Modules

  1. Kohana
    2. Debug
    3. I18n
    4. Kohana
    5. Kohana_Core
    6. Request
    7. Request_Client
    8. Request_Client_External
    9. Request_Client_Internal
    10. Response
    11. Route
    12. UTF8
    13. View
    14. Cache
      1. Cache_Xcache
    15. Configuration
      1. Config
      2. Config_File
      3. Config_Reader
    16. Controller
      1. Controller
      2. Controller_REST
      3. Controller_Template
      4. Controller_Welcome
    17. Exceptions
      1. HTTP_Exception
      2. HTTP_Exception_400
      3. HTTP_Exception_401
      4. HTTP_Exception_402
      5. HTTP_Exception_403
      6. HTTP_Exception_404
      7. HTTP_Exception_405
      8. HTTP_Exception_406
      9. HTTP_Exception_407
      10. HTTP_Exception_408
      11. HTTP_Exception_409
      12. HTTP_Exception_410
      13. HTTP_Exception_411
      14. HTTP_Exception_412
      15. HTTP_Exception_413
      16. HTTP_Exception_414
      17. HTTP_Exception_415
      18. HTTP_Exception_416
      19. HTTP_Exception_417
      20. HTTP_Exception_500
      21. HTTP_Exception_501
      22. HTTP_Exception_502
      23. HTTP_Exception_503
      24. HTTP_Exception_504
      25. HTTP_Exception_505
      26. Kohana_Exception
      27. Kohana_Request_Exception
      28. Kohana_View_Exception
      29. Validation_Exception
    18. HTTP
      1. HTTP
      2. HTTP_Header
      3. HTTP_Header_Value
    19. Helpers
      1. Arr
      2. CLI
      3. Cookie
      4. Date
      5. Feed
      6. File
      7. Form
      8. Fragment
      9. HTML
      10. Inflector
      11. Num
      12. Profiler
      13. Text
      14. URL
      15. Upload
    20. Logging
      1. Log
      2. Log_File
      3. Log_StdErr
      4. Log_StdOut
      5. Log_Syslog
      6. Log_Writer
    21. Models
      1. Model
    22. Security
      1. Encrypt
      2. Security
      3. Valid
      4. Validation
    23. Session
      1. Session
      2. Session_Cookie
      3. Session_Native
  2. Kohana/Auth
    2. Auth
    3. Auth_File
    4. Auth_ORM
    5. Model_Auth_Role
    6. Model_Auth_User
    7. Model_Auth_User_Token
    8. Model_Role
    9. Model_User
    10. Model_User_Token
  3. Kohana/Cache
    2. Cache
    3. Cache_Apc
    4. Cache_Eaccelerator
    5. Cache_File
    6. Cache_Memcache
    7. Cache_MemcacheTag
    8. Cache_Sqlite
    9. Cache_Wincache
    10. Kohana_Cache_Exception
    11. Kohana_Cache_GarbageCollect
    12. Kohana_Cache_Tagging
  4. Kohana/Codebench
    2. Codebench
    3. Controllers
      1. Controller_Codebench
    4. Tests
      1. Bench_ArrCallback
      2. Bench_AutoLinkEmails
      3. Bench_DateSpan
      4. Bench_ExplodeLimit
      5. Bench_GruberURL
      6. Bench_LtrimDigits
      7. Bench_MDDoBaseURL
      8. Bench_MDDoImageURL
      9. Bench_MDDoIncludeViews
      10. Bench_StripNullBytes
      11. Bench_Transliterate
      12. Bench_URLSite
      13. Bench_UserFuncArray
      14. Bench_ValidColor
      15. Bench_ValidURL
  5. Kohana/Database
    2. DB
    3. Database
    4. Database_Expression
    5. Configuration
      1. Config_Database
    6. Drivers
      1. Database_MySQL
      2. Database_PDO
    7. Exceptions
      1. Database_Exception
    8. Models
      1. Model_Database
    9. Query
      1. Database_Query
      2. Database_Query_Builder
      3. Database_Query_Builder_Delete
      4. Database_Query_Builder_Insert
      5. Database_Query_Builder_Join
      6. Database_Query_Builder_Select
      7. Database_Query_Builder_Update
      8. Database_Query_Builder_Where
    10. Query/Result
      1. Database_MySQL_Result
      2. Database_Result
      3. Database_Result_Cached
    11. Session
      1. Session_Database
  6. Kohana/Image
    2. Image
    3. Drivers
      1. Image_GD
  7. Kohana/ORM
    2. ORM
    3. ORM_Validation_Exception
  8. Kohana/Userguide
    2. Kodoc
    3. Kodoc_Class
    4. Kodoc_Markdown
    5. Kodoc_Method
    6. Kodoc_Method_Param
    7. Kodoc_Property
    8. Controllers
      1. Controller_Userguide
    9. Undocumented
      1. Kodoc_Missing
  9. [Unknown]
    2. HTTP_Interaction
    3. HTTP_Request
    4. HTTP_Response

Auth_ORM
extends Kohana_Auth_ORM
extends Auth
extends Kohana_Auth

ORM Auth driver.

package
Kohana/Auth
author
Kohana Team
copyright
© 2007-2012 Kohana Team
license
http://kohanaframework.org/license

Class declared in MODPATH/orm/classes/auth/orm.php on line 3.

Constants

  • None

Properties

Methods

Properties

protected $_config

protected static $_instance

NULL

protected $_session

Methods

public auto_login( ) (defined in Kohana_Auth_ORM)

Logs a user in, based on the authautologin cookie.

Return Values

  • mixed

Source Code

public function auto_login()
{
	if ($token = Cookie::get('authautologin'))
	{
		// Load the token and user
		$token = ORM::factory('user_token', array('token' => $token));

		if ($token->loaded() AND $token->user->loaded())
		{
			if ($token->user_agent === sha1(Request::$user_agent))
			{
				// Save the token to create a new unique token
				$token->save();

				// Set the new token
				Cookie::set('authautologin', $token->token, $token->expires - time());

				// Complete the login with the found data
				$this->complete_login($token->user);

				// Automatic login was successful
				return $token->user;
			}

			// Token is invalid
			$token->delete();
		}
	}

	return FALSE;
}

public check_password( string $password ) (defined in Kohana_Auth_ORM)

Compare password with original (hashed). Works for current (logged in) user

Parameters

  • string $password required - $password

Return Values

  • boolean

Source Code

public function check_password($password)
{
	$user = $this->get_user();

	if ( ! $user)
		return FALSE;

	return ($this->hash($password) === $user->password);
}

public force_login( mixed $user [, boolean $mark_session_as_forced = bool FALSE ] ) (defined in Kohana_Auth_ORM)

Forces a user to be logged in, without specifying a password.

Parameters

  • mixed $user required - Username string, or user ORM object
  • boolean $mark_session_as_forced = bool FALSE - Mark the session as forced

Return Values

  • boolean

Source Code

public function force_login($user, $mark_session_as_forced = FALSE)
{
	if ( ! is_object($user))
	{
		$username = $user;

		// Load the user
		$user = ORM::factory('user');
		$user->where($user->unique_key($username), '=', $username)->find();
	}

	if ($mark_session_as_forced === TRUE)
	{
		// Mark the session as forced, to prevent users from changing account information
		$this->_session->set('auth_forced', TRUE);
	}

	// Run the standard completion
	$this->complete_login($user);
}

public get_user( [ mixed $default = NULL ] ) (defined in Kohana_Auth_ORM)

Gets the currently logged in user from the session (with auto_login check). Returns $default if no user is currently logged in.

Parameters

  • mixed $default = NULL - To return in case user isn't logged in

Return Values

  • mixed

Source Code

public function get_user($default = NULL)
{
	$user = parent::get_user($default);

	if ($user === $default)
	{
		// check for "remembered" login
		if (($user = $this->auto_login()) === FALSE)
			return $default;
	}

	return $user;
}

public logged_in( [ mixed $role = NULL ] ) (defined in Kohana_Auth_ORM)

Checks if a session is active.

Parameters

  • mixed $role = NULL - Role name string, role ORM object, or array with role names

Return Values

  • boolean

Source Code

public function logged_in($role = NULL)
{
	// Get the user from the session
	$user = $this->get_user();

	if ( ! $user)
		return FALSE;

	if ($user instanceof Model_User AND $user->loaded())
	{
		// If we don't have a roll no further checking is needed
		if ( ! $role)
			return TRUE;

		if (is_array($role))
		{
			// Get all the roles
			$roles = ORM::factory('role')
						->where('name', 'IN', $role)
						->find_all()
						->as_array(NULL, 'id');

			// Make sure all the roles are valid ones
			if (count($roles) !== count($role))
				return FALSE;
		}
		else
		{
			if ( ! is_object($role))
			{
				// Load the role
				$roles = ORM::factory('role', array('name' => $role));

				if ( ! $roles->loaded())
					return FALSE;
			}
		}

		return $user->has('roles', $roles);
	}
}

public logout( [ boolean $destroy = bool FALSE , boolean $logout_all = bool FALSE ] ) (defined in Kohana_Auth_ORM)

Log a user out and remove any autologin cookies.

Parameters

  • boolean $destroy = bool FALSE - Completely destroy the session
  • boolean $logout_all = bool FALSE - Remove all tokens for user

Return Values

  • boolean

Source Code

public function logout($destroy = FALSE, $logout_all = FALSE)
{
	// Set by force_login()
	$this->_session->delete('auth_forced');

	if ($token = Cookie::get('authautologin'))
	{
		// Delete the autologin cookie to prevent re-login
		Cookie::delete('authautologin');

		// Clear the autologin token from the database
		$token = ORM::factory('user_token', array('token' => $token));

		if ($token->loaded() AND $logout_all)
		{
			// Delete all user tokens. This isn't the most elegant solution but does the job
			$tokens = ORM::factory('user_token')->where('user_id','=',$token->user_id)->find_all();
			
			foreach ($tokens as $_token)
			{
				$_token->delete();
			}
		}
		elseif ($token->loaded())
		{
			$token->delete();
		}
	}

	return parent::logout($destroy);
}

public password( mixed $user ) (defined in Kohana_Auth_ORM)

Get the stored password for a username.

Parameters

  • mixed $user required - Username string, or user ORM object

Return Values

  • string

Source Code

public function password($user)
{
	if ( ! is_object($user))
	{
		$username = $user;

		// Load the user
		$user = ORM::factory('user');
		$user->where($user->unique_key($username), '=', $username)->find();
	}

	return $user->password;
}

public __construct( [ array $config = array(0) ] ) (defined in Kohana_Auth)

Loads Session and configuration options.

Parameters

  • array $config = array(0) - Config Options

Return Values

  • void

Source Code

public function __construct($config = array())
{
	// Save the config in the object
	$this->_config = $config;

	$this->_session = Session::instance();
}

public hash( string $str ) (defined in Kohana_Auth)

Perform a hmac hash, using the configured method.

Parameters

  • string $str required - String to hash

Return Values

  • string

Source Code

public function hash($str)
{
	if ( ! $this->_config['hash_key'])
		throw new Kohana_Exception('A valid hash key must be set in your auth config.');

	return hash_hmac($this->_config['hash_method'], $str, $this->_config['hash_key']);
}

public hash_password( string $password ) (defined in Kohana_Auth)

Creates a hashed hmac password from a plaintext password. This method is deprecated, Auth::hash should be used instead.

Parameters

  • string $password required - Plaintext password

Tags

  • Deprecated -

Source Code

public function hash_password($password)
{
	return $this->hash($password);
}

public static instance( ) (defined in Kohana_Auth)

Singleton pattern

Return Values

  • Auth

Source Code

public static function instance()
{
	if ( ! isset(Auth::$_instance))
	{
		// Load the configuration for this type
		$config = Kohana::config('auth');

		if ( ! $type = $config->get('driver'))
		{
			$type = 'file';
		}

		// Set the session class name
		$class = 'Auth_'.ucfirst($type);

		// Create a new session instance
		Auth::$_instance = new $class($config);
	}

	return Auth::$_instance;
}

public login( string $username , string $password [, boolean $remember = bool FALSE ] ) (defined in Kohana_Auth)

Attempt to log in a user by using an ORM object and plain-text password.

Parameters

  • string $username required - Username to log in
  • string $password required - Password to check against
  • boolean $remember = bool FALSE - Enable autologin

Return Values

  • boolean

Source Code

public function login($username, $password, $remember = FALSE)
{
	if (empty($password))
		return FALSE;

	if (is_string($password))
	{
		// Create a hashed password
		$password = $this->hash($password);
	}

	return $this->_login($username, $password, $remember);
}

protected _login( string $user , string $password , boolean $remember ) (defined in Kohana_Auth_ORM)

Logs a user in.

Parameters

  • string $user required - Name
  • string $password required - $password
  • boolean $remember required - Enable autologin

Return Values

  • boolean

Source Code

protected function _login($user, $password, $remember)
{
	if ( ! is_object($user))
	{
		$username = $user;

		// Load the user
		$user = ORM::factory('user');
		$user->where($user->unique_key($username), '=', $username)->find();
	}

	// If the passwords match, perform a login
	if ($user->has('roles', ORM::factory('role', array('name' => 'login'))) AND $user->password === $password)
	{
		if ($remember === TRUE)
		{
			// Token data
			$data = array(
				'user_id'    => $user->id,
				'expires'    => time() + $this->_config['lifetime'],
				'user_agent' => sha1(Request::$user_agent),
			);

			// Create a new autologin token
			$token = ORM::factory('user_token')
						->values($data)
						->create();

			// Set the autologin cookie
			Cookie::set('authautologin', $token->token, $this->_config['lifetime']);
		}

		// Finish the login
		$this->complete_login($user);

		return TRUE;
	}

	// Login failed
	return FALSE;
}

protected complete_login( object $user ) (defined in Kohana_Auth_ORM)

Complete the login for a user by incrementing the logins and setting session data: user_id, username, roles.

Parameters

  • object $user required - User ORM object

Return Values

  • void

Source Code

protected function complete_login($user)
{
	$user->complete_login();

	return parent::complete_login($user);
}