Class BaseAuthenticate

Base Authentication class with common methods and properties.

Cake\Auth\BaseAuthenticate implements Cake\Event\EventListenerInterface uses Cake\Core\InstanceConfigTrait , Cake\ORM\Locator\LocatorAwareTrait

Direct Subclasses

Indirect Subclasses

Abstract
Namespace: Cake\Auth
Location: Auth/BaseAuthenticate.php

Properties summary

Inherited Properties

Method Summary

  • __construct() public
    Constructor
  • _findUser() protected
    Find a user record using the username and password provided.
  • _query() protected
    Get query object for fetching user from database.
  • authenticate() abstract public
    Authenticate a user based on the request information.
  • getUser() public

    Get a user based on information in the request. Primarily used by stateless authentication systems like basic and digest auth.

  • Returns a list of all events that this authenticate class will listen to.
  • Returns whether or not the password stored in the repository for the logged in user requires to be rehashed with another algorithm

  • Return password hasher object
  • Handle unauthenticated access attempt. In implementation valid return values can be:

Method Detail

__construct()source public

__construct( Cake\Controller\ComponentRegistry $registry , array $config = [] )

Constructor

Parameters

Cake\Controller\ComponentRegistry $registry
The Component registry used on this request.
array $config optional []
Array of config to use.

_findUser()source protected

_findUser( string $username , string|null $password = null )

Find a user record using the username and password provided.

Input passwords will be hashed even when a user doesn't exist. This helps mitigate timing attacks that are attempting to find valid usernames.

Parameters

string $username
The username/identifier.
string|null $password optional null

The password, if not provided password checking is skipped and result of find is returned.

Returns

boolean|array
Either false on failure, or an array of user data.

_query()source protected

_query( string $username )

Get query object for fetching user from database.

Parameters

string $username
The username/identifier.

Returns

Cake\ORM\Query

authenticate()source abstract public

authenticate( Cake\Http\ServerRequest $request , Cake\Http\Response $response )

Authenticate a user based on the request information.

Parameters

Cake\Http\ServerRequest $request
Request to get authentication information from.
Cake\Http\Response $response
A response object that can have headers added.

Returns

mixed
Either false on failure, or an array of user data on success.

getUser()source public

getUser( Cake\Http\ServerRequest $request )

Get a user based on information in the request. Primarily used by stateless authentication systems like basic and digest auth.

Parameters

Cake\Http\ServerRequest $request
Request object.

Returns

mixed
Either false or an array of user information

implementedEvents()source public

implementedEvents( )

Returns a list of all events that this authenticate class will listen to.

An authenticate class can listen to following events fired by AuthComponent:

  • Auth.afterIdentify - Fired after a user has been identified using one of configured authenticate class. The callback function should have signature like afterIdentify(Event $event, array $user) when $user is the identified user record.

  • Auth.logout - Fired when AuthComponent::logout() is called. The callback function should have signature like logout(Event $event, array $user) where $user is the user about to be logged out.

Returns

array
List of events this class listens to. Defaults to [].

Implementation of

Cake\Event\EventListenerInterface::implementedEvents()

needsPasswordRehash()source public

needsPasswordRehash( )

Returns whether or not the password stored in the repository for the logged in user requires to be rehashed with another algorithm

Returns

boolean

passwordHasher()source public

passwordHasher( )

Return password hasher object

Returns

Cake\Auth\AbstractPasswordHasher
Password hasher instance

Throws

RuntimeException

If password hasher class not found or it does not extend AbstractPasswordHasher


unauthenticated()source public

unauthenticated( Cake\Http\ServerRequest $request , Cake\Http\Response $response )

Handle unauthenticated access attempt. In implementation valid return values can be:

  • Null - No action taken, AuthComponent should return appropriate response.
  • Cake\Http\Response - A response object, which will cause AuthComponent to simply return that response.

Parameters

Cake\Http\ServerRequest $request
A request object.
Cake\Http\Response $response
A response object.

Methods used from Cake\Core\InstanceConfigTrait

_configDelete()source protected

_configDelete( string $key )

Deletes a single config key.

Parameters

string $key
Key to delete.

Throws

Cake\Core\Exception\Exception
if attempting to clobber existing config

_configRead()source protected

_configRead( string|null $key )

Reads a config key.

Parameters

string|null $key
Key to read.

Returns

mixed

_configWrite()source protected

_configWrite( string|array $key , mixed $value , boolean|string $merge = false )

Writes a config key.

Parameters

string|array $key
Key to write to.
mixed $value
Value to write.
boolean|string $merge optional false

True to merge recursively, 'shallow' for simple merge, false to overwrite, defaults to false.

Throws

Cake\Core\Exception\Exception
if attempting to clobber existing config

config()source public deprecated

config( string|array|null $key = null , mixed|null $value = null , boolean $merge = true )

Gets/Sets the config.

Usage

Reading the whole config:

$this->config();

Reading a specific value:

$this->config('key');

Reading a nested value:

$this->config('some.nested.key');

Setting a specific value:

$this->config('key', $value);

Setting a nested value:

$this->config('some.nested.key', $value);

Updating multiple config settings at the same time:

$this->config(['one' => 'value', 'another' => 'value']);

Deprecated

3.4.0 use setConfig()/getConfig() instead.

Parameters

string|array|null $key optional null
The key to get/set, or a complete array of configs.
mixed|null $value optional null
The value to set.
boolean $merge optional true
Whether to recursively merge or overwrite existing config, defaults to true.

Returns

mixed
Config value being read, or the object itself on write operations.

Throws

Cake\Core\Exception\Exception
When trying to set a key that is invalid.

configShallow()source public

configShallow( string|array $key , mixed|null $value = null )

Merge provided config with existing config. Unlike config() which does a recursive merge for nested keys, this method does a simple merge.

Setting a specific value:

$this->configShallow('key', $value);

Setting a nested value:

$this->configShallow('some.nested.key', $value);

Updating multiple config settings at the same time:

$this->configShallow(['one' => 'value', 'another' => 'value']);

Parameters

string|array $key
The key to set, or a complete array of configs.
mixed|null $value optional null
The value to set.

Returns


$this

getConfig()source public

getConfig( string|null $key = null , mixed $default = null )

Returns the config.

Usage

Reading the whole config:

$this->getConfig();

Reading a specific value:

$this->getConfig('key');

Reading a nested value:

$this->getConfig('some.nested.key');

Reading with default value:

$this->getConfig('some-key', 'default-value');

Parameters

string|null $key optional null
The key to get or null for the whole config.
mixed $default optional null
The return value when the key does not exist.

Returns

mixed
Config value being read.

setConfig()source public

setConfig( string|array $key , mixed|null $value = null , boolean $merge = true )

Sets the config.

Usage

Setting a specific value:

$this->setConfig('key', $value);

Setting a nested value:

$this->setConfig('some.nested.key', $value);

Updating multiple config settings at the same time:

$this->setConfig(['one' => 'value', 'another' => 'value']);

Parameters

string|array $key
The key to set, or a complete array of configs.
mixed|null $value optional null
The value to set.
boolean $merge optional true
Whether to recursively merge or overwrite existing config, defaults to true.

Returns


$this

Throws

Cake\Core\Exception\Exception
When trying to set a key that is invalid.

Methods used from Cake\ORM\Locator\LocatorAwareTrait

getTableLocator()source public

getTableLocator( )

Gets the table locator.

Returns

Cake\ORM\Locator\LocatorInterface

setTableLocator()source public

setTableLocator( Cake\ORM\Locator\LocatorInterface $tableLocator )

Sets the table locator.

Parameters

Cake\ORM\Locator\LocatorInterface $tableLocator
LocatorInterface instance.

Returns


$this

tableLocator()source public deprecated

tableLocator( Cake\ORM\Locator\LocatorInterface $tableLocator = null )

Sets the table locator. If no parameters are passed, it will return the currently used locator.

Deprecated

3.5.0 Use getTableLocator()/setTableLocator() instead.

Parameters

Cake\ORM\Locator\LocatorInterface $tableLocator optional null
LocatorInterface instance.

Returns

Cake\ORM\Locator\LocatorInterface

Properties detail

$_defaultConfigsource

protected array

Default config for this object.

  • fields The fields to use to identify a user by.
  • userModel The alias for users table, defaults to Users.
  • finder The finder method to use to fetch user record. Defaults to 'all'. You can set finder name as string or an array where key is finder name and value is an array passed to Table::find() options. E.g. ['finderName' => ['some_finder_option' => 'some_value']]
  • passwordHasher Password hasher class. Can be a string specifying class name or an array containing className key, any other keys will be passed as config to the class. Defaults to 'Default'.
  • Options scope and contain have been deprecated since 3.1. Use custom finder instead to modify the query to fetch user record.
[
    'fields' => [
        'username' => 'username',
        'password' => 'password'
    ],
    'userModel' => 'Users',
    'scope' => [],
    'finder' => 'all',
    'contain' => null,
    'passwordHasher' => 'Default'
]

$_needsPasswordRehashsource

protected boolean

Whether or not the user authenticated by this class requires their password to be rehashed with another algorithm.

false

$_passwordHashersource

protected Cake\Auth\AbstractPasswordHasher

Password hasher instance.

$_registrysource

protected Cake\Controller\ComponentRegistry

A Component registry, used to get more components.

© 2005–present The Cake Software Foundation, Inc.
Licensed under the MIT License.
CakePHP is a registered trademark of Cake Software Foundation, Inc.
We are not endorsed by or affiliated with CakePHP.
https://api.cakephp.org/3.7/class-Cake.Auth.BaseAuthenticate.html