Class CookieAuthenticator
Cookie Authenticator
Authenticates an identity based on a cookie data.
Property Summary
-
$_config protected
array<string, mixed>Runtime config
-
$_configInitialized protected
boolWhether the config property has already been configured with defaults
-
$_defaultConfig protected
arrayDefault config for this object.
fieldsThe fields to use to identify a user by.
-
$_identifier protected
Authentication\Identifier\IdentifierInterfaceIdentifier or identifiers collection.
-
$_needsPasswordRehash protected
boolWhether the user authenticated by this class requires their password to be rehashed with another algorithm.
-
$_passwordHasher protected
Authentication\PasswordHasher\PasswordHasherInterface|nullPassword hasher instance.
Method Summary
-
__construct() public
Constructor
-
_checkToken() protected
Checks whether a token hash matches the identity data.
-
_checkUrl() protected
Checks the Login URL
-
_configDelete() protected
Deletes a single config key.
-
_configRead() protected
Reads a config key.
-
_configWrite() protected
Writes a config key.
-
_createCookie() protected
Creates a cookie instance with configured defaults.
-
_createPlainToken() protected
Creates a plain part of a cookie token.
-
_createToken() protected
Creates a full cookie token serialized as a JSON sting.
-
_getUrlChecker() protected
Gets the login URL checker
-
authenticate() public
Authenticate a user based on the request information.
-
clearIdentity() public
Clears the identity data
-
configShallow() public
Merge provided config with existing config. Unlike
config()which does a recursive merge for nested keys, this method does a simple merge. -
getConfig() public
Returns the config.
-
getConfigOrFail() public
Returns the config for this specific key.
-
getIdentifier() public
Gets the identifier.
-
getPasswordHasher() public
Return password hasher object. If a password hasher has not been set, DefaultPasswordHasher instance is returned.
-
needsPasswordRehash() public
Returns whether or not the password stored in the repository for the logged in user requires to be rehashed with another algorithm
-
persistIdentity() public
Persists the users data
-
setConfig() public
Sets the config.
-
setIdentifier() public
Sets the identifier.
-
setPasswordHasher() public
Sets password hasher object.
Method Detail
__construct() ¶ public
__construct(Authentication\Identifier\IdentifierInterface $identifier, array<string, mixed> $config = [])Constructor
Parameters
-
Authentication\Identifier\IdentifierInterface$identifier Identifier or identifiers collection.
-
array<string, mixed>$config optional Configuration settings.
_checkToken() ¶ protected
_checkToken(ArrayAccess|array $identity, string $tokenHash): boolChecks whether a token hash matches the identity data.
Parameters
-
ArrayAccess|array$identity Identity data.
-
string$tokenHash Hashed part of a cookie token.
Returns
bool_checkUrl() ¶ protected
_checkUrl(Psr\Http\Message\ServerRequestInterface $request): boolChecks the Login URL
Parameters
-
Psr\Http\Message\ServerRequestInterface$request The request that contains login information.
Returns
bool_configDelete() ¶ protected
_configDelete(string $key): voidDeletes a single config key.
Parameters
-
string$key Key to delete.
Returns
voidThrows
Cake\Core\Exception\CakeExceptionif attempting to clobber existing config
_configRead() ¶ protected
_configRead(string|null $key): mixedReads a config key.
Parameters
-
string|null$key Key to read.
Returns
mixed_configWrite() ¶ protected
_configWrite(array<string, mixed>|string $key, mixed $value, string|bool $merge = false): voidWrites a config key.
Parameters
-
array<string, mixed>|string$key Key to write to.
-
mixed$value Value to write.
-
string|bool$merge optional True to merge recursively, 'shallow' for simple merge, false to overwrite, defaults to false.
Returns
voidThrows
Cake\Core\Exception\CakeExceptionif attempting to clobber existing config
_createCookie() ¶ protected
_createCookie(mixed $value): Cake\Http\Cookie\CookieInterfaceCreates a cookie instance with configured defaults.
Parameters
-
mixed$value Cookie value.
Returns
Cake\Http\Cookie\CookieInterface_createPlainToken() ¶ protected
_createPlainToken(ArrayAccess|array $identity): stringCreates a plain part of a cookie token.
Returns concatenated username, password hash, and HMAC signature.
Parameters
-
ArrayAccess|array$identity Identity data.
Returns
string_createToken() ¶ protected
_createToken(ArrayAccess|array $identity): stringCreates a full cookie token serialized as a JSON sting.
Cookie token consists of a username and hashed username + password hash.
Parameters
-
ArrayAccess|array$identity Identity data.
Returns
stringThrows
JsonException_getUrlChecker() ¶ protected
_getUrlChecker(): Authentication\UrlChecker\UrlCheckerInterfaceGets the login URL checker
Returns
Authentication\UrlChecker\UrlCheckerInterfaceauthenticate() ¶ public
authenticate(Psr\Http\Message\ServerRequestInterface $request): Authentication\Authenticator\ResultInterfaceAuthenticate a user based on the request information.
Parameters
-
Psr\Http\Message\ServerRequestInterface$request
Returns
Authentication\Authenticator\ResultInterfaceclearIdentity() ¶ public
clearIdentity(Psr\Http\Message\ServerRequestInterface $request, Psr\Http\Message\ResponseInterface $response): array{request: \Psr\Http\Message\ServerRequestInterface, response: \Psr\Http\Message\ResponseInterface}Clears the identity data
Parameters
-
Psr\Http\Message\ServerRequestInterface$request -
Psr\Http\Message\ResponseInterface$response
Returns
array{request: \Psr\Http\Message\ServerRequestInterface, response: \Psr\Http\Message\ResponseInterface}configShallow() ¶ public
configShallow(array<string, mixed>|string $key, mixed|null $value = null): $thisMerge provided config with existing config. Unlike config() which does
a recursive merge for nested keys, this method does a simple merge.
Setting a specific value:
$this->configShallow('key', $value);Setting a nested value:
$this->configShallow('some.nested.key', $value);Updating multiple config settings at the same time:
$this->configShallow(['one' => 'value', 'another' => 'value']);Parameters
-
array<string, mixed>|string$key The key to set, or a complete array of configs.
-
mixed|null$value optional The value to set.
Returns
$thisgetConfig() ¶ public
getConfig(string|null $key = null, mixed $default = null): mixedReturns the config.
Usage
Reading the whole config:
$this->getConfig();Reading a specific value:
$this->getConfig('key');Reading a nested value:
$this->getConfig('some.nested.key');Reading with default value:
$this->getConfig('some-key', 'default-value');Parameters
-
string|null$key optional The key to get or null for the whole config.
-
mixed$default optional The return value when the key does not exist.
Returns
mixedConfiguration data at the named key or null if the key does not exist.
getConfigOrFail() ¶ public
getConfigOrFail(string $key): mixedReturns the config for this specific key.
The config value for this key must exist, it can never be null.
Parameters
-
string$key The key to get.
Returns
mixedConfiguration data at the named key
Throws
InvalidArgumentExceptiongetIdentifier() ¶ public
getIdentifier(): Authentication\Identifier\IdentifierInterfaceGets the identifier.
Returns
Authentication\Identifier\IdentifierInterfacegetPasswordHasher() ¶ public
getPasswordHasher(): Authentication\PasswordHasher\PasswordHasherInterfaceReturn password hasher object. If a password hasher has not been set, DefaultPasswordHasher instance is returned.
Returns
Authentication\PasswordHasher\PasswordHasherInterfacePassword hasher instance.
needsPasswordRehash() ¶ public
needsPasswordRehash(): boolReturns whether or not the password stored in the repository for the logged in user requires to be rehashed with another algorithm
Returns
boolpersistIdentity() ¶ public
persistIdentity(Psr\Http\Message\ServerRequestInterface $request, Psr\Http\Message\ResponseInterface $response, ArrayAccess|array $identity): array{request: \Psr\Http\Message\ServerRequestInterface, response: \Psr\Http\Message\ResponseInterface}Persists the users data
Parameters
-
Psr\Http\Message\ServerRequestInterface$request -
Psr\Http\Message\ResponseInterface$response -
ArrayAccess|array$identity
Returns
array{request: \Psr\Http\Message\ServerRequestInterface, response: \Psr\Http\Message\ResponseInterface}setConfig() ¶ public
setConfig(array<string, mixed>|string $key, mixed|null $value = null, bool $merge = true): $thisSets the config.
Usage
Setting a specific value:
$this->setConfig('key', $value);Setting a nested value:
$this->setConfig('some.nested.key', $value);Updating multiple config settings at the same time:
$this->setConfig(['one' => 'value', 'another' => 'value']);Parameters
-
array<string, mixed>|string$key The key to set, or a complete array of configs.
-
mixed|null$value optional The value to set.
-
bool$merge optional Whether to recursively merge or overwrite existing config, defaults to true.
Returns
$thisThrows
Cake\Core\Exception\CakeExceptionWhen trying to set a key that is invalid.
setIdentifier() ¶ public
setIdentifier(Authentication\Identifier\IdentifierInterface $identifier): $thisSets the identifier.
Parameters
-
Authentication\Identifier\IdentifierInterface$identifier IdentifierInterface instance.
Returns
$thissetPasswordHasher() ¶ public
setPasswordHasher(Authentication\PasswordHasher\PasswordHasherInterface $passwordHasher): $thisSets password hasher object.
Parameters
-
Authentication\PasswordHasher\PasswordHasherInterface$passwordHasher Password hasher instance.
Returns
$thisProperty Detail
$_configInitialized ¶ protected
Whether the config property has already been configured with defaults
Type
bool$_defaultConfig ¶ protected
Default config for this object.
fieldsThe fields to use to identify a user by.
Type
array$_identifier ¶ protected
Identifier or identifiers collection.
Type
Authentication\Identifier\IdentifierInterface$_needsPasswordRehash ¶ protected
Whether the user authenticated by this class requires their password to be rehashed with another algorithm.
Type
bool$_passwordHasher ¶ protected
Password hasher instance.
Type
Authentication\PasswordHasher\PasswordHasherInterface|null