1: <?php
  2: /**
  3:  * PHP 5
  4:  *
  5:  * CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
  6:  * Copyright 2005-2012, Cake Software Foundation, Inc. (http://cakefoundation.org)
  7:  *
  8:  * Licensed under The MIT License
  9:  * Redistributions of files must retain the above copyright notice.
 10:  *
 11:  * @copyright     Copyright 2005-2012, Cake Software Foundation, Inc. (http://cakefoundation.org)
 12:  * @link          http://cakephp.org CakePHP(tm) Project
 13:  * @license       MIT License (http://www.opensource.org/licenses/mit-license.php)
 14:  */
 15: App::uses('Security', 'Utility');
 16: App::uses('Hash', 'Utility');
 17: 
 18: /**
 19:  * Base Authentication class with common methods and properties.
 20:  *
 21:  * @package       Cake.Controller.Component.Auth
 22:  */
 23: abstract class BaseAuthenticate {
 24: 
 25: /**
 26:  * Settings for this object.
 27:  *
 28:  * - `fields` The fields to use to identify a user by.
 29:  * - `userModel` The model name of the User, defaults to User.
 30:  * - `scope` Additional conditions to use when looking up and authenticating users,
 31:  *    i.e. `array('User.is_active' => 1).`
 32:  * - `recursive` The value of the recursive key passed to find(). Defaults to 0.
 33:  * - `contain` Extra models to contain and store in session.
 34:  *
 35:  * @var array
 36:  */
 37:     public $settings = array(
 38:         'fields' => array(
 39:             'username' => 'username',
 40:             'password' => 'password'
 41:         ),
 42:         'userModel' => 'User',
 43:         'scope' => array(),
 44:         'recursive' => 0,
 45:         'contain' => null,
 46:     );
 47: 
 48: /**
 49:  * A Component collection, used to get more components.
 50:  *
 51:  * @var ComponentCollection
 52:  */
 53:     protected $_Collection;
 54: 
 55: /**
 56:  * Constructor
 57:  *
 58:  * @param ComponentCollection $collection The Component collection used on this request.
 59:  * @param array $settings Array of settings to use.
 60:  */
 61:     public function __construct(ComponentCollection $collection, $settings) {
 62:         $this->_Collection = $collection;
 63:         $this->settings = Hash::merge($this->settings, $settings);
 64:     }
 65: 
 66: /**
 67:  * Find a user record using the standard options.
 68:  *
 69:  * @param string $username The username/identifier.
 70:  * @param string $password The unhashed password.
 71:  * @return Mixed Either false on failure, or an array of user data.
 72:  */
 73:     protected function _findUser($username, $password) {
 74:         $userModel = $this->settings['userModel'];
 75:         list($plugin, $model) = pluginSplit($userModel);
 76:         $fields = $this->settings['fields'];
 77: 
 78:         $conditions = array(
 79:             $model . '.' . $fields['username'] => $username,
 80:             $model . '.' . $fields['password'] => $this->_password($password),
 81:         );
 82:         if (!empty($this->settings['scope'])) {
 83:             $conditions = array_merge($conditions, $this->settings['scope']);
 84:         }
 85:         $result = ClassRegistry::init($userModel)->find('first', array(
 86:             'conditions' => $conditions,
 87:             'recursive' => $this->settings['recursive'],
 88:             'contain' => $this->settings['contain'],
 89:         ));
 90:         if (empty($result) || empty($result[$model])) {
 91:             return false;
 92:         }
 93:         $user = $result[$model];
 94:         unset($user[$fields['password']]);
 95:         unset($result[$model]);
 96:         return array_merge($user, $result);
 97:     }
 98: 
 99: /**
100:  * Hash the plain text password so that it matches the hashed/encrypted password
101:  * in the datasource.
102:  *
103:  * @param string $password The plain text password.
104:  * @return string The hashed form of the password.
105:  */
106:     protected function _password($password) {
107:         return Security::hash($password, null, true);
108:     }
109: 
110: /**
111:  * Authenticate a user based on the request information.
112:  *
113:  * @param CakeRequest $request Request to get authentication information from.
114:  * @param CakeResponse $response A response object that can have headers added.
115:  * @return mixed Either false on failure, or an array of user data on success.
116:  */
117:     abstract public function authenticate(CakeRequest $request, CakeResponse $response);
118: 
119: /**
120:  * Allows you to hook into AuthComponent::logout(),
121:  * and implement specialized logout behavior.
122:  *
123:  * All attached authentication objects will have this method
124:  * called when a user logs out.
125:  *
126:  * @param array $user The user about to be logged out.
127:  * @return void
128:  */
129:     public function logout($user) {
130:     }
131: 
132: /**
133:  * Get a user based on information in the request.  Primarily used by stateless authentication
134:  * systems like basic and digest auth.
135:  *
136:  * @param CakeRequest $request Request object.
137:  * @return mixed Either false or an array of user information
138:  */
139:     public function getUser($request) {
140:         return false;
141:     }
142: 
143: }
144: