1: <?php
2: /**
3: * PHP 5
4: *
5: * CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
6: * Copyright 2005-2011, Cake Software Foundation, Inc. (http://cakefoundation.org)
7: *
8: * Licensed under The MIT License
9: * Redistributions of files must retain the above copyright notice.
10: *
11: * @copyright Copyright 2005-2011, Cake Software Foundation, Inc. (http://cakefoundation.org)
12: * @link http://cakephp.org CakePHP(tm) Project
13: * @license MIT License (http://www.opensource.org/licenses/mit-license.php)
14: */
15:
16: App::uses('BaseAuthenticate', 'Controller/Component/Auth');
17:
18: /**
19: * Basic Authentication adapter for AuthComponent.
20: *
21: * Provides Basic HTTP authentication support for AuthComponent. Basic Auth will authenticate users
22: * against the configured userModel and verify the username and passwords match. Clients using Basic Authentication
23: * must support cookies. Since AuthComponent identifies users based on Session contents, clients using Basic
24: * Auth must support cookies.
25: *
26: * ### Using Basic auth
27: *
28: * In your controller's components array, add auth + the required settings.
29: * {{{
30: * public $components = array(
31: * 'Auth' => array(
32: * 'authenticate' => array('Basic')
33: * )
34: * );
35: * }}}
36: *
37: * In your login function just call `$this->Auth->login()` without any checks for POST data. This
38: * will send the authentication headers, and trigger the login dialog in the browser/client.
39: *
40: * @package Cake.Controller.Component.Auth
41: * @since 2.0
42: */
43: class BasicAuthenticate extends BaseAuthenticate {
44: /**
45: * Settings for this object.
46: *
47: * - `fields` The fields to use to identify a user by.
48: * - `userModel` The model name of the User, defaults to User.
49: * - `scope` Additional conditions to use when looking up and authenticating users,
50: * i.e. `array('User.is_active' => 1).`
51: * - `realm` The realm authentication is for. Defaults the server name.
52: *
53: * @var array
54: */
55: public $settings = array(
56: 'fields' => array(
57: 'username' => 'username',
58: 'password' => 'password'
59: ),
60: 'userModel' => 'User',
61: 'scope' => array(),
62: 'realm' => '',
63: );
64:
65: /**
66: * Constructor, completes configuration for basic authentication.
67: *
68: * @param ComponentCollection $collection The Component collection used on this request.
69: * @param array $settings An array of settings.
70: */
71: public function __construct(ComponentCollection $collection, $settings) {
72: parent::__construct($collection, $settings);
73: if (empty($this->settings['realm'])) {
74: $this->settings['realm'] = env('SERVER_NAME');
75: }
76: }
77:
78: /**
79: * Authenticate a user using basic HTTP auth. Will use the configured User model and attempt a
80: * login using basic HTTP auth.
81: *
82: * @param CakeRequest $request The request to authenticate with.
83: * @param CakeResponse $response The response to add headers to.
84: * @return mixed Either false on failure, or an array of user data on success.
85: */
86: public function authenticate(CakeRequest $request, CakeResponse $response) {
87: $result = $this->getUser($request);
88:
89: if (empty($result)) {
90: $response->header($this->loginHeaders());
91: $response->statusCode(401);
92: $response->send();
93: return false;
94: }
95: return $result;
96: }
97:
98: /**
99: * Get a user based on information in the request. Used by cookie-less auth for stateless clients.
100: *
101: * @param CakeRequest $request Request object.
102: * @return mixed Either false or an array of user information
103: */
104: public function getUser($request) {
105: $username = env('PHP_AUTH_USER');
106: $pass = env('PHP_AUTH_PW');
107:
108: if (empty($username) || empty($pass)) {
109: return false;
110: }
111: return $this->_findUser($username, $pass);
112: }
113:
114: /**
115: * Generate the login headers
116: *
117: * @return string Headers for logging in.
118: */
119: public function loginHeaders() {
120: return sprintf('WWW-Authenticate: Basic realm="%s"', $this->settings['realm']);
121: }
122: }