Class BasicAuthenticate

Basic Authentication adapter for AuthComponent.

Provides Basic HTTP authentication support for AuthComponent. Basic Auth will authenticate users against the configured userModel and verify the username and passwords match.

Using Basic auth

In your controller's components array, add auth + the required config

public $components = [
    'Auth' => [
        'authenticate' => ['Basic']
    ]
];

You should also set AuthComponent::$sessionKey = false; in your AppController's beforeFilter() to prevent CakePHP from sending a session cookie to the client.

Since HTTP Basic Authentication is stateless you don't need a login() action in your controller. The user credentials will be checked on each request. If valid credentials are not provided, required authentication headers will be sent by this authentication provider which triggers the login dialog in the browser/client.

You may also want to use $this->Auth->unauthorizedRedirect = false;. By default, unauthorized users are redirected to the referrer URL, AuthComponent::$loginAction, or '/'. If unauthorizedRedirect is set to false, a ForbiddenException exception is thrown instead of redirecting.

Cake\Auth\BaseAuthenticate implements Cake\Event\EventListenerInterface uses Cake\Core\InstanceConfigTrait
Extended by Cake\Auth\BasicAuthenticate

Direct known subclasses

Cake\Auth\DigestAuthenticate
Namespace: Cake\Auth
Located at Auth/BasicAuthenticate.php

Method Detail

authenticatesource public 

authenticate( Cake\Network\Request $request , Cake\Network\Response $response )

Authenticate a user using HTTP auth. Will use the configured User model and attempt a login using HTTP auth.

Parameters

Cake\Network\Request $request
The request to authenticate with.
Cake\Network\Response $response
The response to add headers to.

Returns

mixed
Either false on failure, or an array of user data on success.

getUsersource public 

getUser( Cake\Network\Request $request )

Get a user based on information in the request. Used by cookie-less auth for stateless clients.

Parameters

Cake\Network\Request $request
Request object.

Returns

mixed
Either false or an array of user information

Overrides

Cake\Auth\BaseAuthenticate::getUser()

loginHeaderssource public 

loginHeaders( Cake\Network\Request $request )

Generate the login headers

Parameters

Cake\Network\Request $request
Request object.

Returns

string
Headers for logging in.

unauthenticatedsource public 

unauthenticated( Cake\Network\Request $request , Cake\Network\Response $response )

Handles an unauthenticated access attempt by sending appropriate login headers

Parameters

Cake\Network\Request $request
A request object.
Cake\Network\Response $response
A response object.

Throws

Cake\Network\Exception\UnauthorizedException
\Cake\Network\Exception\UnauthorizedException

Overrides

Cake\Auth\BaseAuthenticate::unauthenticated()

Methods inherited from Cake\Auth\BaseAuthenticate

__constructsource public 

__construct( Cake\Controller\ComponentRegistry $registry , array $config [] )

Constructor

Parameters

Cake\Controller\ComponentRegistry $registry
The Component registry used on this request.
array $config optional []
Array of config to use.

_findUsersource protected 

_findUser( string $username , string|null $password null )

Find a user record using the username and password provided.

Input passwords will be hashed even when a user doesn't exist. This helps mitigate timing attacks that are attempting to find valid usernames.

Parameters

string $username
The username/identifier.
string|null $password optional null
The password, if not provided password checking is skipped and result of find is returned.

Returns

boolean|array
Either false on failure, or an array of user data.

_querysource protected 

_query( string $username )

Get query object for fetching user from database.

Parameters

string $username
The username/identifier.

Returns

Cake\ORM\Query
\Cake\ORM\Query

implementedEventssource public 

implementedEvents( )

Returns a list of all events that this authenticate class will listen to.

An authenticate class can listen to following events fired by AuthComponent:

  • Auth.afterIdentify - Fired after a user has been identified using one of configured authenticate class. The callback function should have signature like afterIdentify(Event $event, array $user) when $user is the identified user record.
  • Auth.logout - Fired when AuthComponent::logout() is called. The callback function should have signature like logout(Event $event, array $user) where $user is the user about to be logged out.

Returns

array
List of events this class listens to. Defaults to [].

Implementation of

Cake\Event\EventListenerInterface::implementedEvents()

needsPasswordRehashsource public 

needsPasswordRehash( )

Returns whether or not the password stored in the repository for the logged in user requires to be rehashed with another algorithm

Returns

boolean
bool

passwordHashersource public 

passwordHasher( )

Return password hasher object

Returns

Cake\Auth\AbstractPasswordHasher
Password hasher instance

Throws

RuntimeException
If password hasher class not found or it does not extend AbstractPasswordHasher

Methods used from Cake\Core\InstanceConfigTrait

_configDeletesource protected 

_configDelete( string $key )

Delete a single config key

Parameters

string $key
Key to delete.

Throws

Cake\Core\Exception\Exception
if attempting to clobber existing config

_configReadsource protected 

_configRead( string|null $key )

Read a config variable

Parameters

string|null $key
Key to read.

Returns

mixed
mixed

_configWritesource protected 

_configWrite( string|array $key , mixed $value , boolean|string $merge false )

Write a config variable

Parameters

string|array $key
Key to write to.
mixed $value
Value to write.
boolean|string $merge optional false
True to merge recursively, 'shallow' for simple merge, false to overwrite, defaults to false.

Throws

Cake\Core\Exception\Exception
if attempting to clobber existing config

configsource public 

config( string|array|null $key null , mixed|null $value null , boolean $merge true )

Usage

Reading the whole config:

$this->config();

Reading a specific value:

$this->config('key');

Reading a nested value:

$this->config('some.nested.key');

Setting a specific value:

$this->config('key', $value);

Setting a nested value:

$this->config('some.nested.key', $value);

Updating multiple config settings at the same time:

$this->config(['one' => 'value', 'another' => 'value']);

Parameters

string|array|null $key optional null
The key to get/set, or a complete array of configs.
mixed|null $value optional null
The value to set.
boolean $merge optional true
Whether to recursively merge or overwrite existing config, defaults to true.

Returns

mixed
Config value being read, or the object itself on write operations.

Throws

Cake\Core\Exception\Exception
When trying to set a key that is invalid.

configShallowsource public 

configShallow( string|array $key , mixed|null $value null )

Merge provided config with existing config. Unlike config() which does a recursive merge for nested keys, this method does a simple merge.

Setting a specific value:

$this->config('key', $value);

Setting a nested value:

$this->config('some.nested.key', $value);

Updating multiple config settings at the same time:

$this->config(['one' => 'value', 'another' => 'value']);

Parameters

string|array $key
The key to set, or a complete array of configs.
mixed|null $value optional null
The value to set.

Returns

mixed
$this The object itself.

Properties inherited from Cake\Auth\BaseAuthenticate

$_defaultConfigsource

protected array

Default config for this object.

  • fields The fields to use to identify a user by.
  • userModel The alias for users table, defaults to Users.
  • finder The finder method to use to fetch user record. Defaults to 'all'.
  • passwordHasher Password hasher class. Can be a string specifying class name or an array containing className key, any other keys will be passed as config to the class. Defaults to 'Default'.
  • Options scope and contain have been deprecated since 3.1. Use custom finder instead to modify the query to fetch user record.
[
    'fields' => [
        'username' => 'username',
        'password' => 'password'
    ],
    'userModel' => 'Users',
    'scope' => [],
    'finder' => 'all',
    'contain' => null,
    'passwordHasher' => 'Default'
]

$_needsPasswordRehashsource

protected boolean

Whether or not the user authenticated by this class requires their password to be rehashed with another algorithm.

false

$_passwordHashersource

protected Cake\Auth\AbstractPasswordHasher

Password hasher instance.

$_registrysource

protected Cake\Controller\ComponentRegistry

A Component registry, used to get more components.

Properties used from Cake\Core\InstanceConfigTrait

$_configsource

protected array

Runtime config

[]

$_configInitializedsource

protected boolean

Whether the config property has already been configured with defaults

false

© 2005–2016 The Cake Software Foundation, Inc.
Licensed under the MIT License.
CakePHP is a registered trademark of Cake Software Foundation, Inc.
We are not endorsed by or affiliated with CakePHP.
http://api.cakephp.org/3.1/class-Cake.Auth.BasicAuthenticate.html