Class FormAuthenticate
Form authentication adapter for AuthComponent.
Allows you to authenticate users based on form POST data. Usually, this is a login form that users enter information into.
Using Form auth
Load AuthComponent in your controller's initialize() and add 'Form' in 'authenticate' key
$this->loadComponent('Auth', [ 'authenticate' => [ 'Form' => [ 'fields' => ['username' => 'email', 'password' => 'passwd'], 'finder' => 'auth', ] ] ]);
When configuring FormAuthenticate you can pass in config to which fields, model and finder
are used. See BaseAuthenticate::$_defaultConfig for more information.
- Cake\Auth\BaseAuthenticate implements Cake\Event\EventListenerInterface uses Cake\Core\InstanceConfigTrait , Cake\ORM\Locator\LocatorAwareTrait
-
Cake\Auth\FormAuthenticate
See: https://book.cakephp.org/3.0/en/controllers/components/authentication.html
Location: Auth/FormAuthenticate.php
Inherited Properties
Method Summary
-
_checkFields() protected
Checks the fields to ensure they are supplied. -
authenticate() public
Authenticates the identity contained in a request. Will use the
config.userModel, andconfig.fieldsto find POST data that is used to find a matching record in theconfig.userModel. Will return false if there is no post data, either username or password is missing, or if the scope conditions have not been met.
Method Detail
_checkFields() protected ¶
_checkFields( Cake\Http\ServerRequest $request , array $fields )
Checks the fields to ensure they are supplied.
Parameters
-
Cake\Http\ServerRequest$request - The request that contains login information.
- array $fields
- The fields to be checked.
Returns
False if the fields have not been supplied. True if they exist.
authenticate() public ¶
authenticate( Cake\Http\ServerRequest $request , Cake\Http\Response $response )
Authenticates the identity contained in a request. Will use the config.userModel, and config.fields
to find POST data that is used to find a matching record in the config.userModel. Will return false if
there is no post data, either username or password is missing, or if the scope conditions have not been met.
Parameters
-
Cake\Http\ServerRequest$request - The request that contains login information.
-
Cake\Http\Response$response - Unused response object.
Returns
False on login failure. An array of User data on success.
Methods inherited from Cake\Auth\BaseAuthenticate
__construct() public ¶
__construct( Cake\Controller\ComponentRegistry $registry , array $config [] )
Constructor
Parameters
-
Cake\Controller\ComponentRegistry$registry - The Component registry used on this request.
- array $config optional []
- Array of config to use.
_findUser() protected ¶
_findUser( string $username , string|null $password null )
Find a user record using the username and password provided.
Input passwords will be hashed even when a user doesn't exist. This helps mitigate timing attacks that are attempting to find valid usernames.
Parameters
- string $username
- The username/identifier.
- string|null $password optional null
The password, if not provided password checking is skipped and result of find is returned.
Returns
Either false on failure, or an array of user data.
_query() protected ¶
_query( string $username )
Get query object for fetching user from database.
Parameters
- string $username
- The username/identifier.
Returns
getUser() public ¶
getUser( Cake\Http\ServerRequest $request )
Get a user based on information in the request. Primarily used by stateless authentication systems like basic and digest auth.
Parameters
-
Cake\Http\ServerRequest$request - Request object.
Returns
Either false or an array of user information
implementedEvents() public ¶
implementedEvents( )
Returns a list of all events that this authenticate class will listen to.
An authenticate class can listen to following events fired by AuthComponent:
Auth.afterIdentify- Fired after a user has been identified using one of configured authenticate class. The callback function should have signature likeafterIdentify(Event $event, array $user)when$useris the identified user record.Auth.logout- Fired when AuthComponent::logout() is called. The callback function should have signature likelogout(Event $event, array $user)where$useris the user about to be logged out.
Returns
List of events this class listens to. Defaults to
[].Implementation of
needsPasswordRehash() public ¶
needsPasswordRehash( )
Returns whether or not the password stored in the repository for the logged in user requires to be rehashed with another algorithm
Returns
passwordHasher() public ¶
passwordHasher( )
Return password hasher object
Returns
Throws
If password hasher class not found or it does not extend AbstractPasswordHasher
unauthenticated() public ¶
unauthenticated( Cake\Http\ServerRequest $request , Cake\Http\Response $response )
Handle unauthenticated access attempt. In implementation valid return values can be:
- Null - No action taken, AuthComponent should return appropriate response.
- Cake\Http\Response - A response object, which will cause AuthComponent to simply return that response.
Parameters
-
Cake\Http\ServerRequest$request - A request object.
-
Cake\Http\Response$response - A response object.
Methods used from Cake\Core\InstanceConfigTrait
_configDelete() protected ¶
_configDelete( string $key )
Deletes a single config key.
Parameters
- string $key
- Key to delete.
Throws
_configRead() protected ¶
_configRead( string|null $key )
Reads a config key.
Parameters
- string|null $key
- Key to read.
Returns
_configWrite() protected ¶
_configWrite( string|array $key , mixed $value , boolean|string $merge false )
Writes a config key.
Parameters
- string|array $key
- Key to write to.
- mixed $value
- Value to write.
- boolean|string $merge optional false
True to merge recursively, 'shallow' for simple merge, false to overwrite, defaults to false.
Throws
config() public ¶
config( string|array|null $key null , mixed|null $value null , boolean $merge true )
Gets/Sets the config.
Usage
Reading the whole config:
$this->config();
Reading a specific value:
$this->config('key');
Reading a nested value:
$this->config('some.nested.key');
Setting a specific value:
$this->config('key', $value);
Setting a nested value:
$this->config('some.nested.key', $value);
Updating multiple config settings at the same time:
$this->config(['one' => 'value', 'another' => 'value']);
Deprecated
Parameters
- string|array|null $key optional null
- The key to get/set, or a complete array of configs.
- mixed|null $value optional null
- The value to set.
- boolean $merge optional true
- Whether to recursively merge or overwrite existing config, defaults to true.
Returns
Config value being read, or the object itself on write operations.
Throws
configShallow() public ¶
configShallow( string|array $key , mixed|null $value null )
Merge provided config with existing config. Unlike config() which does
a recursive merge for nested keys, this method does a simple merge.
Setting a specific value:
$this->configShallow('key', $value);
Setting a nested value:
$this->configShallow('some.nested.key', $value);
Updating multiple config settings at the same time:
$this->configShallow(['one' => 'value', 'another' => 'value']);
Parameters
- string|array $key
- The key to set, or a complete array of configs.
- mixed|null $value optional null
- The value to set.
Returns
$this
getConfig() public ¶
getConfig( string|null $key null , mixed $default null )
Returns the config.
Usage
Reading the whole config:
$this->getConfig();
Reading a specific value:
$this->getConfig('key');
Reading a nested value:
$this->getConfig('some.nested.key');
Reading with default value:
$this->getConfig('some-key', 'default-value');
Parameters
- string|null $key optional null
- The key to get or null for the whole config.
- mixed $default optional null
- The return value when the key does not exist.
Returns
Config value being read.
setConfig() public ¶
setConfig( string|array $key , mixed|null $value null , boolean $merge true )
Sets the config.
Usage
Setting a specific value:
$this->setConfig('key', $value);
Setting a nested value:
$this->setConfig('some.nested.key', $value);
Updating multiple config settings at the same time:
$this->setConfig(['one' => 'value', 'another' => 'value']);
Parameters
- string|array $key
- The key to set, or a complete array of configs.
- mixed|null $value optional null
- The value to set.
- boolean $merge optional true
- Whether to recursively merge or overwrite existing config, defaults to true.
Returns
$this
Throws
Methods used from Cake\ORM\Locator\LocatorAwareTrait
setTableLocator() public ¶
setTableLocator( Cake\ORM\Locator\LocatorInterface $tableLocator )
Sets the table locator.
Parameters
-
Cake\ORM\Locator\LocatorInterface$tableLocator - LocatorInterface instance.
Returns
$this
tableLocator() public ¶
tableLocator( Cake\ORM\Locator\LocatorInterface $tableLocator null )
Sets the table locator. If no parameters are passed, it will return the currently used locator.
Deprecated
Parameters
-
Cake\ORM\Locator\LocatorInterface$tableLocator optional null - LocatorInterface instance.