Context Navigation

← Previous Change
Next Change →

auth

Timestamp:

04/11/2008 01:53:56 PM (7 months ago)

Author:

Shadowhand

Message:

Make Auth driver-based, so that #551 can be completed.

Location:

trunk/modules/auth

Files:

: 4 added
: 2 modified

config/auth.php (modified) (1 diff)
libraries/Auth.php (modified) (10 diffs)
libraries/drivers (added)
libraries/drivers/Auth (added)
libraries/drivers/Auth.php (added)
libraries/drivers/Auth/ORM.php (added)

Legend:

: Unmodified
: Added
: Removed

trunk/modules/auth/config/auth.php

r1636	r2471
8	8	* and assign any other role to your users.
9	9	*/
	10
	11	/**
	12	* Driver to use for authentication. By default, LDAP and ORM are available.
	13	*/
	14	$config['driver'] = 'ORM';
10	15
11	16	/**

trunk/modules/auth/libraries/Auth.php

r2452	r2471
4	4	* password hashing.
5	5	*
6		* @package User Management
7		* @depends ORM
	6	* @package Auth
8	7	* @author Kohana Team
9	8	* @copyright (c) 2007 Kohana Team
…	…
50	49	public function __construct($config = array())
51	50	{
52		~~// Load libraries~~
53		~~$this->session = Session::instance();~~
54
55	51	// Append default auth configuration
56	52	$config += Config::item('auth');
…	…
62	58	$this->config = $config;
63	59
	60	// Set the driver class name
	61	$driver = 'Auth_'.$config['driver'].'_Driver';
	62
	63	if ( ! Kohana::auto_load($driver))
	64	throw new Kohana_Exception('core.driver_not_found', $config['driver'], get_class($this));
	65
	66	// Load the driver
	67	$driver = new $driver($config);
	68
	69	if ( ! ($driver instanceof Auth_Driver))
	70	throw new Kohana_Exception('core.driver_implements', $config['driver'], get_class($this), 'Auth_Driver');
	71
	72	// Load the driver for access
	73	$this->driver = $driver;
	74
64	75	Log::add('debug', 'Auth Library loaded');
65	76	}
…	…
74	85	public function logged_in($role = NULL)
75	86	{
76		static $status;
77
78		if (is_bool($status))
79		return $status;
80
81		// Not logged in by default
82		$status = FALSE;
83
84		// Check if the user is a valid object
85		if ( ! empty($_SESSION['auth_user']) AND is_object($_SESSION['auth_user'])
86		AND ($_SESSION['auth_user'] instanceof User_Model) AND $_SESSION['auth_user']->id > 0)
87		{
88		// Everything is okay so far
89		$status = TRUE;
90
91		if ($role !== NULL)
92		{
93		// Check that the user has the given role
94		$status = $_SESSION['auth_user']->has_role($role);
95		}
96		}
97
98		return $status;
	87	return $this->driver->logged_in($role);
99	88	}
100	89
…	…
102	91	* Attempt to log in a user by using an ORM object and plain-text password.
103	92	*
104		* @param ~~object user model object~~
105		* @param string p~~lain-text p~~assword to check against
106		* @param boolean ~~to allow auto-login, or "remember me" feature~~
107		* @return boolean
108		*/
109		public function login(~~User_Model $user~~, $password, $remember = FALSE)
	93	* @param string username to log in
	94	* @param string password to check against
	95	* @param boolean enable auto-login
	96	* @return boolean
	97	*/
	98	public function login($username, $password, $remember = FALSE)
110	99	{
111	100	if (empty($password))
112	101	return FALSE;
113	102
114		// Create a hashed password using the salt from the stored password
115		$password = $this->hash_password($password, $this->find_salt($user->password));
116
117		// If the passwords match, perform a login
118		if ($user->has_role('login') AND $user->password === $password)
119		{
120		if ($remember === TRUE)
121		{
122		// Create a new autologin token
123		$token = new User_Token_Model;
124
125		// Set token data
126		$token->user_id = $user->id;
127		$token->expires = time() + $this->config['lifetime'];
128		$token->save();
129
130		// Set the autologin cookie
131		cookie::set('authautologin', $token->token, $this->config['lifetime']);
132		}
133
134		// Finish the login
135		$this->complete_login($user);
136
137		return TRUE;
138		}
139
140		return FALSE;
141		}
142
143		/**
144		* Attempt to automatically log a user in by using tokens.
	103	if (is_string($password))
	104	{
	105	// Get the salt from the stored password
	106	$salt = $this->find_salt($this->driver->password($username));
	107
	108	// Create a hashed password using the salt from the stored password
	109	$password = $this->hash_password($password, $salt);
	110	}
	111
	112	return $this->driver->login($username, $password, $remember);
	113	}
	114
	115	/**
	116	* Attempt to automatically log a user in.
145	117	*
146	118	* @return boolean
…	…
148	120	public function auto_login()
149	121	{
150		if ($token = cookie::get('authautologin'))
151		{
152		// Load the token and user
153		$token = new User_Token_Model($token);
154		$user = new User_Model($token->user_id);
155
156		if ($token->id > 0 AND $user->id > 0)
157		{
158		if ($token->user_agent === sha1(Kohana::$user_agent))
159		{
160		// Save the token to create a new unique token
161		$token->save();
162
163		// Set the new token
164		cookie::set('authautologin', $token->token, $token->expires - time());
165
166		// Complete the login with the found data
167		$this->complete_login($user);
168
169		// Automatic login was successful
170		return TRUE;
171		}
172
173		// Token is invalid
174		$token->delete();
175		}
176		}
177
178		return FALSE;
	122	return $this->driver->auto_login();
	123	}
	124
	125	/**
	126	* Force a login for a specific username.
	127	*
	128	* @param mixed username
	129	* @return boolean
	130	*/
	131	public function force_login($username)
	132	{
	133	return $this->driver->force_login($username);
179	134	}
180	135
…	…
187	142	public function logout($destroy = FALSE)
188	143	{
189		// Delete the autologin cookie if it exists
190		cookie::get('authautologin') and cookie::delete('authautologin');
191
192		if ($destroy === TRUE)
193		{
194		// Destroy the session completely
195		Session::instance()->destroy();
196		}
197		else
198		{
199		// Remove the user object from the session
200		unset($_SESSION['auth_user']);
201
202		// Regenerate session_id
203		$this->session->regenerate();
204		}
205
206		// Double check
207		return ! isset($_SESSION['auth_user']);
	144	return $this->driver->logout($destroy);
208	145	}
209	146
…	…
260	197	* Perform a hash, using the configured method.
261	198	*
262		* Parameters:
263		* str - string to be hashed
264		*
265		* Returns:
266		* Hashed string.
	199	* @param string string to hash
	200	* @return string
267	201	*/
268	202	protected function hash($str)
…	…
274	208	* Finds the salt from a password, based on the configured salt pattern.
275	209	*
276		* Parameters:
277		* password - hashed password
278		*
279		* Returns:
280		* Salt string
	210	* @param string hashed password
	211	* @return string
281	212	*/
282	213	protected function find_salt($password)
…	…
293	224	}
294	225
295		~~public function force_login(User_Model $user)~~
296		{
297		~~// Mark the session as forced, to prevent users from changing account information~~
298		~~$_SESSION['auth_forced'] = TRUE;~~
299
300		~~// Run the standard completion~~
301		~~$this->complete_login($user);~~
302		}
303
304		/**
305		* Complete the login for a user by incrementing the logins and setting
306		* session data: user_id, username, roles
307		*
308		* @param object user model object
309		* @return void
310		*/
311		~~protected function complete_login(User_Model $user)~~
312		{
313		~~// Update the number of logins~~
314		~~$user->logins += 1;~~
315
316		~~// Set the last login date~~
317		~~$user->last_login = time();~~
318
319		~~// Save the user~~
320		~~$user->save();~~
321
322		~~// Regenerate session_id~~
323		~~$this->session->regenerate();~~
324
325		~~// Store session data~~
326		~~$_SESSION['auth_user'] = $user;~~
327		}
328
329	226	} // End Auth

Context Navigation

Changeset 2471 for trunk/modules/auth

Legend:

trunk/modules/auth/config/auth.php

trunk/modules/auth/libraries/Auth.php

Download in other formats: