/** * провкрка авторизации по конфигу * @return type * @throws HTTP_Exception_401 */ private function checkAuth() { if (!class_exists("Kohana_Auth")) { return; } $haveAccess = NULL; $authConfig = Kohana::$config->load("structure.kohana.auth"); $authRoles = explode(",", $authConfig['roles']); if ($authConfig['enabled']) { $this->auth = Auth::instance(); $user = $this->auth->get_user(); if (!$user) { throw new HTTP_Exception_401(); } $roles = $user->roles->find_all()->as_array(); foreach ($roles as $userRole) { $userRoles[] = $userRole->name; } foreach ($userRoles as $currentUserRole) { if (in_array($currentUserRole, $authRoles)) { $haveAccess = $currentUserRole; } } if (!$haveAccess) { throw new HTTP_Exception_401(); } } return $haveAccess; }
/** * Singleton pattern * * @return Auth */ public static function instance() { if (!isset(self::$_instance)) { // Load the configuration for this type $config = Kohana::$config->load('auth'); if (!($type = $config->get('driver'))) { $type = 'file'; } // Set the session class name $class = 'Auth_' . ucfirst($type); // Create a new session instance self::$_instance = new $class($config); } return self::$_instance; }
/** * @param null $default * * @return mixed|Model_User */ public function get_user($default = NULL) { if (!$this->current_user) { $user = parent::get_user($default = NULL); if ($user) { $this->current_user = Model_User::find_by_username($user->user_id); } } return $this->current_user; }
/** * Log a user out and remove any autologin cookies. * * @param boolean completely destroy the session * @param boolean remove all token for user * @return boolean */ public function logout($destroy = FALSE, $logout_all = FALSE) { // Set by force_login() $this->_session->delete('auth_forced'); if ($token = Cookie::get('authautologin')) { // Delete the autologin cookie to prevent re-login Cookie::delete('authautologin'); if ($logout_all) { // Load the user from the token $user = new Model_User(); $user->where('token', '=', $token)->limit(1)->find(); // generates new autologin token from the database if ($user->loaded()) { $user->create_token(); } } } return parent::logout($destroy); }