Provides authentication and authorization support. More...

Inheritance diagram for Auth:

Public Member Functions
	setLoggedUser (pclib\AuthUser $user=null)
	Take $user and log him in. More...

	getUser ($userName=null)
	Without parameter it returns logged user, user $userName otherwise. More...

	reloadLoggedUser ()
	Reload logged user from database. More...

	exists ($userName)
	Check if user $userName exists. More...

	getStorage ()
	Return storage object - if not exists, create one.

	login ($userName, $password)
	Authenticate user $userName with password $password. More...

	logout ()
	Logout active user.

	testRight ($name, $objectId=0)
	Check if logged user has permission $name. More...

	isLogged ()
	Check if someone is logged in.

	hasRight ($name, $objectId=0)
	Check if logged user has permission $name. More...

	hasRole ($role)
	Check if logged user has role $role. More...

Public Member Functions inherited from AuthBase
	__construct ()
	Constructor - load config parameters.

	passwordHash ($password)
	Return password hash. More...

	passwordHashVerify ($password, $hash)
	Verify password hash. More...

	setError ($message)
	Add error message into ->errors variable. More...

Public Member Functions inherited from BaseObject
	loadDefaults ($className=null)
	Load default parameters of class $className into object instance.

	setProperties (array $defaults)
	Set public properties of object from the array. More...

	toArray ()
	Convert object to array. More...

Data Fields
	$storage
	var AuthDbStorage

	$realm
	Apps with the same realm share authentization session.

	$verifyRemote = true
	Check if remote address changed.

	$cleanDefaultPassword = true
	Delete plain-text default password from database on first login.

	$loggedUser
	var AuthUser User which is logged in.

Data Fields inherited from AuthBase
	$errors = array()
	Array of error messages (if any)

	$secret
	Secret string used for enpowerment of md5 hash.

	$passwordAlgo
	Password algorhitm - can be 'md5', 'bcrypt', 'bcrypt-md5'.

	$passwordCost = 10
	Bcrypt cost.

	$throwsExceptions = false
	Throws exceptions instead of just collecting errors in ->errors.

Data Fields inherited from BaseObject
	$serviceLocator
	var function() Return service object when requested with service().

Protected Member Functions
	getUserIp (pclib\AuthUser $user)
	Get user ip-address, check if changed and log notice if so.

	getSessionUser ()
	Load user from session storage, check session validity. More...

	setSessionUser (pclib\AuthUser $user=null)
	Store user to session. More...

Protected Member Functions inherited from AuthBase
	log ($category, $messageId, $message=null, $itemId=null)
	log security issue using App->logger.

Protected Member Functions inherited from BaseObject
	service ($service, $default=null)
	Try acquire $service and load it into property $this->$service. More...

Additional Inherited Members
Static Public Member Functions inherited from BaseObject
static	defaults ()
	Set or retireve default parameters of the object. More...

Protected Attributes inherited from AuthBase
	$app
	var App

Detailed Description

Provides authentication and authorization support.

Features:

Unlimited number of users.
Each user has assigned roles, each role has permissions.
Exceptions for single users, default passwords, logging security issues and more.
See also
AuthManager User account management.

Note
This class requires enabled sessions.

Member Function Documentation

◆ exists()

exists ( $userName )

Check if user $userName exists.

Parameters

string $userName

Returns: bool $yes

◆ getSessionUser()

getSessionUser ( )

protected

Load user from session storage, check session validity.

Returns: AuthUser $user;

◆ getUser()

getUser ( $userName = null )

Without parameter it returns logged user, user $userName otherwise.

Parameters

string $userName

Returns: AuthUser $user

◆ hasRight()

hasRight	(	$name,
		$objectId = `0`
	)

Check if logged user has permission $name.

Parameters

string $name

Returns: bool $yes

◆ hasRole()

hasRole ( $role )

Check if logged user has role $role.

Parameters

string $role

Returns: bool $yes

◆ login()

login	(	$userName,
		$password
	)

Authenticate user $userName with password $password.

If user passed, log him in.

Parameters

string	$userName
string	$password

Returns: bool $success

◆ reloadLoggedUser()

reloadLoggedUser ( )

Reload logged user from database.

Use if you need propagate changes immediately.

Returns: AuthUser $user

◆ setLoggedUser()

setLoggedUser ( pclib\AuthUser $user = null )

Take $user and log him in.

◆ setSessionUser()

setSessionUser ( pclib\AuthUser $user = null )

protected

Store user to session.

Parameters

AuthUser $user,;

◆ testRight()

testRight	(	$name,
		$objectId = `0`
	)

Check if logged user has permission $name.

If not, throw exception and log security issue.

Parameters

string	$name	Name of permission.
int	$objectId	resource object id

The documentation for this class was generated from the following file:

Auth.php

Public Member Functions

Data Fields

Protected Member Functions

Additional Inherited Members

Detailed Description

Member Function Documentation

◆ exists()

◆ getSessionUser()

◆ getUser()

◆ hasRight()

◆ hasRole()

◆ login()

◆ reloadLoggedUser()

◆ setLoggedUser()

◆ setSessionUser()

◆ testRight()