public function testAuthPersist() { Auth::reset(); Auth::config(array('test' => array('adapter' => $this->_classes['mockAuthAdapter']))); $config = Auth::config(); $this->assertTrue(isset($config['test']['session']['persist'])); $this->assertTrue(empty($config['test']['session']['persist'])); $user = array('username' => 'foo', 'password' => 'bar'); $result = Auth::check('test', $user, array('success' => true)); $this->assertTrue(isset($result['username'])); $this->assertFalse(isset($result['password'])); Auth::reset(); Auth::config(array('test' => array('adapter' => $this->_classes['mockAuthAdapter'], 'session' => array('persist' => array('username', 'email'))))); $user = array('username' => 'foobar', 'password' => 'not!important', 'email' => '*****@*****.**', 'insuranceNumer' => 1234567); $expected = array('username' => 'foobar', 'email' => '*****@*****.**'); $result = Auth::check('test', $user, array('success' => true, 'checkSession' => false)); $this->assertEqual($expected, $result); $this->assertEqual($expected, Session::read('test')); Auth::reset(); Auth::config(array('test' => array('adapter' => $this->_classes['mockAuthAdapter']))); $user = array('id' => '123', 'username' => 'foobar', 'password' => 'not!important', 'email' => '*****@*****.**', 'insuranceNumer' => 1234567); $expected = 123; $result = Auth::check('test', $user, array('keyOnly' => true, 'checkSession' => false)); $this->assertEqual($expected, $result); $this->assertEqual($expected, Session::read('test')); }
public function testNoConfigurations() { Auth::reset(); $this->assertIdentical(array(), Auth::config()); $this->expectException("Configuration `user` has not been defined."); Auth::check('user'); }
/** * Clears all other adapters * * @param array $options Adapter-specific options. Not implemented in this adapter. * @return void */ public function clear(array $options = array()) { foreach (Auth::config() as $name => $auth) { if ($auth['adapter'] === $this->_config['adapter']) { continue; } Auth::clear($name); } }
protected static function _isAuthedBy(array $names, array $params) { if ($names === array('*')) { return true; } $names = array_intersect(array_keys(Auth::config()), $names); foreach ($names as $name) { if (Auth::check($name, $params['request'], array('writeSession' => false))) { return true; } } return false; }
public function setUp() { Auth::config(array('user' => array('adapter' => 'li3_access\\tests\\mocks\\security\\auth\\adapter\\MockAuthAdapter'))); Access::config(array('test_no_roles_configured' => array('adapter' => 'AuthRbac'), 'test_check' => array('adapter' => 'AuthRbac', 'roles' => array('allow' => array('requesters' => 'user', 'match' => '*::*'))), 'test_closures' => array('adapter' => 'AuthRbac', 'roles' => array(array('requesters' => '*', 'allow' => array(function ($request, &$roleOptions) { $roleOptions['message'] = 'Test allow options set.'; return $request->params['allow'] ? true : false; }), 'match' => array(function ($request) { return $request->params['match'] ? true : false; }, 'controller' => 'TestControllers', 'action' => 'test_action')))), 'test_allow_closure' => array('adapter' => 'AuthRbac', 'roles' => array(array('requesters' => '*', 'match' => '*::*', 'allow' => function ($request, &$roleOptions) { $roleOptions['message'] = 'Test allow options set.'; return $request->params['allow'] ? true : false; }))), 'test_allow_closure_match' => array('adapter' => 'AuthRbac', 'roles' => array(array('requesters' => '*', 'match' => function ($request) { return !empty($request->params['allow_match']); }, 'allow' => function ($request, &$roleOptions) { $roleOptions['message'] = 'Test allow options set 2.'; return $request->params['allow'] ? true : false; }))), 'test_message_override' => array('adapter' => 'AuthRbac', 'roles' => array(array('allow' => false, 'requesters' => '*', 'match' => '*::*'), array('message' => 'Rule access denied message.', 'redirect' => '/', 'requesters' => 'user', 'match' => 'TestControllers::test_action'), array('message' => 'Test no overwrite.', 'redirect' => '/test_no_overwrite', 'requesters' => 'user', 'match' => null))))); }
* Lithium: the most rad php framework * * @copyright Copyright 2013, Union of RAD (http://union-of-rad.org) * @license http://opensource.org/licenses/bsd-license.php The BSD License */ /** * This configures your session storage. The Cookie storage adapter must be connected first, since * it intercepts any writes where the `'expires'` key is set in the options array. * The default name is based on the lithium app path. Remember, if your app is numeric or has * special characters you might want to use Inflector::slug() or set this manually. */ use lithium\storage\Session; use lithium\security\Auth; $name = basename(LITHIUM_APP_PATH); Session::config(array('default' => array('adapter' => 'Php', 'session.name' => $name))); Auth::config(array('member' => array('adapter' => 'Form', 'model' => 'Users', 'fields' => array('username', 'password'), 'filters' => array('password' => array('lithium\\util\\String', 'hash')), 'validators' => array('password' => false)))); /** * Uncomment the lines below to enable forms-based authentication. This configuration will attempt * to authenticate users against a `Users` model. In a controller, run * `Auth::check('default', $this->request)` to authenticate a user. This will check the POST data of * the request (`lithium\action\Request::$data`) to see if the fields match the `'fields'` key of * the configuration below. If successful, it will write the data returned from `Users::first()` to * the session using the default session configuration. * * Once the session data is written, you can call `Auth::check('default')` to check authentication * status or retrieve the user's data from the session. Call `Auth::clear('default')` to remove the * user's authentication details from the session. This effectively logs a user out of the system. * To modify the form input that the adapter accepts, or how the configured model is queried, or how * the data is stored in the session, see the `Form` adapter API or the `Auth` API, respectively. * * @see lithium\security\auth\adapter\Form
* * @copyright Copyright 2011, Union of RAD (http://union-of-rad.org) * @license http://opensource.org/licenses/bsd-license.php The BSD License */ /** * This configures your session storage. The Cookie storage adapter must be connected first, since * it intercepts any writes where the `'expires'` key is set in the options array. */ use lithium\storage\Session; Session::config(array('cookie' => array('adapter' => 'Cookie'), 'default' => array('adapter' => 'Php'))); /** * Uncomment the lines below to enable forms-based authentication. This configuration will attempt * to authenticate users against a `Users` model. In a controller, run * `Auth::check('default', $this->request)` to authenticate a user. This will check the POST data of * the request (`lithium\action\Request::$data`) to see if the fields match the `'fields'` key of * the configuration below. If successful, it will write the data returned from `Users::first()` to * the session using the default session configuration. * * Once the session data is written, you can call `Auth::check('default')` to check authentication * status or retrieve the user's data from the session. Call `Auth::clear('default')` to remove the * user's authentication details from the session. This effectively logs a user out of the system. * To modify the form input that the adapter accepts, or how the configured model is queried, or how * the data is stored in the session, see the `Form` adapter API or the `Auth` API, respectively. * * @see lithium\security\auth\adapter\Form * @see lithium\action\Request::$data * @see lithium\security\Auth */ use lithium\security\Auth; Auth::config(array('default' => array('adapter' => '\\app\\extensions\\adapter\\Doctrine', 'model' => 'User', 'fields' => array('email', 'password'), 'query' => 'findOneBy')));
<?php use lithium\storage\Session; use lithium\security\Auth; Session::config(array('default' => array('adapter' => 'Php'))); Auth::config(array('customer' => array('adapter' => 'Form', 'model' => 'User', 'fields' => array('username', 'password'))));
<?php /** * li3_access configuration file */ use lithium\security\Auth; use li3_access\security\Access; /** * Auth configurations * Users authorized trough 'inactive' configuration gets message about inactive account! */ Auth::config(array('default' => array('adapter' => 'Form', 'scope' => array('active' => true), 'query' => 'firstWithGroup'), 'inactive' => array('adapter' => 'Form', 'scope' => array('active' => false)))); /** * Access adapters configurations * For details se `li3_access` documentation */ Access::config(array('acl' => array('adapter' => 'DbAcl'), 'rules' => array('adapter' => 'Rules')));
public function setUp() { Session::config(array('test' => array('adapter' => 'Memory'))); Auth::config(array('test' => array('adapter' => '\\lithium\\tests\\mocks\\security\\auth\\adapter\\MockAuthAdapter'))); }
<?php /** * Minerva's Authentication Configuration * In this file you can specifcy the settings for the Auth class. * If you need to use a different or additional adapter, you can * do so by configuring it here. * */ use \lithium\security\Auth; Auth::config(array( 'minerva_user' => array( 'adapter' => 'Form', 'model' => 'User', 'fields' => array('email', 'password'), 'scope' => array('active' => true), /*'filters' => array( //'password' => 'app\models\User::hashPassword' ),*/ 'session' => array( 'options' => array('name' => 'default') ) ) )); ?>
public static function initAuth() { foreach (Auth::config() as $name => $config) { if ($result = Auth::check($name)) { static::$_data['auth'] = true; static::$_data['auth.id'] = isset($result['email']) ? $result['email'] : $result['_id']; static::$_data['auth.data'] = $result; } } }
/** * @todo reduce Model Overhead (will duplicated in each model) * * @param mixed $params The Lithium `Request` object, or an array with at least * 'request', and 'params' * @param array $options * @return array|mixed $roles Roles with attached User Models */ protected static function _getRolesByAuth($params, array $options = array()) { $roles = array('*' => '*'); foreach (array_keys(Auth::config()) as $key) { if ($check = Auth::check($key, $params['request'], $options)) { $roles[$key] = $check; } } return $roles = array_filter($roles); }
public function setUp() { Auth::clear('user'); $this->_request = new Request(array( 'params' => array( 'library' => 'test_library', 'controller' => 'test_controllers', 'action' => 'test_action' ) )); Auth::config(array( 'user' => array( 'adapter' => 'li3_access\tests\mocks\extensions\adapter\auth\MockAuthAdapter' ) )); Access::config(array( 'no_roles' => array( 'adapter' => 'AuthRbac' ), 'test_check' => array( 'adapter' => 'AuthRbac', 'roles' => array( array( 'resources' => 'user', 'match' => '*::*' ), array( 'resources' => 'user', 'match' => 'Pages::index' ) ) ), 'test_closures' => array( 'adapter' => 'AuthRbac', 'roles' => array( array( 'resources' => '*', 'allow' => array(function($request, &$roleOptions) { $roleOptions['message'] = 'Test allow options set.'; return $request->params['allow']; }), 'match' => array( function($request) { return $request->params['match']; }, 'controller' => 'TestControllers', 'action' => 'test_action' ) ) ) ), 'test_option_override' => array( 'adapter' => 'AuthRbac', 'roles' => array( array( 'allow' => false, 'resources' => '*', 'match' => '*::*' ), array( 'message' => 'Rule access denied message.', 'redirect' => '/', 'options' => array( 'class' => 'notice' ), 'resources' => 'user', 'match' => 'TestControllers::test_action' ), array( 'message' => 'Test no overwrite.', 'redirect' => 'Test::no_overwrite', 'match' => null ) ) ) )); }
/** * @todo reduce Model Overhead (will duplicated in each model) * * @param Request $request Object * @return array|mixed $roles Roles with attached User Models */ protected function _roles($request, array $options = array()) { $roles = array('*' => '*'); foreach (array_keys(Auth::config()) as $key) { if ($check = Auth::check($key, $request, $options)) { $roles[$key] = $check; } } return $roles = array_filter($roles); }
<?php /** * Lithium: the most rad php framework * * @copyright Copyright 2012, Union of RAD (http://union-of-rad.org) * @license http://opensource.org/licenses/bsd-license.php The BSD License */ /** * Uncomment the lines below to enable forms-based authentication. This configuration will attempt * to authenticate users against a `Users` model. In a controller, run * `Auth::check('default', $this->request)` to authenticate a user. This will check the POST data of * the request (`lithium\action\Request::$data`) to see if the fields match the `'fields'` key of * the configuration below. If successful, it will write the data returned from `Users::first()` to * the session using the default session configuration. * * Once the session data is written, you can call `Auth::check('default')` to check authentication * status or retrieve the user's data from the session. Call `Auth::clear('default')` to remove the * user's authentication details from the session. This effectively logs a user out of the system. * To modify the form input that the adapter accepts, or how the configured model is queried, or how * the data is stored in the session, see the `Form` adapter API or the `Auth` API, respectively. * * @see lithium\security\auth\adapter\Form * @see lithium\action\Request::$data * @see lithium\security\Auth */ use lithium\security\Auth; Auth::config(array('openid' => array('adapter' => 'OpenId')));
* @license http://opensource.org/licenses/bsd-license.php The BSD License */ /** * This configures your session storage. The Cookie storage adapter must be connected first, since * it intercepts any writes where the `'expires'` key is set in the options array. */ use lithium\storage\Session; use lithium\security\Auth; use lithium\security\Password; Session::config(array('default' => array('adapter' => 'Php'))); /** * Uncomment the lines below to enable forms-based authentication. This configuration will attempt * to authenticate users against a `Users` model. In a controller, run * `Auth::check('default', $this->request)` to authenticate a user. This will check the POST data of * the request (`lithium\action\Request::$data`) to see if the fields match the `'fields'` key of * the configuration below. If successful, it will write the data returned from `Users::first()` to * the session using the default session configuration. * * Once the session data is written, you can call `Auth::check('default')` to check authentication * status or retrieve the user's data from the session. Call `Auth::clear('default')` to remove the * user's authentication details from the session. This effectively logs a user out of the system. * To modify the form input that the adapter accepts, or how the configured model is queried, or how * the data is stored in the session, see the `Form` adapter API or the `Auth` API, respectively. * * @see lithium\security\auth\adapter\Form * @see lithium\action\Request::$data * @see lithium\security\Auth */ // use lithium\security\Auth; Auth::config(array('default' => array('adapter' => 'Form'), 'member' => array('adapter' => 'Form', 'model' => 'Users', 'fields' => array('username', 'password'))));
* This configures your session storage. The Cookie storage adapter must be connected first, since * it intercepts any writes where the `'expires'` key is set in the options array. * The default name is based on the lithium app path. Remember, if your app is numeric or has * special characters you might want to use Inflector::slug() or set this manually. */ use lithium\storage\Session; $name = basename(LITHIUM_APP_PATH); Session::config(array('default' => array('adapter' => 'Php', 'session.name' => $name))); /** * Uncomment the lines below to enable forms-based authentication. This configuration will attempt * to authenticate users against a `Users` model. In a controller, run * `Auth::check('default', $this->request)` to authenticate a user. This will check the POST data of * the request (`lithium\action\Request::$data`) to see if the fields match the `'fields'` key of * the configuration below. If successful, it will write the data returned from `Users::first()` to * the session using the default session configuration. * * Once the session data is written, you can call `Auth::check('default')` to check authentication * status or retrieve the user's data from the session. Call `Auth::clear('default')` to remove the * user's authentication details from the session. This effectively logs a user out of the system. * To modify the form input that the adapter accepts, or how the configured model is queried, or how * the data is stored in the session, see the `Form` adapter API or the `Auth` API, respectively. * * @see lithium\security\auth\adapter\Form * @see lithium\action\Request::$data * @see lithium\security\Auth */ use lithium\security\Auth; use lithium\security\Password; Auth::config(array('phpbb' => array('adapter' => 'app\\security\\auth\\adapter\\Forum', 'model' => 'app\\models\\Identities', 'scope' => array('type' => 'phpbb', 'prv_name' => 'afdc.com')), 'password' => array('adapter' => 'lithium\\security\\auth\\adapter\\Form', 'model' => 'app\\models\\Identities', 'fields' => array('email' => 'prv_uid', 'password' => 'prv_secret'), 'scope' => array('type' => 'password', 'prv_name' => 'afdc.com'), 'filters' => array('email' => 'strtolower'), 'validators' => array('password' => function ($form, $data) { return Password::check($form, $data); })), 'any' => array('adapter' => 'app\\security\\auth\\adapter\\Proxy')));
<?php use lithium\security\Auth; Auth::config(array('li3b_user' => array('adapter' => 'Form', 'model' => '\\li3b_users\\models\\User', 'fields' => array('email', 'password'), 'scope' => array('active' => true), 'session' => array('options' => array('name' => 'default')))));
<?php use lithium\security\Auth; Auth::config(array('default' => array('adapter' => 'Form', 'model' => 'Authors', 'fields' => array('email', 'password'))));