Class PasswordIdentifier
Password Identifier
Identifies authentication credentials with password
new PasswordIdentifier([
'fields' => [
'username' => ['username', 'email'],
'password' => 'password'
]
]);
When configuring PasswordIdentifier you can pass in config to which fields, model and additional conditions are used.
Constants
Property Summary
-
$_config protected
array<string, mixed>
Runtime config
-
$_configInitialized protected
bool
Whether the config property has already been configured with defaults
-
$_defaultConfig protected
array
Default configuration.
fields
The fields to use to identify a user by:username
: one or many username fields.password
: password field.
resolver
The resolver implementation to use.passwordHasher
Password hasher class. Can be a string specifying class name or an array containingclassName
key, any other keys will be passed as config to the class. Defaults to 'Default'.
-
$_errors protected
array
Errors
-
$_needsPasswordRehash protected
bool
Whether or not the user authenticated by this class requires their password to be rehashed with another algorithm.
-
$_passwordHasher protected
Authentication\PasswordHasher\PasswordHasherInterface
Password hasher instance.
-
$resolver protected
Authentication\Identifier\Resolver\ResolverInterface
Resolver instance.
Method Summary
-
__construct() public
Constructor
-
_checkPassword() protected
Find a user record using the username and password provided. Input passwords will be hashed even when a user doesn't exist. This helps mitigate timing attacks that are attempting to find valid usernames.
-
_configDelete() protected
Deletes a single config key.
-
_configRead() protected
Reads a config key.
-
_configWrite() protected
Writes a config key.
-
_findIdentity() protected
Find a user record using the username/identifier provided.
-
buildResolver() protected
Builds a ResolverInterface instance.
-
configShallow() public
Merge provided config with existing config. Unlike
config()
which does a recursive merge for nested keys, this method does a simple merge. -
getConfig() public
Returns the config.
-
getConfigOrFail() public
Returns the config for this specific key.
-
getErrors() public
Returns errors
-
getPasswordHasher() public
Return password hasher object.
-
getResolver() public
Returns ResolverInterface instance.
-
identify() public
Identifies an user or service by the passed credentials
-
needsPasswordRehash() public
Returns whether or not the password stored in the repository for the logged in user requires to be rehashed with another algorithm
-
setConfig() public
Sets the config.
-
setPasswordHasher() public
Sets password hasher object.
-
setResolver() public
Sets ResolverInterface instance.
Method Detail
__construct() ¶ public
__construct(array $config = [])
Constructor
Parameters
-
array
$config optional Configuration
_checkPassword() ¶ protected
_checkPassword(arrayArrayAccess|null $identity, string|null $password): bool
Find a user record using the username and password provided. Input passwords will be hashed even when a user doesn't exist. This helps mitigate timing attacks that are attempting to find valid usernames.
Parameters
-
arrayArrayAccess|null
$identity The identity or null.
-
string|null
$password The password.
Returns
bool
_configDelete() ¶ protected
_configDelete(string $key): void
Deletes a single config key.
Parameters
-
string
$key Key to delete.
Returns
void
Throws
Cake\Core\Exception\CakeException
if attempting to clobber existing config
_configRead() ¶ protected
_configRead(string|null $key): mixed
Reads a config key.
Parameters
-
string|null
$key Key to read.
Returns
mixed
_configWrite() ¶ protected
_configWrite(array<string, mixed>|string $key, mixed $value, string|bool $merge = false): void
Writes a config key.
Parameters
-
array<string, mixed>|string
$key Key to write to.
-
mixed
$value Value to write.
-
string|bool
$merge optional True to merge recursively, 'shallow' for simple merge, false to overwrite, defaults to false.
Returns
void
Throws
Cake\Core\Exception\CakeException
if attempting to clobber existing config
_findIdentity() ¶ protected
_findIdentity(string $identifier): ArrayAccess|array|null
Find a user record using the username/identifier provided.
Parameters
-
string
$identifier The username/identifier.
Returns
ArrayAccess|array|null
buildResolver() ¶ protected
buildResolver(string|array $config): Authentication\Identifier\Resolver\ResolverInterface
Builds a ResolverInterface instance.
Parameters
-
string|array
$config Resolver class name or config.
Returns
Authentication\Identifier\Resolver\ResolverInterface
Throws
InvalidArgumentException
When className option is missing or class name does not exist.
RuntimeException
When resolver does not implement ResolverInterface.
configShallow() ¶ public
configShallow(array<string, mixed>|string $key, mixed|null $value = null): $this
Merge provided config with existing config. Unlike config()
which does
a recursive merge for nested keys, this method does a simple merge.
Setting a specific value:
$this->configShallow('key', $value);
Setting a nested value:
$this->configShallow('some.nested.key', $value);
Updating multiple config settings at the same time:
$this->configShallow(['one' => 'value', 'another' => 'value']);
Parameters
-
array<string, mixed>|string
$key The key to set, or a complete array of configs.
-
mixed|null
$value optional The value to set.
Returns
$this
getConfig() ¶ public
getConfig(string|null $key = null, mixed $default = null): mixed
Returns the config.
Usage
Reading the whole config:
$this->getConfig();
Reading a specific value:
$this->getConfig('key');
Reading a nested value:
$this->getConfig('some.nested.key');
Reading with default value:
$this->getConfig('some-key', 'default-value');
Parameters
-
string|null
$key optional The key to get or null for the whole config.
-
mixed
$default optional The return value when the key does not exist.
Returns
mixed
getConfigOrFail() ¶ public
getConfigOrFail(string $key): mixed
Returns the config for this specific key.
The config value for this key must exist, it can never be null.
Parameters
-
string
$key The key to get.
Returns
mixed
Throws
InvalidArgumentException
getPasswordHasher() ¶ public
getPasswordHasher(): Authentication\PasswordHasher\PasswordHasherInterface
Return password hasher object.
Returns
Authentication\PasswordHasher\PasswordHasherInterface
getResolver() ¶ public
getResolver(): Authentication\Identifier\Resolver\ResolverInterface
Returns ResolverInterface instance.
Returns
Authentication\Identifier\Resolver\ResolverInterface
Throws
RuntimeException
When resolver has not been set.
identify() ¶ public
identify(array $credentials): ArrayAccess|array|null
Identifies an user or service by the passed credentials
Parameters
-
array
$credentials
Returns
ArrayAccess|array|null
needsPasswordRehash() ¶ public
needsPasswordRehash(): bool
Returns whether or not the password stored in the repository for the logged in user requires to be rehashed with another algorithm
Returns
bool
setConfig() ¶ public
setConfig(array<string, mixed>|string $key, mixed|null $value = null, bool $merge = true): $this
Sets the config.
Usage
Setting a specific value:
$this->setConfig('key', $value);
Setting a nested value:
$this->setConfig('some.nested.key', $value);
Updating multiple config settings at the same time:
$this->setConfig(['one' => 'value', 'another' => 'value']);
Parameters
-
array<string, mixed>|string
$key The key to set, or a complete array of configs.
-
mixed|null
$value optional The value to set.
-
bool
$merge optional Whether to recursively merge or overwrite existing config, defaults to true.
Returns
$this
Throws
Cake\Core\Exception\CakeException
When trying to set a key that is invalid.
setPasswordHasher() ¶ public
setPasswordHasher(Authentication\PasswordHasher\PasswordHasherInterface $passwordHasher): $this
Sets password hasher object.
Parameters
-
Authentication\PasswordHasher\PasswordHasherInterface
$passwordHasher Password hasher instance.
Returns
$this
setResolver() ¶ public
setResolver(Authentication\Identifier\Resolver\ResolverInterface $resolver): $this
Sets ResolverInterface instance.
Parameters
-
Authentication\Identifier\Resolver\ResolverInterface
$resolver Resolver instance.
Returns
$this
Property Detail
$_configInitialized ¶ protected
Whether the config property has already been configured with defaults
Type
bool
$_defaultConfig ¶ protected
Default configuration.
fields
The fields to use to identify a user by:username
: one or many username fields.password
: password field.
resolver
The resolver implementation to use.passwordHasher
Password hasher class. Can be a string specifying class name or an array containingclassName
key, any other keys will be passed as config to the class. Defaults to 'Default'.
Type
array
$_needsPasswordRehash ¶ protected
Whether or not the user authenticated by this class requires their password to be rehashed with another algorithm.
Type
bool
$_passwordHasher ¶ protected
Password hasher instance.
Type
Authentication\PasswordHasher\PasswordHasherInterface