Modules

abstract Kohana_Auth

User authorization library. Handles user login and logout, as well as secure password hashing.

package
Kohana/Auth
author
Kohana Team
copyright
© 2007-2012 Kohana Team
license
http://kohanaframework.org/license

Class declared in MODPATH/auth/classes/kohana/auth.php on line 11.

Properties

protected $_config

protected static $_instance

NULL

protected $_session

Methods

public __construct( [ array $config = array(0) ] ) (defined in Kohana_Auth)

Loads Session and configuration options.

Parameters

  • array $config = array(0) - Config Options

Return Values

  • void

Source Code

public function __construct($config = array())
{
	// Save the config in the object
	$this->_config = $config;

	$this->_session = Session::instance();
}

abstract public check_password( ) (defined in Kohana_Auth)

Source Code

abstract public function check_password($password);

public get_user( [ mixed $default = NULL ] ) (defined in Kohana_Auth)

Gets the currently logged in user from the session. Returns NULL if no user is currently logged in.

Parameters

  • mixed $default = NULL - Default value to return if the user is currently not logged in.

Return Values

  • mixed

Source Code

public function get_user($default = NULL)
{
	return $this->_session->get($this->_config['session_key'], $default);
}

public hash( string $str ) (defined in Kohana_Auth)

Perform a hmac hash, using the configured method.

Parameters

  • string $str required - String to hash

Return Values

  • string

Source Code

public function hash($str)
{
	if ( ! $this->_config['hash_key'])
		throw new Kohana_Exception('A valid hash key must be set in your auth config.');

	return hash_hmac($this->_config['hash_method'], $str, $this->_config['hash_key']);
}

public hash_password( string $password ) (defined in Kohana_Auth)

Creates a hashed hmac password from a plaintext password. This method is deprecated, Auth::hash should be used instead.

Parameters

  • string $password required - Plaintext password

Tags

  • Deprecated -

Source Code

public function hash_password($password)
{
	return $this->hash($password);
}

public static instance( ) (defined in Kohana_Auth)

Singleton pattern

Return Values

  • Auth

Source Code

public static function instance()
{
	if ( ! isset(Auth::$_instance))
	{
		// Load the configuration for this type
		$config = Kohana::config('auth');

		if ( ! $type = $config->get('driver'))
		{
			$type = 'file';
		}

		// Set the session class name
		$class = 'Auth_'.ucfirst($type);

		// Create a new session instance
		Auth::$_instance = new $class($config);
	}

	return Auth::$_instance;
}

public logged_in( [ string $role = NULL ] ) (defined in Kohana_Auth)

Check if there is an active session. Optionally allows checking for a specific role.

Parameters

  • string $role = NULL - Role name

Return Values

  • mixed

Source Code

public function logged_in($role = NULL)
{
	return ($this->get_user() !== NULL);
}

public login( string $username , string $password [, boolean $remember = bool FALSE ] ) (defined in Kohana_Auth)

Attempt to log in a user by using an ORM object and plain-text password.

Parameters

  • string $username required - Username to log in
  • string $password required - Password to check against
  • boolean $remember = bool FALSE - Enable autologin

Return Values

  • boolean

Source Code

public function login($username, $password, $remember = FALSE)
{
	if (empty($password))
		return FALSE;

	if (is_string($password))
	{
		// Create a hashed password
		$password = $this->hash($password);
	}

	return $this->_login($username, $password, $remember);
}

public logout( [ boolean $destroy = bool FALSE , boolean $logout_all = bool FALSE ] ) (defined in Kohana_Auth)

Log out a user by removing the related session variables.

Parameters

  • boolean $destroy = bool FALSE - Completely destroy the session
  • boolean $logout_all = bool FALSE - Remove all tokens for user

Return Values

  • boolean

Source Code

public function logout($destroy = FALSE, $logout_all = FALSE)
{
	if ($destroy === TRUE)
	{
		// Destroy the session completely
		$this->_session->destroy();
	}
	else
	{
		// Remove the user from the session
		$this->_session->delete($this->_config['session_key']);

		// Regenerate session_id
		$this->_session->regenerate();
	}

	// Double check
	return ! $this->logged_in();
}

abstract public password( ) (defined in Kohana_Auth)

Source Code

abstract public function password($username);

abstract protected _login( ) (defined in Kohana_Auth)

Source Code

abstract protected function _login($username, $password, $remember);

protected complete_login( ) (defined in Kohana_Auth)

Source Code

protected function complete_login($user)
{
	// Regenerate session_id
	$this->_session->regenerate();

	// Store username in session
	$this->_session->set($this->_config['session_key'], $user);

	return TRUE;
}