PageRenderTime 80ms CodeModel.GetById 15ms RepoModel.GetById 0ms app.codeStats 0ms

/modules/auth/classes/kohana/auth.php

https://bitbucket.org/ekiwookie/juss
PHP | 171 lines | 71 code | 27 blank | 73 comment | 5 complexity | df4c8021c2507e52a2ac911c81fac7d9 MD5 | raw file
Possible License(s): BSD-3-Clause
  1. <?php defined('SYSPATH') or die('No direct access allowed.');
  2. /**
  3. * User authorization library. Handles user login and logout, as well as secure
  4. * password hashing.
  5. *
  6. * @package Kohana/Auth
  7. * @author Kohana Team
  8. * @copyright (c) 2007-2012 Kohana Team
  9. * @license http://kohanaframework.org/license
  10. */
  11. abstract class Kohana_Auth {
  12. // Auth instances
  13. protected static $_instance;
  14. /**
  15. * Singleton pattern
  16. *
  17. * @return Auth
  18. */
  19. public static function instance()
  20. {
  21. if ( ! isset(Auth::$_instance))
  22. {
  23. // Load the configuration for this type
  24. $config = Kohana::$config->load('auth');
  25. if ( ! $type = $config->get('driver'))
  26. {
  27. $type = 'file';
  28. }
  29. // Set the session class name
  30. $class = 'Auth_'.ucfirst($type);
  31. // Create a new session instance
  32. Auth::$_instance = new $class($config);
  33. }
  34. return Auth::$_instance;
  35. }
  36. protected $_session;
  37. protected $_config;
  38. /**
  39. * Loads Session and configuration options.
  40. *
  41. * @param array $config Config Options
  42. * @return void
  43. */
  44. public function __construct($config = array())
  45. {
  46. // Save the config in the object
  47. $this->_config = $config;
  48. $this->_session = Session::instance($this->_config['session_type']);
  49. }
  50. abstract protected function _login($username, $password, $remember);
  51. abstract public function password($username);
  52. abstract public function check_password($password);
  53. /**
  54. * Gets the currently logged in user from the session.
  55. * Returns NULL if no user is currently logged in.
  56. *
  57. * @param mixed $default Default value to return if the user is currently not logged in.
  58. * @return mixed
  59. */
  60. public function get_user($default = NULL)
  61. {
  62. return $this->_session->get($this->_config['session_key'], $default);
  63. }
  64. /**
  65. * Attempt to log in a user by using an ORM object and plain-text password.
  66. *
  67. * @param string $username Username to log in
  68. * @param string $password Password to check against
  69. * @param boolean $remember Enable autologin
  70. * @return boolean
  71. */
  72. public function login($username, $password, $remember = FALSE)
  73. {
  74. if (empty($password))
  75. return FALSE;
  76. return $this->_login($username, $password, $remember);
  77. }
  78. /**
  79. * Log out a user by removing the related session variables.
  80. *
  81. * @param boolean $destroy Completely destroy the session
  82. * @param boolean $logout_all Remove all tokens for user
  83. * @return boolean
  84. */
  85. public function logout($destroy = FALSE, $logout_all = FALSE)
  86. {
  87. if ($destroy === TRUE)
  88. {
  89. // Destroy the session completely
  90. $this->_session->destroy();
  91. }
  92. else
  93. {
  94. // Remove the user from the session
  95. $this->_session->delete($this->_config['session_key']);
  96. // Regenerate session_id
  97. $this->_session->regenerate();
  98. }
  99. // Double check
  100. return ! $this->logged_in();
  101. }
  102. /**
  103. * Check if there is an active session. Optionally allows checking for a
  104. * specific role.
  105. *
  106. * @param string $role role name
  107. * @return mixed
  108. */
  109. public function logged_in($role = NULL)
  110. {
  111. return ($this->get_user() !== NULL);
  112. }
  113. /**
  114. * Creates a hashed hmac password from a plaintext password. This
  115. * method is deprecated, [Auth::hash] should be used instead.
  116. *
  117. * @deprecated
  118. * @param string $password Plaintext password
  119. */
  120. public function hash_password($password)
  121. {
  122. return $this->hash($password);
  123. }
  124. /**
  125. * Perform a hmac hash, using the configured method.
  126. *
  127. * @param string string to hash
  128. * @return string
  129. */
  130. public function hash($str)
  131. {
  132. if ( ! $this->_config['hash_key'])
  133. throw new Kohana_Exception('A valid hash key must be set in your auth config.');
  134. return hash_hmac($this->_config['hash_method'], $str, $this->_config['hash_key']);
  135. }
  136. protected function complete_login($user)
  137. {
  138. // Regenerate session_id
  139. $this->_session->regenerate();
  140. // Store username in session
  141. $this->_session->set($this->_config['session_key'], $user);
  142. return TRUE;
  143. }
  144. } // End Auth