit-license.php)
 14:  */
 15: 
 16: App::uses('Security', 'Utility');
 17: 
 18: /**
 19:  * Base Authentication class with common methods and properties.
 20:  *
 21:  * @package       Cake.Controller.Component.Auth
 22:  */
 23: abstract class BaseAuthenticate {
 24: 
 25: /**
 26:  * Settings for this object.
 27:  *
 28:  * - `fields` The fields to use to identify a user by.
 29:  * - `userModel` The model name of the User, defaults to User.
 30:  * - `scope` Additional conditions to use when looking up and authenticating users,
 31:  *    i.e. `array('User.is_active' => 1).`
 32:  *
 33:  * @var array
 34:  */
 35:     public $settings = array(
 36:         'fields' => array(
 37:             'username' => 'username',
 38:             'password' => 'password'
 39:         ),
 40:         'userModel' => 'User',
 41:         'scope' => array()
 42:     );
 43: 
 44: /**
 45:  * A Component collection, used to get more components.
 46:  *
 47:  * @var ComponentCollection
 48:  */
 49:     protected $_Collection;
 50: 
 51: /**
 52:  * Constructor
 53:  *
 54:  * @param ComponentCollection $collection The Component collection used on this request.
 55:  * @param array $settings Array of settings to use.
 56:  */
 57:     public function __construct(ComponentCollection $collection, $settings) {
 58:         $this->_Collection = $collection;
 59:         $this->settings = Set::merge($this->settings, $settings);
 60:     }
 61: 
 62: /**
 63:  * Find a user record using the standard options.
 64:  *
 65:  * @param string $username The username/identifier.
 66:  * @param string $password The unhashed password.
 67:  * @return Mixed Either false on failure, or an array of user data.
 68:  */
 69:     protected function _findUser($username, $password) {
 70:         $userModel = $this->settings['userModel'];
 71:         list($plugin, $model) = pluginSplit($userModel);
 72:         $fields = $this->settings['fields'];
 73: 
 74:         $conditions = array(
 75:             $model . '.' . $fields['username'] => $username,
 76:             $model . '.' . $fields['password'] => $this->_password($password),
 77:         );
 78:         if (!empty($this->settings['scope'])) {
 79:             $conditions = array_merge($conditions, $this->settings['scope']);
 80:         }
 81:         $result = ClassRegistry::init($userModel)->find('first', array(
 82:             'conditions' => $conditions,
 83:             'recursive' => 0
 84:         ));
 85:         if (empty($result) || empty($result[$model])) {
 86:             return false;
 87:         }
 88:         unset($result[$model][$fields['password']]);
 89:         return $result[$model];
 90:     }
 91: 
 92: /**
 93:  * Hash the plain text password so that it matches the hashed/encrypted password
 94:  * in the datasource.
 95:  *
 96:  * @param string $password The plain text password.
 97:  * @return string The hashed form of the password.
 98:  */
 99:     protected function _password($password) {
100:         return Security::hash($password, null, true);
101:     }
102: 
103: /**
104:  * Authenticate a user based on the request information.
105:  *
106:  * @param CakeRequest $request Request to get authentication information from.
107:  * @param CakeResponse $response A response object that can have headers added.
108:  * @return mixed Either false on failure, or an array of user data on success.
109:  */
110:     abstract public function authenticate(CakeRequest $request, CakeResponse $response);
111: 
112: /**
113:  * Allows you to hook into AuthComponent::logout(),
114:  * and implement specialized logout behavior.
115:  *
116:  * All attached authentication objects will have this method
117:  * called when a user logs out.
118:  *
119:  * @param array $user The user about to be logged out.
120:  * @return void
121:  */
122:     public function logout($user) { }
123: 
124: /**
125:  * Get a user based on information in the request.  Primarily used by stateless authentication
126:  * systems like basic and digest auth.
127:  *
128:  * @param CakeRequest $request Request object.
129:  * @return mixed Either false or an array of user information
130:  */
131:     public function getUser($request) {
132:         return false;
133:     }
134: }
135: