This repository has been archived on 2024-04-08. You can view files and clone it, but cannot push or open issues or pull requests.
khosb/includes/kohana/modules/auth/classes/Kohana/Auth.php

172 lines
3.9 KiB
PHP
Raw Normal View History

2012-11-09 12:18:50 +00:00
<?php defined('SYSPATH') OR die('No direct access allowed.');
2010-08-21 04:43:03 +00:00
/**
* User authorization library. Handles user login and logout, as well as secure
* password hashing.
*
* @package Kohana/Auth
* @author Kohana Team
2012-11-09 12:18:50 +00:00
* @copyright (c) 2007-2012 Kohana Team
2011-05-13 06:00:25 +00:00
* @license http://kohanaframework.org/license
2010-08-21 04:43:03 +00:00
*/
abstract class Kohana_Auth {
// Auth instances
protected static $_instance;
/**
* Singleton pattern
*
* @return Auth
*/
public static function instance()
{
if ( ! isset(Auth::$_instance))
{
// Load the configuration for this type
2012-11-09 12:18:50 +00:00
$config = Kohana::$config->load('auth');
2010-08-21 04:43:03 +00:00
if ( ! $type = $config->get('driver'))
{
2011-05-13 06:00:25 +00:00
$type = 'file';
2010-08-21 04:43:03 +00:00
}
// Set the session class name
$class = 'Auth_'.ucfirst($type);
// Create a new session instance
Auth::$_instance = new $class($config);
}
return Auth::$_instance;
}
protected $_session;
protected $_config;
/**
* Loads Session and configuration options.
*
2012-11-09 12:18:50 +00:00
* @param array $config Config Options
2010-08-21 04:43:03 +00:00
* @return void
*/
public function __construct($config = array())
{
// Save the config in the object
$this->_config = $config;
2012-11-09 12:18:50 +00:00
$this->_session = Session::instance($this->_config['session_type']);
2010-08-21 04:43:03 +00:00
}
abstract protected function _login($username, $password, $remember);
abstract public function password($username);
abstract public function check_password($password);
/**
* Gets the currently logged in user from the session.
2011-05-13 06:00:25 +00:00
* Returns NULL if no user is currently logged in.
2010-08-21 04:43:03 +00:00
*
2012-11-09 12:18:50 +00:00
* @param mixed $default Default value to return if the user is currently not logged in.
2010-08-21 04:43:03 +00:00
* @return mixed
*/
2011-05-13 06:00:25 +00:00
public function get_user($default = NULL)
2010-08-21 04:43:03 +00:00
{
2011-05-13 06:00:25 +00:00
return $this->_session->get($this->_config['session_key'], $default);
2010-08-21 04:43:03 +00:00
}
/**
* Attempt to log in a user by using an ORM object and plain-text password.
*
2012-11-09 12:18:50 +00:00
* @param string $username Username to log in
* @param string $password Password to check against
* @param boolean $remember Enable autologin
2010-08-21 04:43:03 +00:00
* @return boolean
*/
public function login($username, $password, $remember = FALSE)
{
if (empty($password))
return FALSE;
return $this->_login($username, $password, $remember);
}
/**
* Log out a user by removing the related session variables.
*
2012-11-09 12:18:50 +00:00
* @param boolean $destroy Completely destroy the session
* @param boolean $logout_all Remove all tokens for user
2010-08-21 04:43:03 +00:00
* @return boolean
*/
public function logout($destroy = FALSE, $logout_all = FALSE)
{
if ($destroy === TRUE)
{
// Destroy the session completely
$this->_session->destroy();
}
else
{
// Remove the user from the session
$this->_session->delete($this->_config['session_key']);
// Regenerate session_id
$this->_session->regenerate();
}
// Double check
return ! $this->logged_in();
}
/**
* Check if there is an active session. Optionally allows checking for a
2011-05-13 06:00:25 +00:00
* specific role.
2010-08-21 04:43:03 +00:00
*
2012-11-09 12:18:50 +00:00
* @param string $role role name
2010-08-21 04:43:03 +00:00
* @return mixed
*/
public function logged_in($role = NULL)
{
2011-05-13 06:00:25 +00:00
return ($this->get_user() !== NULL);
2010-08-21 04:43:03 +00:00
}
/**
2011-05-13 06:00:25 +00:00
* Creates a hashed hmac password from a plaintext password. This
* method is deprecated, [Auth::hash] should be used instead.
2010-08-21 04:43:03 +00:00
*
2011-05-13 06:00:25 +00:00
* @deprecated
2012-11-09 12:18:50 +00:00
* @param string $password Plaintext password
2010-08-21 04:43:03 +00:00
*/
2011-05-13 06:00:25 +00:00
public function hash_password($password)
2010-08-21 04:43:03 +00:00
{
2011-05-13 06:00:25 +00:00
return $this->hash($password);
2010-08-21 04:43:03 +00:00
}
/**
2011-05-13 06:00:25 +00:00
* Perform a hmac hash, using the configured method.
2010-08-21 04:43:03 +00:00
*
2012-11-09 12:18:50 +00:00
* @param string $str string to hash
2010-08-21 04:43:03 +00:00
* @return string
*/
public function hash($str)
{
2011-05-13 06:00:25 +00:00
if ( ! $this->_config['hash_key'])
throw new Kohana_Exception('A valid hash key must be set in your auth config.');
2010-08-21 04:43:03 +00:00
2011-05-13 06:00:25 +00:00
return hash_hmac($this->_config['hash_method'], $str, $this->_config['hash_key']);
2010-08-21 04:43:03 +00:00
}
protected function complete_login($user)
{
// Regenerate session_id
$this->_session->regenerate();
// Store username in session
$this->_session->set($this->_config['session_key'], $user);
return TRUE;
}
2011-05-13 06:00:25 +00:00
} // End Auth