Class BaseAuthenticate
Base Authentication class with common methods and properties.
Property Summary
-
$_config protected
array
Runtime config
-
$_configInitialized protected
bool
Whether the config property has already been configured with defaults
-
$_defaultConfig protected
array
Default config for this object.
-
$_needsPasswordRehash protected
bool
Whether or not the user authenticated by this class requires their password to be rehashed with another algorithm.
-
$_passwordHasher protected
AbstractPasswordHasher
Password hasher instance.
-
$_registry protected
ComponentRegistry
A Component registry, used to get more components.
Method Summary
-
__construct() public
Constructor
-
_configDelete() protected
Delete a single config key
-
_configRead() protected
Read a config variable
-
_configWrite() protected
Write a config variable
-
_findUser() protected
Find a user record using the username and password provided.
-
_query() protected
Get query object for fetching user from database.
-
authenticate() abstract public
Authenticate a user based on the request information.
-
config() public
Usage
-
configShallow() public
Merge provided config with existing config. Unlike
config()
which does a recursive merge for nested keys, this method does a simple merge. -
getUser() public
Get a user based on information in the request. Primarily used by stateless authentication systems like basic and digest auth.
-
implementedEvents() public
Returns a list of all events that this authenticate class will listen to.
-
needsPasswordRehash() public
Returns whether or not the password stored in the repository for the logged in user requires to be rehashed with another algorithm
-
passwordHasher() public
Return password hasher object
-
unauthenticated() public
Handle unauthenticated access attempt. In implementation valid return values can be:
Method Detail
__construct() ¶ public
__construct(Cake\Controller\ComponentRegistry $registry, array $config = [])
Constructor
Parameters
-
Cake\Controller\ComponentRegistry
$registry The Component registry used on this request.
-
array
$config optional Array of config to use.
_configDelete() ¶ protected
_configDelete(string $key): void
Delete a single config key
Parameters
-
string
$key Key to delete.
Returns
void
Throws
Cake\Core\Exception\Exception
if attempting to clobber existing config
_configRead() ¶ protected
_configRead(string|null $key): mixed
Read a config variable
Parameters
-
string|null
$key Key to read.
Returns
mixed
_configWrite() ¶ protected
_configWrite(string|array $key, mixed $value, bool|string $merge = false): void
Write a config variable
Parameters
-
string|array
$key Key to write to.
-
mixed
$value Value to write.
-
bool|string
$merge optional True to merge recursively, 'shallow' for simple merge, false to overwrite, defaults to false.
Returns
void
Throws
Cake\Core\Exception\Exception
if attempting to clobber existing config
_findUser() ¶ protected
_findUser(string $username, string|null $password = null): bool|array
Find a user record using the username and password provided.
Input passwords will be hashed even when a user doesn't exist. This helps mitigate timing attacks that are attempting to find valid usernames.
Parameters
-
string
$username The username/identifier.
-
string|null
$password optional The password, if not provided password checking is skipped and result of find is returned.
Returns
bool|array
_query() ¶ protected
_query(string $username): Cake\ORM\Query
Get query object for fetching user from database.
Parameters
-
string
$username The username/identifier.
Returns
Cake\ORM\Query
authenticate() ¶ abstract public
authenticate(Cake\Network\Request $request, Cake\Network\Response $response): mixed
Authenticate a user based on the request information.
Parameters
-
Cake\Network\Request
$request Request to get authentication information from.
-
Cake\Network\Response
$response A response object that can have headers added.
Returns
mixed
config() ¶ public
config(string|array|null $key = null, mixed|null $value = null, bool $merge = true): mixed
Usage
Reading the whole config:
$this->config();
Reading a specific value:
$this->config('key');
Reading a nested value:
$this->config('some.nested.key');
Setting a specific value:
$this->config('key', $value);
Setting a nested value:
$this->config('some.nested.key', $value);
Updating multiple config settings at the same time:
$this->config(['one' => 'value', 'another' => 'value']);
Parameters
-
string|array|null
$key optional The key to get/set, or a complete array of configs.
-
mixed|null
$value optional The value to set.
-
bool
$merge optional Whether to recursively merge or overwrite existing config, defaults to true.
Returns
mixed
Throws
Cake\Core\Exception\Exception
When trying to set a key that is invalid.
configShallow() ¶ public
configShallow(string|array $key, mixed|null $value = null): $this
Merge provided config with existing config. Unlike config()
which does
a recursive merge for nested keys, this method does a simple merge.
Setting a specific value:
$this->config('key', $value);
Setting a nested value:
$this->config('some.nested.key', $value);
Updating multiple config settings at the same time:
$this->config(['one' => 'value', 'another' => 'value']);
Parameters
-
string|array
$key The key to set, or a complete array of configs.
-
mixed|null
$value optional The value to set.
Returns
$this
getUser() ¶ public
getUser(Cake\Network\Request $request): mixed
Get a user based on information in the request. Primarily used by stateless authentication systems like basic and digest auth.
Parameters
-
Cake\Network\Request
$request Request object.
Returns
mixed
implementedEvents() ¶ public
implementedEvents(): array
Returns a list of all events that this authenticate class will listen to.
An authenticate class can listen to following events fired by AuthComponent:
-
Auth.afterIdentify
- Fired after a user has been identified using one of configured authenticate class. The callback function should have signature likeafterIdentify(Event $event, array $user)
when$user
is the identified user record. -
Auth.logout
- Fired when AuthComponent::logout() is called. The callback function should have signature likelogout(Event $event, array $user)
where$user
is the user about to be logged out.
Returns
array
needsPasswordRehash() ¶ public
needsPasswordRehash(): bool
Returns whether or not the password stored in the repository for the logged in user requires to be rehashed with another algorithm
Returns
bool
passwordHasher() ¶ public
passwordHasher(): AbstractPasswordHasher
Return password hasher object
Returns
AbstractPasswordHasher
Throws
RuntimeException
If password hasher class not found or it does not extend AbstractPasswordHasher
unauthenticated() ¶ public
unauthenticated(Cake\Network\Request $request, Cake\Network\Response $response): void
Handle unauthenticated access attempt. In implementation valid return values can be:
- Null - No action taken, AuthComponent should return appropriate response.
- Cake\Network\Response - A response object, which will cause AuthComponent to simply return that response.
Parameters
-
Cake\Network\Request
$request A request object.
-
Cake\Network\Response
$response A response object.
Returns
void
Property Detail
$_configInitialized ¶ protected
Whether the config property has already been configured with defaults
Type
bool
$_defaultConfig ¶ protected
Default config for this object.
fields
The fields to use to identify a user by.userModel
The alias for users table, defaults to Users.scope
Additional conditions to use when looking up and authenticating users, i.e.['Users.is_active' => 1].
contain
Extra models to contain and store in session.passwordHasher
Password hasher class. Can be a string specifying class name or an array containingclassName
key, any other keys will be passed as config to the class. Defaults to 'Default'.
Type
array
$_needsPasswordRehash ¶ protected
Whether or not the user authenticated by this class requires their password to be rehashed with another algorithm.
Type
bool