Class FormAuthenticate
An authentication adapter for AuthComponent. Provides the ability to authenticate using POST data. Can be used by configuring AuthComponent to use it via the AuthComponent::$authenticate config.
$this->Auth->authenticate = [ 'Form' => [ 'finder' => ['auth' => ['some_finder_option' => 'some_value']] ] ]
When configuring FormAuthenticate you can pass in config to which fields, model and additional conditions are used. See FormAuthenticate::$_config for more information.
- Cake\Auth\BaseAuthenticate implements Cake\Event\EventListenerInterface uses Cake\Core\InstanceConfigTrait
- Cake\Auth\FormAuthenticate
See: \Cake\Controller\Component\AuthComponent::$authenticate
Location: Auth/FormAuthenticate.php
Inherited Properties
Method Summary
- _checkFields() protectedChecks the fields to ensure they are supplied.
- authenticate() public
Authenticates the identity contained in a request. Will use the
config.userModel
, andconfig.fields
to find POST data that is used to find a matching record in theconfig.userModel
. Will return false if there is no post data, either username or password is missing, or if the scope conditions have not been met.
Method Detail
_checkFields()source protected
_checkFields( Cake\Network\Request $request , array $fields )
Checks the fields to ensure they are supplied.
Parameters
-
Cake\Network\Request
$request
- The request that contains login information.
- array
$fields
- The fields to be checked.
Returns
booleanFalse if the fields have not been supplied. True if they exist.
authenticate()source public
authenticate( Cake\Network\Request $request , Cake\Network\Response $response )
Authenticates the identity contained in a request. Will use the config.userModel
, and config.fields
to find POST data that is used to find a matching record in the config.userModel
. Will return false if there is no post data, either username or password is missing, or if the scope conditions have not been met.
Parameters
-
Cake\Network\Request
$request
- The request that contains login information.
-
Cake\Network\Response
$response
- Unused response object.
Returns
mixedFalse on login failure. An array of User data on success.
Methods inherited from Cake\Auth\BaseAuthenticate
__construct()source public
__construct( Cake\Controller\ComponentRegistry $registry , array $config [] )
Constructor
Parameters
-
Cake\Controller\ComponentRegistry
$registry
- The Component registry used on this request.
- array
$config
optional [] - Array of config to use.
_findUser()source protected
_findUser( string $username , string|null $password null )
Find a user record using the username and password provided.
Input passwords will be hashed even when a user doesn't exist. This helps mitigate timing attacks that are attempting to find valid usernames.
Parameters
- string
$username
- The username/identifier.
- string|null
$password
optional null The password, if not provided password checking is skipped and result of find is returned.
Returns
boolean|arrayEither false on failure, or an array of user data.
_query()source protected
_query( string $username )
Get query object for fetching user from database.
Parameters
- string
$username
- The username/identifier.
Returns
Cake\ORM\Query
getUser()source public
getUser( Cake\Network\Request $request )
Get a user based on information in the request. Primarily used by stateless authentication systems like basic and digest auth.
Parameters
-
Cake\Network\Request
$request
- Request object.
Returns
mixedEither false or an array of user information
implementedEvents()source public
implementedEvents( )
Returns a list of all events that this authenticate class will listen to.
An authenticate class can listen to following events fired by AuthComponent:
Auth.afterIdentify
- Fired after a user has been identified using one of configured authenticate class. The callback function should have signature likeafterIdentify(Event $event, array $user)
when$user
is the identified user record.Auth.logout
- Fired when AuthComponent::logout() is called. The callback function should have signature likelogout(Event $event, array $user)
where$user
is the user about to be logged out.
Returns
arrayList of events this class listens to. Defaults to
[]
.Implementation of
Cake\Event\EventListenerInterface::implementedEvents()
needsPasswordRehash()source public
needsPasswordRehash( )
Returns whether or not the password stored in the repository for the logged in user requires to be rehashed with another algorithm
Returns
booleanpasswordHasher()source public
passwordHasher( )
Return password hasher object
Returns
Cake\Auth\AbstractPasswordHasher
Password hasher instance
Throws
RuntimeExceptionIf password hasher class not found or it does not extend AbstractPasswordHasher
unauthenticated()source public
unauthenticated( Cake\Network\Request $request , Cake\Network\Response $response )
Handle unauthenticated access attempt. In implementation valid return values can be:
- Null - No action taken, AuthComponent should return appropriate response.
- Cake\Network\Response - A response object, which will cause AuthComponent to simply return that response.
Parameters
-
Cake\Network\Request
$request
- A request object.
-
Cake\Network\Response
$response
- A response object.
Methods used from Cake\Core\InstanceConfigTrait
_configDelete()source protected
_configDelete( string $key )
Delete a single config key
Parameters
- string
$key
- Key to delete.
Throws
Cake\Core\Exception\Exception
if attempting to clobber existing config
_configRead()source protected
_configRead( string|null $key )
Read a config variable
Parameters
- string|null
$key
- Key to read.
Returns
mixed_configWrite()source protected
_configWrite( string|array $key , mixed $value , boolean|string $merge false )
Write a config variable
Parameters
- string|array
$key
- Key to write to.
- mixed
$value
- Value to write.
- boolean|string
$merge
optional false True to merge recursively, 'shallow' for simple merge, false to overwrite, defaults to false.
Throws
Cake\Core\Exception\Exception
if attempting to clobber existing config
config()source public
config( string|array|null $key null , mixed|null $value null , boolean $merge true )
Usage
Reading the whole config:
$this->config();
Reading a specific value:
$this->config('key');
Reading a nested value:
$this->config('some.nested.key');
Setting a specific value:
$this->config('key', $value);
Setting a nested value:
$this->config('some.nested.key', $value);
Updating multiple config settings at the same time:
$this->config(['one' => 'value', 'another' => 'value']);
Parameters
- string|array|null
$key
optional null - The key to get/set, or a complete array of configs.
- mixed|null
$value
optional null - The value to set.
- boolean
$merge
optional true - Whether to recursively merge or overwrite existing config, defaults to true.
Returns
mixedConfig value being read, or the object itself on write operations.
Throws
Cake\Core\Exception\Exception
When trying to set a key that is invalid.
configShallow()source public
configShallow( string|array $key , mixed|null $value null )
Merge provided config with existing config. Unlike config()
which does a recursive merge for nested keys, this method does a simple merge.
Setting a specific value:
$this->config('key', $value);
Setting a nested value:
$this->config('some.nested.key', $value);
Updating multiple config settings at the same time:
$this->config(['one' => 'value', 'another' => 'value']);
Parameters
- string|array
$key
- The key to set, or a complete array of configs.
- mixed|null
$value
optional null - The value to set.
Returns
$this The object itself.
© 2005–2016 The Cake Software Foundation, Inc.
Licensed under the MIT License.
CakePHP is a registered trademark of Cake Software Foundation, Inc.
We are not endorsed by or affiliated with CakePHP.
http://api.cakephp.org/3.2/class-Cake.Auth.FormAuthenticate.html