1: <?php
  2: /**
  3:  * PHP 5
  4:  *
  5:  * CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
  6:  * Copyright 2005-2012, Cake Software Foundation, Inc. (http://cakefoundation.org)
  7:  *
  8:  * Licensed under The MIT License
  9:  * Redistributions of files must retain the above copyright notice.
 10:  *
 11:  * @copyright     Copyright 2005-2012, Cake Software Foundation, Inc. (http://cakefoundation.org)
 12:  * @link          http://cakephp.org CakePHP(tm) Project
 13:  * @license       MIT License (http://www.opensource.org/licenses/mit-license.php)
 14:  */
 15: 
 16: App::uses('Security', 'Utility');
 17: 
 18: /**
 19:  * Base Authentication class with common methods and properties.
 20:  *
 21:  * @package       Cake.Controller.Component.Auth
 22:  */
 23: abstract class BaseAuthenticate {
 24: 
 25: /**
 26:  * Settings for this object.
 27:  *
 28:  * - `fields` The fields to use to identify a user by.
 29:  * - `userModel` The model name of the User, defaults to User.
 30:  * - `scope` Additional conditions to use when looking up and authenticating users,
 31:  *    i.e. `array('User.is_active' => 1).`
 32:  * - `recursive` The value of the recursive key passed to find(). Defaults to 0.
 33:  *
 34:  * @var array
 35:  */
 36:     public $settings = array(
 37:         'fields' => array(
 38:             'username' => 'username',
 39:             'password' => 'password'
 40:         ),
 41:         'userModel' => 'User',
 42:         'scope' => array(),
 43:         'recursive' => 0
 44:     );
 45: 
 46: /**
 47:  * A Component collection, used to get more components.
 48:  *
 49:  * @var ComponentCollection
 50:  */
 51:     protected $_Collection;
 52: 
 53: /**
 54:  * Constructor
 55:  *
 56:  * @param ComponentCollection $collection The Component collection used on this request.
 57:  * @param array $settings Array of settings to use.
 58:  */
 59:     public function __construct(ComponentCollection $collection, $settings) {
 60:         $this->_Collection = $collection;
 61:         $this->settings = Set::merge($this->settings, $settings);
 62:     }
 63: 
 64: /**
 65:  * Find a user record using the standard options.
 66:  *
 67:  * @param string $username The username/identifier.
 68:  * @param string $password The unhashed password.
 69:  * @return Mixed Either false on failure, or an array of user data.
 70:  */
 71:     protected function _findUser($username, $password) {
 72:         $userModel = $this->settings['userModel'];
 73:         list($plugin, $model) = pluginSplit($userModel);
 74:         $fields = $this->settings['fields'];
 75: 
 76:         $conditions = array(
 77:             $model . '.' . $fields['username'] => $username,
 78:             $model . '.' . $fields['password'] => $this->_password($password),
 79:         );
 80:         if (!empty($this->settings['scope'])) {
 81:             $conditions = array_merge($conditions, $this->settings['scope']);
 82:         }
 83:         $result = ClassRegistry::init($userModel)->find('first', array(
 84:             'conditions' => $conditions,
 85:             'recursive' => (int)$this->settings['recursive']
 86:         ));
 87:         if (empty($result) || empty($result[$model])) {
 88:             return false;
 89:         }
 90:         unset($result[$model][$fields['password']]);
 91:         return $result[$model];
 92:     }
 93: 
 94: /**
 95:  * Hash the plain text password so that it matches the hashed/encrypted password
 96:  * in the datasource.
 97:  *
 98:  * @param string $password The plain text password.
 99:  * @return string The hashed form of the password.
100:  */
101:     protected function _password($password) {
102:         return Security::hash($password, null, true);
103:     }
104: 
105: /**
106:  * Authenticate a user based on the request information.
107:  *
108:  * @param CakeRequest $request Request to get authentication information from.
109:  * @param CakeResponse $response A response object that can have headers added.
110:  * @return mixed Either false on failure, or an array of user data on success.
111:  */
112:     abstract public function authenticate(CakeRequest $request, CakeResponse $response);
113: 
114: /**
115:  * Allows you to hook into AuthComponent::logout(),
116:  * and implement specialized logout behavior.
117:  *
118:  * All attached authentication objects will have this method
119:  * called when a user logs out.
120:  *
121:  * @param array $user The user about to be logged out.
122:  * @return void
123:  */
124:     public function logout($user) {
125:     }
126: 
127: /**
128:  * Get a user based on information in the request.  Primarily used by stateless authentication
129:  * systems like basic and digest auth.
130:  *
131:  * @param CakeRequest $request Request object.
132:  * @return mixed Either false or an array of user information
133:  */
134:     public function getUser($request) {
135:         return false;
136:     }
137: 
138: }
139: