1: <?php
  2: /**
  3:  * CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
  4:  * Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
  5:  *
  6:  * Licensed under The MIT License
  7:  * For full copyright and license information, please see the LICENSE.txt
  8:  * Redistributions of files must retain the above copyright notice.
  9:  *
 10:  * @copyright     Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
 11:  * @link          http://cakephp.org CakePHP(tm) Project
 12:  * @license       http://www.opensource.org/licenses/mit-license.php MIT License
 13:  */
 14: 
 15: App::uses('BaseAuthenticate', 'Controller/Component/Auth');
 16: 
 17: /**
 18:  * Basic Authentication adapter for AuthComponent.
 19:  *
 20:  * Provides Basic HTTP authentication support for AuthComponent. Basic Auth will
 21:  * authenticate users against the configured userModel and verify the username
 22:  * and passwords match.
 23:  *
 24:  * ### Using Basic auth
 25:  *
 26:  * In your controller's components array, add auth + the required settings.
 27:  * ```
 28:  *  public $components = array(
 29:  *      'Auth' => array(
 30:  *          'authenticate' => array('Basic')
 31:  *      )
 32:  *  );
 33:  * ```
 34:  *
 35:  * You should also set `AuthComponent::$sessionKey = false;` in your AppController's
 36:  * beforeFilter() to prevent CakePHP from sending a session cookie to the client.
 37:  *
 38:  * Since HTTP Basic Authentication is stateless you don't need a login() action
 39:  * in your controller. The user credentials will be checked on each request. If
 40:  * valid credentials are not provided, required authentication headers will be sent
 41:  * by this authentication provider which triggers the login dialog in the browser/client.
 42:  *
 43:  * You may also want to use `$this->Auth->unauthorizedRedirect = false;`.
 44:  * By default, unauthorized users are redirected to the referrer URL,
 45:  * `AuthComponent::$loginAction`, or '/'. If unauthorizedRedirect is set to
 46:  * false, a ForbiddenException exception is thrown instead of redirecting.
 47:  *
 48:  * @package       Cake.Controller.Component.Auth
 49:  * @since 2.0
 50:  */
 51: class BasicAuthenticate extends BaseAuthenticate {
 52: 
 53: /**
 54:  * Constructor, completes configuration for basic authentication.
 55:  *
 56:  * @param ComponentCollection $collection The Component collection used on this request.
 57:  * @param array $settings An array of settings.
 58:  */
 59:     public function __construct(ComponentCollection $collection, $settings) {
 60:         parent::__construct($collection, $settings);
 61:         if (empty($this->settings['realm'])) {
 62:             $this->settings['realm'] = env('SERVER_NAME');
 63:         }
 64:     }
 65: 
 66: /**
 67:  * Authenticate a user using HTTP auth. Will use the configured User model and attempt a
 68:  * login using HTTP auth.
 69:  *
 70:  * @param CakeRequest $request The request to authenticate with.
 71:  * @param CakeResponse $response The response to add headers to.
 72:  * @return mixed Either false on failure, or an array of user data on success.
 73:  */
 74:     public function authenticate(CakeRequest $request, CakeResponse $response) {
 75:         return $this->getUser($request);
 76:     }
 77: 
 78: /**
 79:  * Get a user based on information in the request. Used by cookie-less auth for stateless clients.
 80:  *
 81:  * @param CakeRequest $request Request object.
 82:  * @return mixed Either false or an array of user information
 83:  */
 84:     public function getUser(CakeRequest $request) {
 85:         $username = env('PHP_AUTH_USER');
 86:         $pass = env('PHP_AUTH_PW');
 87: 
 88:         if (!is_string($username) || $username === '' || !is_string($pass) || $pass === '') {
 89:             return false;
 90:         }
 91:         return $this->_findUser($username, $pass);
 92:     }
 93: 
 94: /**
 95:  * Handles an unauthenticated access attempt by sending appropriate login headers
 96:  *
 97:  * @param CakeRequest $request A request object.
 98:  * @param CakeResponse $response A response object.
 99:  * @return void
100:  * @throws UnauthorizedException
101:  */
102:     public function unauthenticated(CakeRequest $request, CakeResponse $response) {
103:         $Exception = new UnauthorizedException();
104:         $Exception->responseHeader(array($this->loginHeaders()));
105:         throw $Exception;
106:     }
107: 
108: /**
109:  * Generate the login headers
110:  *
111:  * @return string Headers for logging in.
112:  */
113:     public function loginHeaders() {
114:         return sprintf('WWW-Authenticate: Basic realm="%s"', $this->settings['realm']);
115:     }
116: 
117: }
118: