pictcode / lib / Cake / Controller / Component / Auth / BasicAuthenticate.php @ db36f2d4
履歴 | 表示 | アノテート | ダウンロード (3.962 KB)
| 1 | <?php
 | 
|---|---|
| 2 | /**
 | 
| 3 |  * CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
 | 
| 4 |  * Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
 | 
| 5 |  *
 | 
| 6 |  * Licensed under The MIT License
 | 
| 7 |  * For full copyright and license information, please see the LICENSE.txt
 | 
| 8 |  * Redistributions of files must retain the above copyright notice.
 | 
| 9 |  *
 | 
| 10 |  * @copyright     Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
 | 
| 11 |  * @link          http://cakephp.org CakePHP(tm) Project
 | 
| 12 |  * @license       http://www.opensource.org/licenses/mit-license.php MIT License
 | 
| 13 |  */
 | 
| 14 |  | 
| 15 | App::uses('BaseAuthenticate', 'Controller/Component/Auth'); | 
| 16 |  | 
| 17 | /**
 | 
| 18 |  * Basic Authentication adapter for AuthComponent.
 | 
| 19 |  *
 | 
| 20 |  * Provides Basic HTTP authentication support for AuthComponent. Basic Auth will
 | 
| 21 |  * authenticate users against the configured userModel and verify the username
 | 
| 22 |  * and passwords match.
 | 
| 23 |  *
 | 
| 24 |  * ### Using Basic auth
 | 
| 25 |  *
 | 
| 26 |  * In your controller's components array, add auth + the required settings.
 | 
| 27 |  * ```
 | 
| 28 |  *        public $components = array(
 | 
| 29 |  *                'Auth' => array(
 | 
| 30 |  *                        'authenticate' => array('Basic')
 | 
| 31 |  *                )
 | 
| 32 |  *        );
 | 
| 33 |  * ```
 | 
| 34 |  *
 | 
| 35 |  * You should also set `AuthComponent::$sessionKey = false;` in your AppController's
 | 
| 36 |  * beforeFilter() to prevent CakePHP from sending a session cookie to the client.
 | 
| 37 |  *
 | 
| 38 |  * Since HTTP Basic Authentication is stateless you don't need a login() action
 | 
| 39 |  * in your controller. The user credentials will be checked on each request. If
 | 
| 40 |  * valid credentials are not provided, required authentication headers will be sent
 | 
| 41 |  * by this authentication provider which triggers the login dialog in the browser/client.
 | 
| 42 |  *
 | 
| 43 |  * You may also want to use `$this->Auth->unauthorizedRedirect = false;`.
 | 
| 44 |  * By default, unauthorized users are redirected to the referrer URL,
 | 
| 45 |  * `AuthComponent::$loginAction`, or '/'. If unauthorizedRedirect is set to
 | 
| 46 |  * false, a ForbiddenException exception is thrown instead of redirecting.
 | 
| 47 |  *
 | 
| 48 |  * @package       Cake.Controller.Component.Auth
 | 
| 49 |  * @since 2.0
 | 
| 50 |  */
 | 
| 51 | class BasicAuthenticate extends BaseAuthenticate { | 
| 52 |  | 
| 53 | /**
 | 
| 54 |  * Constructor, completes configuration for basic authentication.
 | 
| 55 |  *
 | 
| 56 |  * @param ComponentCollection $collection The Component collection used on this request.
 | 
| 57 |  * @param array $settings An array of settings.
 | 
| 58 |  */
 | 
| 59 | public function __construct(ComponentCollection $collection, $settings) { | 
| 60 | parent::__construct($collection, $settings); | 
| 61 | if (empty($this->settings['realm'])) { | 
| 62 | $this->settings['realm'] = env('SERVER_NAME'); | 
| 63 | } | 
| 64 | } | 
| 65 |  | 
| 66 | /**
 | 
| 67 |  * Authenticate a user using HTTP auth. Will use the configured User model and attempt a
 | 
| 68 |  * login using HTTP auth.
 | 
| 69 |  *
 | 
| 70 |  * @param CakeRequest $request The request to authenticate with.
 | 
| 71 |  * @param CakeResponse $response The response to add headers to.
 | 
| 72 |  * @return mixed Either false on failure, or an array of user data on success.
 | 
| 73 |  */
 | 
| 74 | public function authenticate(CakeRequest $request, CakeResponse $response) { | 
| 75 | return $this->getUser($request); | 
| 76 | } | 
| 77 |  | 
| 78 | /**
 | 
| 79 |  * Get a user based on information in the request. Used by cookie-less auth for stateless clients.
 | 
| 80 |  *
 | 
| 81 |  * @param CakeRequest $request Request object.
 | 
| 82 |  * @return mixed Either false or an array of user information
 | 
| 83 |  */
 | 
| 84 | public function getUser(CakeRequest $request) { | 
| 85 | $username = env('PHP_AUTH_USER'); | 
| 86 | $pass = env('PHP_AUTH_PW'); | 
| 87 |  | 
| 88 | if (!is_string($username) || $username === '' || !is_string($pass) || $pass === '') { | 
| 89 | return false; | 
| 90 | } | 
| 91 | return $this->_findUser($username, $pass); | 
| 92 | } | 
| 93 |  | 
| 94 | /**
 | 
| 95 |  * Handles an unauthenticated access attempt by sending appropriate login headers
 | 
| 96 |  *
 | 
| 97 |  * @param CakeRequest $request A request object.
 | 
| 98 |  * @param CakeResponse $response A response object.
 | 
| 99 |  * @return void
 | 
| 100 |  * @throws UnauthorizedException
 | 
| 101 |  */
 | 
| 102 | public function unauthenticated(CakeRequest $request, CakeResponse $response) { | 
| 103 | $Exception = new UnauthorizedException(); | 
| 104 | $Exception->responseHeader(array($this->loginHeaders())); | 
| 105 | throw $Exception; | 
| 106 | } | 
| 107 |  | 
| 108 | /**
 | 
| 109 |  * Generate the login headers
 | 
| 110 |  *
 | 
| 111 |  * @return string Headers for logging in.
 | 
| 112 |  */
 | 
| 113 | public function loginHeaders() { | 
| 114 | return sprintf('WWW-Authenticate: Basic realm="%s"', $this->settings['realm']); | 
| 115 | } | 
| 116 |  | 
| 117 | } |