Class FormAuthenticate
An authentication adapter for AuthComponent. Provides the ability to authenticate using POST data. Can be used by configuring AuthComponent to use it via the AuthComponent::$authenticate config.
$this->Auth->authenticate = [
'Form' => [
'finder' => ['auth' => ['some_finder_option' => 'some_value']]
]
]
When configuring FormAuthenticate you can pass in config to which fields, model and additional conditions are used. See FormAuthenticate::$_config for more information.
Property Summary
-
$_config protected
array
Runtime config
-
$_configInitialized protected
bool
Whether the config property has already been configured with defaults
-
$_defaultConfig protected
array
Default config for this object.
-
$_needsPasswordRehash protected
bool
Whether or not the user authenticated by this class requires their password to be rehashed with another algorithm.
-
$_passwordHasher protected
Cake\Auth\AbstractPasswordHasher
Password hasher instance.
-
$_registry protected
Cake\Controller\ComponentRegistry
A Component registry, used to get more components.
Method Summary
-
__construct() public
Constructor
-
_checkFields() protected
Checks the fields to ensure they are supplied.
-
_configDelete() protected
Deletes a single config key.
-
_configRead() protected
Reads a config key.
-
_configWrite() protected
Writes a config key.
-
_findUser() protected
Find a user record using the username and password provided.
-
_query() protected
Get query object for fetching user from database.
-
authenticate() public
Authenticates the identity contained in a request. Will use the
config.userModel
, andconfig.fields
to find POST data that is used to find a matching record in theconfig.userModel
. Will return false if there is no post data, either username or password is missing, or if the scope conditions have not been met. -
config() public deprecated
Gets/Sets the config.
-
configShallow() public
Merge provided config with existing config. Unlike
config()
which does a recursive merge for nested keys, this method does a simple merge. -
getConfig() public
Returns the config.
-
getUser() public
Get a user based on information in the request. Primarily used by stateless authentication systems like basic and digest auth.
-
implementedEvents() public
Returns a list of all events that this authenticate class will listen to.
-
needsPasswordRehash() public
Returns whether or not the password stored in the repository for the logged in user requires to be rehashed with another algorithm
-
passwordHasher() public
Return password hasher object
-
setConfig() public
Sets the config.
-
unauthenticated() public
Handle unauthenticated access attempt. In implementation valid return values can be:
Method Detail
__construct() ¶ public
__construct(Cake\Controller\ComponentRegistry $registry, array $config = [])
Constructor
Parameters
-
Cake\Controller\ComponentRegistry
$registry The Component registry used on this request.
-
array
$config optional Array of config to use.
_checkFields() ¶ protected
_checkFields(Cake\Http\ServerRequest $request, array $fields): bool
Checks the fields to ensure they are supplied.
Parameters
-
Cake\Http\ServerRequest
$request The request that contains login information.
-
array
$fields The fields to be checked.
Returns
bool
_configDelete() ¶ protected
_configDelete(string $key): void
Deletes a single config key.
Parameters
-
string
$key Key to delete.
Returns
void
Throws
Cake\Core\Exception\Exception
if attempting to clobber existing config
_configRead() ¶ protected
_configRead(string|null $key): mixed
Reads a config key.
Parameters
-
string|null
$key Key to read.
Returns
mixed
_configWrite() ¶ protected
_configWrite(string|array $key, mixed $value, bool|string $merge = false): void
Writes a config key.
Parameters
-
string|array
$key Key to write to.
-
mixed
$value Value to write.
-
bool|string
$merge optional True to merge recursively, 'shallow' for simple merge, false to overwrite, defaults to false.
Returns
void
Throws
Cake\Core\Exception\Exception
if attempting to clobber existing config
_findUser() ¶ protected
_findUser(string $username, string|null $password = null): bool|array
Find a user record using the username and password provided.
Input passwords will be hashed even when a user doesn't exist. This helps mitigate timing attacks that are attempting to find valid usernames.
Parameters
-
string
$username The username/identifier.
-
string|null
$password optional The password, if not provided password checking is skipped and result of find is returned.
Returns
bool|array
_query() ¶ protected
_query(string $username): Cake\ORM\Query
Get query object for fetching user from database.
Parameters
-
string
$username The username/identifier.
Returns
Cake\ORM\Query
authenticate() ¶ public
authenticate(Cake\Http\ServerRequest $request, Cake\Http\Response $response): mixed
Authenticates the identity contained in a request. Will use the config.userModel
, and config.fields
to find POST data that is used to find a matching record in the config.userModel
. Will return false if
there is no post data, either username or password is missing, or if the scope conditions have not been met.
Parameters
-
Cake\Http\ServerRequest
$request The request that contains login information.
-
Cake\Http\Response
$response Unused response object.
Returns
mixed
config() ¶ public
config(string|array|null $key = null, mixed|null $value = null, bool $merge = true): mixed
Gets/Sets the config.
Usage
Reading the whole config:
$this->config();
Reading a specific value:
$this->config('key');
Reading a nested value:
$this->config('some.nested.key');
Setting a specific value:
$this->config('key', $value);
Setting a nested value:
$this->config('some.nested.key', $value);
Updating multiple config settings at the same time:
$this->config(['one' => 'value', 'another' => 'value']);
Parameters
-
string|array|null
$key optional The key to get/set, or a complete array of configs.
-
mixed|null
$value optional The value to set.
-
bool
$merge optional Whether to recursively merge or overwrite existing config, defaults to true.
Returns
mixed
Throws
Cake\Core\Exception\Exception
When trying to set a key that is invalid.
configShallow() ¶ public
configShallow(string|array $key, mixed|null $value = null): $this
Merge provided config with existing config. Unlike config()
which does
a recursive merge for nested keys, this method does a simple merge.
Setting a specific value:
$this->configShallow('key', $value);
Setting a nested value:
$this->configShallow('some.nested.key', $value);
Updating multiple config settings at the same time:
$this->configShallow(['one' => 'value', 'another' => 'value']);
Parameters
-
string|array
$key The key to set, or a complete array of configs.
-
mixed|null
$value optional The value to set.
Returns
$this
getConfig() ¶ public
getConfig(string|null $key = null, mixed $default = null): mixed
Returns the config.
Usage
Reading the whole config:
$this->getConfig();
Reading a specific value:
$this->getConfig('key');
Reading a nested value:
$this->getConfig('some.nested.key');
Reading with default value:
$this->getConfig('some-key', 'default-value');
Parameters
-
string|null
$key optional The key to get or null for the whole config.
-
mixed
$default optional The return value when the key does not exist.
Returns
mixed
getUser() ¶ public
getUser(Cake\Http\ServerRequest $request): mixed
Get a user based on information in the request. Primarily used by stateless authentication systems like basic and digest auth.
Parameters
-
Cake\Http\ServerRequest
$request Request object.
Returns
mixed
implementedEvents() ¶ public
implementedEvents(): array
Returns a list of all events that this authenticate class will listen to.
An authenticate class can listen to following events fired by AuthComponent:
-
Auth.afterIdentify
- Fired after a user has been identified using one of configured authenticate class. The callback function should have signature likeafterIdentify(Event $event, array $user)
when$user
is the identified user record. -
Auth.logout
- Fired when AuthComponent::logout() is called. The callback function should have signature likelogout(Event $event, array $user)
where$user
is the user about to be logged out.
Returns
array
needsPasswordRehash() ¶ public
needsPasswordRehash(): bool
Returns whether or not the password stored in the repository for the logged in user requires to be rehashed with another algorithm
Returns
bool
passwordHasher() ¶ public
passwordHasher(): Cake\Auth\AbstractPasswordHasher
Return password hasher object
Returns
Cake\Auth\AbstractPasswordHasher
Throws
RuntimeException
If password hasher class not found or it does not extend AbstractPasswordHasher
setConfig() ¶ public
setConfig(string|array $key, mixed|null $value = null, bool $merge = true): $this
Sets the config.
Usage
Setting a specific value:
$this->setConfig('key', $value);
Setting a nested value:
$this->setConfig('some.nested.key', $value);
Updating multiple config settings at the same time:
$this->setConfig(['one' => 'value', 'another' => 'value']);
Parameters
-
string|array
$key The key to set, or a complete array of configs.
-
mixed|null
$value optional The value to set.
-
bool
$merge optional Whether to recursively merge or overwrite existing config, defaults to true.
Returns
$this
Throws
Cake\Core\Exception\Exception
When trying to set a key that is invalid.
unauthenticated() ¶ public
unauthenticated(Cake\Http\ServerRequest $request, Cake\Http\Response $response): void
Handle unauthenticated access attempt. In implementation valid return values can be:
- Null - No action taken, AuthComponent should return appropriate response.
- Cake\Http\Response - A response object, which will cause AuthComponent to simply return that response.
Parameters
-
Cake\Http\ServerRequest
$request A request object.
-
Cake\Http\Response
$response A response object.
Returns
void
Property Detail
$_configInitialized ¶ protected
Whether the config property has already been configured with defaults
Type
bool
$_defaultConfig ¶ protected
Default config for this object.
fields
The fields to use to identify a user by.userModel
The alias for users table, defaults to Users.finder
The finder method to use to fetch user record. Defaults to 'all'. You can set finder name as string or an array where key is finder name and value is an array passed toTable::find()
options. E.g. ['finderName' => ['some_finder_option' => 'some_value']]passwordHasher
Password hasher class. Can be a string specifying class name or an array containingclassName
key, any other keys will be passed as config to the class. Defaults to 'Default'.- Options
scope
andcontain
have been deprecated since 3.1. Use custom finder instead to modify the query to fetch user record.
Type
array
$_needsPasswordRehash ¶ protected
Whether or not the user authenticated by this class requires their password to be rehashed with another algorithm.
Type
bool
$_registry ¶ protected
A Component registry, used to get more components.
Type
Cake\Controller\ComponentRegistry