CakePHP
  • Documentation
    • Book
    • API
    • Videos
    • Reporting Security Issues
    • Privacy Policy
    • Logos & Trademarks
  • Business Solutions
  • Swag
  • Road Trip
  • Team
  • Community
    • Community
    • Get Involved
    • Issues (Github)
    • Bakery
    • Featured Resources
    • Training
    • Meetups
    • My CakePHP
    • CakeFest
    • Newsletter
    • Linkedin
    • YouTube
    • Facebook
    • Twitter
    • Help & Support
    • Forum
    • Stack Overflow
    • IRC
    • Slack
    • Paid Support
CakePHP

C CakePHP 3.4 Red Velvet API

  • Overview
  • Tree
  • Deprecated
  • Version:
    • 3.4
      • 4.2
      • 4.1
      • 4.0
      • 3.9
      • 3.8
      • 3.7
      • 3.6
      • 3.5
      • 3.4
      • 3.3
      • 3.2
      • 3.1
      • 3.0
      • 2.10
      • 2.9
      • 2.8
      • 2.7
      • 2.6
      • 2.5
      • 2.4
      • 2.3
      • 2.2
      • 2.1
      • 2.0
      • 1.3
      • 1.2

Namespaces

  • Cake
    • Auth
      • Storage
    • Cache
      • Engine
    • Collection
      • Iterator
    • Console
      • Exception
    • Controller
      • Component
      • Exception
    • Core
      • Configure
        • Engine
      • Exception
    • Database
      • Driver
      • Exception
      • Expression
      • Schema
      • Statement
      • Type
    • Datasource
      • Exception
    • Error
      • Middleware
    • Event
      • Decorator
    • Filesystem
    • Form
    • Http
      • Client
        • Adapter
        • Auth
    • I18n
      • Formatter
      • Middleware
      • Parser
    • Log
      • Engine
    • Mailer
      • Exception
      • Transport
    • Network
      • Exception
      • Session
    • ORM
      • Association
      • Behavior
        • Translate
      • Exception
      • Locator
      • Rule
    • Routing
      • Exception
      • Filter
      • Middleware
      • Route
    • Shell
      • Helper
      • Task
    • TestSuite
      • Constraint
      • Fixture
      • Stub
    • Utility
      • Exception
    • Validation
    • View
      • Exception
      • Form
      • Helper
      • Widget
  • None

Classes

  • AbstractPasswordHasher
  • BaseAuthenticate
  • BaseAuthorize
  • BasicAuthenticate
  • ControllerAuthorize
  • DefaultPasswordHasher
  • DigestAuthenticate
  • FallbackPasswordHasher
  • FormAuthenticate
  • PasswordHasherFactory
  • WeakPasswordHasher

Class BasicAuthenticate

Basic Authentication adapter for AuthComponent.

Provides Basic HTTP authentication support for AuthComponent. Basic Auth will authenticate users against the configured userModel and verify the username and passwords match.

Using Basic auth

In your controller's components array, add auth + the required config

public $components = [
     'Auth' => [
         'authenticate' => ['Basic']
     ]
 ];

You should also set AuthComponent::$sessionKey = false; in your AppController's beforeFilter() to prevent CakePHP from sending a session cookie to the client.

Since HTTP Basic Authentication is stateless you don't need a login() action in your controller. The user credentials will be checked on each request. If valid credentials are not provided, required authentication headers will be sent by this authentication provider which triggers the login dialog in the browser/client.

You may also want to use $this->Auth->unauthorizedRedirect = false;. By default, unauthorized users are redirected to the referrer URL, AuthComponent::$loginAction, or '/'. If unauthorizedRedirect is set to false, a ForbiddenException exception is thrown instead of redirecting.

Cake\Auth\BaseAuthenticate implements Cake\Event\EventListenerInterface uses Cake\Core\InstanceConfigTrait
Extended by Cake\Auth\BasicAuthenticate
Direct Subclasses
  • Cake\Auth\DigestAuthenticate
Namespace: Cake\Auth
Location: Auth/BasicAuthenticate.php

Inherited Properties

  • _defaultConfig, _needsPasswordRehash, _passwordHasher, _registry _config, _configInitialized

Method Summary

  • authenticate() public

    Authenticate a user using HTTP auth. Will use the configured User model and attempt a login using HTTP auth.

  • getUser() public
    Get a user based on information in the request. Used by cookie-less auth for stateless clients.
  • loginHeaders() public
    Generate the login headers
  • unauthenticated() public
    Handles an unauthenticated access attempt by sending appropriate login headers

Method Detail

authenticate() public ¶

authenticate( Cake\Http\ServerRequest $request , Cake\Http\Response $response )

Authenticate a user using HTTP auth. Will use the configured User model and attempt a login using HTTP auth.

Parameters
Cake\Http\ServerRequest $request
The request to authenticate with.
Cake\Http\Response $response
The response to add headers to.
Returns
mixed
Either false on failure, or an array of user data on success.

getUser() public ¶

getUser( Cake\Http\ServerRequest $request )

Get a user based on information in the request. Used by cookie-less auth for stateless clients.

Parameters
Cake\Http\ServerRequest $request
Request object.
Returns
mixed
Either false or an array of user information
Overrides
Cake\Auth\BaseAuthenticate::getUser()

loginHeaders() public ¶

loginHeaders( Cake\Http\ServerRequest $request )

Generate the login headers

Parameters
Cake\Http\ServerRequest $request
Request object.
Returns
string
Headers for logging in.

unauthenticated() public ¶

unauthenticated( Cake\Http\ServerRequest $request , Cake\Http\Response $response )

Handles an unauthenticated access attempt by sending appropriate login headers

Parameters
Cake\Http\ServerRequest $request
A request object.
Cake\Http\Response $response
A response object.
Throws
Cake\Network\Exception\UnauthorizedException
Overrides
Cake\Auth\BaseAuthenticate::unauthenticated()

Methods inherited from Cake\Auth\BaseAuthenticate

__construct() public ¶

__construct( Cake\Controller\ComponentRegistry $registry , array $config = [] )

Constructor

Parameters
Cake\Controller\ComponentRegistry $registry
The Component registry used on this request.
array $config optional []
Array of config to use.

_findUser() protected ¶

_findUser( string $username , string|null $password = null )

Find a user record using the username and password provided.

Input passwords will be hashed even when a user doesn't exist. This helps mitigate timing attacks that are attempting to find valid usernames.

Parameters
string $username
The username/identifier.
string|null $password optional null

The password, if not provided password checking is skipped and result of find is returned.

Returns
boolean|array
Either false on failure, or an array of user data.

_query() protected ¶

_query( string $username )

Get query object for fetching user from database.

Parameters
string $username
The username/identifier.
Returns
Cake\ORM\Query

implementedEvents() public ¶

implementedEvents( )

Returns a list of all events that this authenticate class will listen to.

An authenticate class can listen to following events fired by AuthComponent:

  • Auth.afterIdentify - Fired after a user has been identified using one of configured authenticate class. The callback function should have signature like afterIdentify(Event $event, array $user) when $user is the identified user record.

  • Auth.logout - Fired when AuthComponent::logout() is called. The callback function should have signature like logout(Event $event, array $user) where $user is the user about to be logged out.

Returns
array
List of events this class listens to. Defaults to [].
Implementation of
Cake\Event\EventListenerInterface::implementedEvents()

needsPasswordRehash() public ¶

needsPasswordRehash( )

Returns whether or not the password stored in the repository for the logged in user requires to be rehashed with another algorithm

Returns
boolean

passwordHasher() public ¶

passwordHasher( )

Return password hasher object

Returns
Cake\Auth\AbstractPasswordHasher
Password hasher instance
Throws
RuntimeException

If password hasher class not found or it does not extend AbstractPasswordHasher


Methods used from Cake\Core\InstanceConfigTrait

_configDelete() protected ¶

_configDelete( string $key )

Deletes a single config key.

Parameters
string $key
Key to delete.
Throws
Cake\Core\Exception\Exception
if attempting to clobber existing config

_configRead() protected ¶

_configRead( string|null $key )

Reads a config key.

Parameters
string|null $key
Key to read.
Returns
mixed

_configWrite() protected ¶

_configWrite( string|array $key , mixed $value , boolean|string $merge = false )

Writes a config key.

Parameters
string|array $key
Key to write to.
mixed $value
Value to write.
boolean|string $merge optional false

True to merge recursively, 'shallow' for simple merge, false to overwrite, defaults to false.

Throws
Cake\Core\Exception\Exception
if attempting to clobber existing config

config() public deprecated ¶

config( string|array|null $key = null , mixed|null $value = null , boolean $merge = true )

Gets/Sets the config.

Usage

Reading the whole config:

$this->config();

Reading a specific value:

$this->config('key');

Reading a nested value:

$this->config('some.nested.key');

Setting a specific value:

$this->config('key', $value);

Setting a nested value:

$this->config('some.nested.key', $value);

Updating multiple config settings at the same time:

$this->config(['one' => 'value', 'another' => 'value']);
Deprecated
3.4.0 use setConfig()/getConfig() instead.
Parameters
string|array|null $key optional null
The key to get/set, or a complete array of configs.
mixed|null $value optional null
The value to set.
boolean $merge optional true
Whether to recursively merge or overwrite existing config, defaults to true.
Returns
mixed
Config value being read, or the object itself on write operations.
Throws
Cake\Core\Exception\Exception
When trying to set a key that is invalid.

configShallow() public ¶

configShallow( string|array $key , mixed|null $value = null )

Merge provided config with existing config. Unlike config() which does a recursive merge for nested keys, this method does a simple merge.

Setting a specific value:

$this->configShallow('key', $value);

Setting a nested value:

$this->configShallow('some.nested.key', $value);

Updating multiple config settings at the same time:

$this->configShallow(['one' => 'value', 'another' => 'value']);
Parameters
string|array $key
The key to set, or a complete array of configs.
mixed|null $value optional null
The value to set.
Returns

$this

getConfig() public ¶

getConfig( string|null $key = null )

Returns the config.

Usage

Reading the whole config:

$this->getConfig();

Reading a specific value:

$this->getConfig('key');

Reading a nested value:

$this->getConfig('some.nested.key');
Parameters
string|null $key optional null
The key to get or null for the whole config.
Returns
mixed
Config value being read.

setConfig() public ¶

setConfig( string|array $key , mixed|null $value = null , boolean $merge = true )

Sets the config.

Usage

Setting a specific value:

$this->setConfig('key', $value);

Setting a nested value:

$this->setConfig('some.nested.key', $value);

Updating multiple config settings at the same time:

$this->setConfig(['one' => 'value', 'another' => 'value']);
Parameters
string|array $key
The key to set, or a complete array of configs.
mixed|null $value optional null
The value to set.
boolean $merge optional true
Whether to recursively merge or overwrite existing config, defaults to true.
Returns

$this
Throws
Cake\Core\Exception\Exception
When trying to set a key that is invalid.
Follow @CakePHP
#IRC
OpenHub
Rackspace
Rackspace
  • Business Solutions
  • Showcase
  • Documentation
  • Book
  • API
  • Videos
  • Reporting Security Issues
  • Privacy Policy
  • Logos & Trademarks
  • Community
  • Get Involved
  • Issues (Github)
  • Bakery
  • Featured Resources
  • Training
  • Meetups
  • My CakePHP
  • CakeFest
  • Newsletter
  • Linkedin
  • YouTube
  • Facebook
  • Twitter
  • Help & Support
  • Forum
  • Stack Overflow
  • IRC
  • Slack
  • Paid Support

Generated using CakePHP API Docs