public function testAuthPersist()
{
Auth::reset();
Auth::config(array('test' => array('adapter' => $this->_classes['mockAuthAdapter'])));
$config = Auth::config();
$this->assertTrue(isset($config['test']['session']['persist']));
$this->assertTrue(empty($config['test']['session']['persist']));
$user = array('username' => 'foo', 'password' => 'bar');
$result = Auth::check('test', $user, array('success' => true));
$this->assertTrue(isset($result['username']));
$this->assertFalse(isset($result['password']));
Auth::reset();
Auth::config(array('test' => array('adapter' => $this->_classes['mockAuthAdapter'], 'session' => array('persist' => array('username', 'email')))));
$user = array('username' => 'foobar', 'password' => 'not!important', 'email' => '*****@*****.**', 'insuranceNumer' => 1234567);
$expected = array('username' => 'foobar', 'email' => '*****@*****.**');
$result = Auth::check('test', $user, array('success' => true, 'checkSession' => false));
$this->assertEqual($expected, $result);
$this->assertEqual($expected, Session::read('test'));
Auth::reset();
Auth::config(array('test' => array('adapter' => $this->_classes['mockAuthAdapter'])));
$user = array('id' => '123', 'username' => 'foobar', 'password' => 'not!important', 'email' => '*****@*****.**', 'insuranceNumer' => 1234567);
$expected = 123;
$result = Auth::check('test', $user, array('keyOnly' => true, 'checkSession' => false));
$this->assertEqual($expected, $result);
$this->assertEqual($expected, Session::read('test'));
}
public function testNoConfigurations()
{
Auth::reset();
$this->assertIdentical(array(), Auth::config());
$this->expectException("Configuration `user` has not been defined.");
Auth::check('user');
}
/**
* Clears all other adapters
*
* @param array $options Adapter-specific options. Not implemented in this adapter.
* @return void
*/
public function clear(array $options = array())
{
foreach (Auth::config() as $name => $auth) {
if ($auth['adapter'] === $this->_config['adapter']) {
continue;
}
Auth::clear($name);
}
}
protected static function _isAuthedBy(array $names, array $params)
{
if ($names === array('*')) {
return true;
}
$names = array_intersect(array_keys(Auth::config()), $names);
foreach ($names as $name) {
if (Auth::check($name, $params['request'], array('writeSession' => false))) {
return true;
}
}
return false;
}
public function setUp()
{
Auth::config(array('user' => array('adapter' => 'li3_access\\tests\\mocks\\security\\auth\\adapter\\MockAuthAdapter')));
Access::config(array('test_no_roles_configured' => array('adapter' => 'AuthRbac'), 'test_check' => array('adapter' => 'AuthRbac', 'roles' => array('allow' => array('requesters' => 'user', 'match' => '*::*'))), 'test_closures' => array('adapter' => 'AuthRbac', 'roles' => array(array('requesters' => '*', 'allow' => array(function ($request, &$roleOptions) {
$roleOptions['message'] = 'Test allow options set.';
return $request->params['allow'] ? true : false;
}), 'match' => array(function ($request) {
return $request->params['match'] ? true : false;
}, 'controller' => 'TestControllers', 'action' => 'test_action')))), 'test_allow_closure' => array('adapter' => 'AuthRbac', 'roles' => array(array('requesters' => '*', 'match' => '*::*', 'allow' => function ($request, &$roleOptions) {
$roleOptions['message'] = 'Test allow options set.';
return $request->params['allow'] ? true : false;
}))), 'test_allow_closure_match' => array('adapter' => 'AuthRbac', 'roles' => array(array('requesters' => '*', 'match' => function ($request) {
return !empty($request->params['allow_match']);
}, 'allow' => function ($request, &$roleOptions) {
$roleOptions['message'] = 'Test allow options set 2.';
return $request->params['allow'] ? true : false;
}))), 'test_message_override' => array('adapter' => 'AuthRbac', 'roles' => array(array('allow' => false, 'requesters' => '*', 'match' => '*::*'), array('message' => 'Rule access denied message.', 'redirect' => '/', 'requesters' => 'user', 'match' => 'TestControllers::test_action'), array('message' => 'Test no overwrite.', 'redirect' => '/test_no_overwrite', 'requesters' => 'user', 'match' => null)))));
}
* Lithium: the most rad php framework
*
* @copyright Copyright 2013, Union of RAD (http://union-of-rad.org)
* @license http://opensource.org/licenses/bsd-license.php The BSD License
*/
/**
* This configures your session storage. The Cookie storage adapter must be connected first, since
* it intercepts any writes where the `'expires'` key is set in the options array.
* The default name is based on the lithium app path. Remember, if your app is numeric or has
* special characters you might want to use Inflector::slug() or set this manually.
*/
use lithium\storage\Session;
use lithium\security\Auth;
$name = basename(LITHIUM_APP_PATH);
Session::config(array('default' => array('adapter' => 'Php', 'session.name' => $name)));
Auth::config(array('member' => array('adapter' => 'Form', 'model' => 'Users', 'fields' => array('username', 'password'), 'filters' => array('password' => array('lithium\\util\\String', 'hash')), 'validators' => array('password' => false))));
/**
* Uncomment the lines below to enable forms-based authentication. This configuration will attempt
* to authenticate users against a `Users` model. In a controller, run
* `Auth::check('default', $this->request)` to authenticate a user. This will check the POST data of
* the request (`lithium\action\Request::$data`) to see if the fields match the `'fields'` key of
* the configuration below. If successful, it will write the data returned from `Users::first()` to
* the session using the default session configuration.
*
* Once the session data is written, you can call `Auth::check('default')` to check authentication
* status or retrieve the user's data from the session. Call `Auth::clear('default')` to remove the
* user's authentication details from the session. This effectively logs a user out of the system.
* To modify the form input that the adapter accepts, or how the configured model is queried, or how
* the data is stored in the session, see the `Form` adapter API or the `Auth` API, respectively.
*
* @see lithium\security\auth\adapter\Form
*
* @copyright Copyright 2011, Union of RAD (http://union-of-rad.org)
* @license http://opensource.org/licenses/bsd-license.php The BSD License
*/
/**
* This configures your session storage. The Cookie storage adapter must be connected first, since
* it intercepts any writes where the `'expires'` key is set in the options array.
*/
use lithium\storage\Session;
Session::config(array('cookie' => array('adapter' => 'Cookie'), 'default' => array('adapter' => 'Php')));
/**
* Uncomment the lines below to enable forms-based authentication. This configuration will attempt
* to authenticate users against a `Users` model. In a controller, run
* `Auth::check('default', $this->request)` to authenticate a user. This will check the POST data of
* the request (`lithium\action\Request::$data`) to see if the fields match the `'fields'` key of
* the configuration below. If successful, it will write the data returned from `Users::first()` to
* the session using the default session configuration.
*
* Once the session data is written, you can call `Auth::check('default')` to check authentication
* status or retrieve the user's data from the session. Call `Auth::clear('default')` to remove the
* user's authentication details from the session. This effectively logs a user out of the system.
* To modify the form input that the adapter accepts, or how the configured model is queried, or how
* the data is stored in the session, see the `Form` adapter API or the `Auth` API, respectively.
*
* @see lithium\security\auth\adapter\Form
* @see lithium\action\Request::$data
* @see lithium\security\Auth
*/
use lithium\security\Auth;
Auth::config(array('default' => array('adapter' => '\\app\\extensions\\adapter\\Doctrine', 'model' => 'User', 'fields' => array('email', 'password'), 'query' => 'findOneBy')));
<?php
use lithium\storage\Session;
use lithium\security\Auth;
Session::config(array('default' => array('adapter' => 'Php')));
Auth::config(array('customer' => array('adapter' => 'Form', 'model' => 'User', 'fields' => array('username', 'password'))));
<?php
/**
* li3_access configuration file
*/
use lithium\security\Auth;
use li3_access\security\Access;
/**
* Auth configurations
* Users authorized trough 'inactive' configuration gets message about inactive account!
*/
Auth::config(array('default' => array('adapter' => 'Form', 'scope' => array('active' => true), 'query' => 'firstWithGroup'), 'inactive' => array('adapter' => 'Form', 'scope' => array('active' => false))));
/**
* Access adapters configurations
* For details se `li3_access` documentation
*/
Access::config(array('acl' => array('adapter' => 'DbAcl'), 'rules' => array('adapter' => 'Rules')));
public function setUp()
{
Session::config(array('test' => array('adapter' => 'Memory')));
Auth::config(array('test' => array('adapter' => '\\lithium\\tests\\mocks\\security\\auth\\adapter\\MockAuthAdapter')));
}
<?php
/**
* Minerva's Authentication Configuration
* In this file you can specifcy the settings for the Auth class.
* If you need to use a different or additional adapter, you can
* do so by configuring it here.
*
*/
use \lithium\security\Auth;
Auth::config(array(
'minerva_user' => array(
'adapter' => 'Form',
'model' => 'User',
'fields' => array('email', 'password'),
'scope' => array('active' => true),
/*'filters' => array(
//'password' => 'app\models\User::hashPassword'
),*/
'session' => array(
'options' => array('name' => 'default')
)
)
));
?>
public static function initAuth()
{
foreach (Auth::config() as $name => $config) {
if ($result = Auth::check($name)) {
static::$_data['auth'] = true;
static::$_data['auth.id'] = isset($result['email']) ? $result['email'] : $result['_id'];
static::$_data['auth.data'] = $result;
}
}
}
/**
* @todo reduce Model Overhead (will duplicated in each model)
*
* @param mixed $params The Lithium `Request` object, or an array with at least
* 'request', and 'params'
* @param array $options
* @return array|mixed $roles Roles with attached User Models
*/
protected static function _getRolesByAuth($params, array $options = array())
{
$roles = array('*' => '*');
foreach (array_keys(Auth::config()) as $key) {
if ($check = Auth::check($key, $params['request'], $options)) {
$roles[$key] = $check;
}
}
return $roles = array_filter($roles);
}
public function setUp() {
Auth::clear('user');
$this->_request = new Request(array(
'params' => array(
'library' => 'test_library',
'controller' => 'test_controllers',
'action' => 'test_action'
)
));
Auth::config(array(
'user' => array(
'adapter' => 'li3_access\tests\mocks\extensions\adapter\auth\MockAuthAdapter'
)
));
Access::config(array(
'no_roles' => array(
'adapter' => 'AuthRbac'
),
'test_check' => array(
'adapter' => 'AuthRbac',
'roles' => array(
array(
'resources' => 'user',
'match' => '*::*'
),
array(
'resources' => 'user',
'match' => 'Pages::index'
)
)
),
'test_closures' => array(
'adapter' => 'AuthRbac',
'roles' => array(
array(
'resources' => '*',
'allow' => array(function($request, &$roleOptions) {
$roleOptions['message'] = 'Test allow options set.';
return $request->params['allow'];
}),
'match' => array(
function($request) {
return $request->params['match'];
},
'controller' => 'TestControllers',
'action' => 'test_action'
)
)
)
),
'test_option_override' => array(
'adapter' => 'AuthRbac',
'roles' => array(
array(
'allow' => false,
'resources' => '*',
'match' => '*::*'
),
array(
'message' => 'Rule access denied message.',
'redirect' => '/',
'options' => array(
'class' => 'notice'
),
'resources' => 'user',
'match' => 'TestControllers::test_action'
),
array(
'message' => 'Test no overwrite.',
'redirect' => 'Test::no_overwrite',
'match' => null
)
)
)
));
}
/**
* @todo reduce Model Overhead (will duplicated in each model)
*
* @param Request $request Object
* @return array|mixed $roles Roles with attached User Models
*/
protected function _roles($request, array $options = array()) {
$roles = array('*' => '*');
foreach (array_keys(Auth::config()) as $key) {
if ($check = Auth::check($key, $request, $options)) {
$roles[$key] = $check;
}
}
return $roles = array_filter($roles);
}
<?php
/**
* Lithium: the most rad php framework
*
* @copyright Copyright 2012, Union of RAD (http://union-of-rad.org)
* @license http://opensource.org/licenses/bsd-license.php The BSD License
*/
/**
* Uncomment the lines below to enable forms-based authentication. This configuration will attempt
* to authenticate users against a `Users` model. In a controller, run
* `Auth::check('default', $this->request)` to authenticate a user. This will check the POST data of
* the request (`lithium\action\Request::$data`) to see if the fields match the `'fields'` key of
* the configuration below. If successful, it will write the data returned from `Users::first()` to
* the session using the default session configuration.
*
* Once the session data is written, you can call `Auth::check('default')` to check authentication
* status or retrieve the user's data from the session. Call `Auth::clear('default')` to remove the
* user's authentication details from the session. This effectively logs a user out of the system.
* To modify the form input that the adapter accepts, or how the configured model is queried, or how
* the data is stored in the session, see the `Form` adapter API or the `Auth` API, respectively.
*
* @see lithium\security\auth\adapter\Form
* @see lithium\action\Request::$data
* @see lithium\security\Auth
*/
use lithium\security\Auth;
Auth::config(array('openid' => array('adapter' => 'OpenId')));
* @license http://opensource.org/licenses/bsd-license.php The BSD License
*/
/**
* This configures your session storage. The Cookie storage adapter must be connected first, since
* it intercepts any writes where the `'expires'` key is set in the options array.
*/
use lithium\storage\Session;
use lithium\security\Auth;
use lithium\security\Password;
Session::config(array('default' => array('adapter' => 'Php')));
/**
* Uncomment the lines below to enable forms-based authentication. This configuration will attempt
* to authenticate users against a `Users` model. In a controller, run
* `Auth::check('default', $this->request)` to authenticate a user. This will check the POST data of
* the request (`lithium\action\Request::$data`) to see if the fields match the `'fields'` key of
* the configuration below. If successful, it will write the data returned from `Users::first()` to
* the session using the default session configuration.
*
* Once the session data is written, you can call `Auth::check('default')` to check authentication
* status or retrieve the user's data from the session. Call `Auth::clear('default')` to remove the
* user's authentication details from the session. This effectively logs a user out of the system.
* To modify the form input that the adapter accepts, or how the configured model is queried, or how
* the data is stored in the session, see the `Form` adapter API or the `Auth` API, respectively.
*
* @see lithium\security\auth\adapter\Form
* @see lithium\action\Request::$data
* @see lithium\security\Auth
*/
// use lithium\security\Auth;
Auth::config(array('default' => array('adapter' => 'Form'), 'member' => array('adapter' => 'Form', 'model' => 'Users', 'fields' => array('username', 'password'))));
* This configures your session storage. The Cookie storage adapter must be connected first, since
* it intercepts any writes where the `'expires'` key is set in the options array.
* The default name is based on the lithium app path. Remember, if your app is numeric or has
* special characters you might want to use Inflector::slug() or set this manually.
*/
use lithium\storage\Session;
$name = basename(LITHIUM_APP_PATH);
Session::config(array('default' => array('adapter' => 'Php', 'session.name' => $name)));
/**
* Uncomment the lines below to enable forms-based authentication. This configuration will attempt
* to authenticate users against a `Users` model. In a controller, run
* `Auth::check('default', $this->request)` to authenticate a user. This will check the POST data of
* the request (`lithium\action\Request::$data`) to see if the fields match the `'fields'` key of
* the configuration below. If successful, it will write the data returned from `Users::first()` to
* the session using the default session configuration.
*
* Once the session data is written, you can call `Auth::check('default')` to check authentication
* status or retrieve the user's data from the session. Call `Auth::clear('default')` to remove the
* user's authentication details from the session. This effectively logs a user out of the system.
* To modify the form input that the adapter accepts, or how the configured model is queried, or how
* the data is stored in the session, see the `Form` adapter API or the `Auth` API, respectively.
*
* @see lithium\security\auth\adapter\Form
* @see lithium\action\Request::$data
* @see lithium\security\Auth
*/
use lithium\security\Auth;
use lithium\security\Password;
Auth::config(array('phpbb' => array('adapter' => 'app\\security\\auth\\adapter\\Forum', 'model' => 'app\\models\\Identities', 'scope' => array('type' => 'phpbb', 'prv_name' => 'afdc.com')), 'password' => array('adapter' => 'lithium\\security\\auth\\adapter\\Form', 'model' => 'app\\models\\Identities', 'fields' => array('email' => 'prv_uid', 'password' => 'prv_secret'), 'scope' => array('type' => 'password', 'prv_name' => 'afdc.com'), 'filters' => array('email' => 'strtolower'), 'validators' => array('password' => function ($form, $data) {
return Password::check($form, $data);
})), 'any' => array('adapter' => 'app\\security\\auth\\adapter\\Proxy')));
<?php
use lithium\security\Auth;
Auth::config(array('li3b_user' => array('adapter' => 'Form', 'model' => '\\li3b_users\\models\\User', 'fields' => array('email', 'password'), 'scope' => array('active' => true), 'session' => array('options' => array('name' => 'default')))));
<?php
use lithium\security\Auth;
Auth::config(array('default' => array('adapter' => 'Form', 'model' => 'Authors', 'fields' => array('email', 'password'))));
