Modules

  1. Kohana
    2. Debug
    3. HTTP_Cache
    4. I18n
    5. Kohana
    6. Kohana_Config_Writer
    7. Request
    8. Request_Client
    9. Request_Client_Curl
    10. Request_Client_External
    11. Request_Client_HTTP
    12. Request_Client_Internal
    13. Request_Client_Stream
    14. Response
    15. Route
    16. UTF8
    17. View
    18. Configuration
      1. Config
      2. Config_File
      3. Config_Group
      4. Kohana_Config_File_Reader
      5. Kohana_Config_Reader
      6. Kohana_Config_Source
    19. Controller
      1. Controller
      2. Controller_Template
      3. Controller_Welcome
    20. Exceptions
      1. HTTP_Exception
      2. HTTP_Exception_300
      3. HTTP_Exception_301
      4. HTTP_Exception_302
      5. HTTP_Exception_303
      6. HTTP_Exception_304
      7. HTTP_Exception_305
      8. HTTP_Exception_307
      9. HTTP_Exception_400
      10. HTTP_Exception_401
      11. HTTP_Exception_402
      12. HTTP_Exception_403
      13. HTTP_Exception_404
      14. HTTP_Exception_405
      15. HTTP_Exception_406
      16. HTTP_Exception_407
      17. HTTP_Exception_408
      18. HTTP_Exception_409
      19. HTTP_Exception_410
      20. HTTP_Exception_411
      21. HTTP_Exception_412
      22. HTTP_Exception_413
      23. HTTP_Exception_414
      24. HTTP_Exception_415
      25. HTTP_Exception_416
      26. HTTP_Exception_417
      27. HTTP_Exception_500
      28. HTTP_Exception_501
      29. HTTP_Exception_502
      30. HTTP_Exception_503
      31. HTTP_Exception_504
      32. HTTP_Exception_505
      33. HTTP_Exception_Expected
      34. HTTP_Exception_Redirect
      35. Kohana_Exception
      36. Request_Client_Recursion_Exception
      37. Request_Exception
      38. Session_Exception
      39. UTF8_Exception
      40. Validation_Exception
      41. View_Exception
    21. HTTP
      1. HTTP
      2. HTTP_Header
      3. HTTP_Message
      4. HTTP_Request
      5. HTTP_Response
    22. Helpers
      1. Arr
      2. Cookie
      3. Date
      4. Feed
      5. File
      6. Form
      7. Fragment
      8. HTML
      9. Inflector
      10. Num
      11. Profiler
      12. Task_Help
      13. Text
      14. URL
      15. Upload
    23. Logging
      1. Log
      2. Log_File
      3. Log_StdErr
      4. Log_StdOut
      5. Log_Syslog
      6. Log_Writer
    24. Minion
      1. Minion_Exception
      2. Minion_Exception_InvalidTask
    25. Models
      1. Model
    26. Security
      1. Encrypt
      2. Encrypt_Mcrypt
      3. Encrypt_Openssl
      4. Security
      5. Valid
      6. Validation
    27. Session
      1. Session
      2. Session_Cookie
      3. Session_Native
  2. Kohana/Auth
    2. Auth
    3. Auth_File
    4. Auth_ORM
    5. Model_Auth_Role
    6. Model_Auth_User
    7. Model_Auth_User_Token
    8. Model_Role
    9. Model_User
    10. Model_User_Token
  3. Kohana/Cache
    2. Cache
    3. Cache_Apc
    4. Cache_Apcu
    5. Cache_Arithmetic
    6. Cache_Exception
    7. Cache_File
    8. Cache_GarbageCollect
    9. Cache_Memcache
    10. Cache_MemcacheTag
    11. Cache_Memcached
    12. Cache_Sqlite
    13. Cache_Tagging
    14. Cache_Wincache
  4. Kohana/Codebench
    2. Codebench
    3. Controllers
      1. Controller_Codebench
    4. Tests
      1. Bench_ArrCallback
      2. Bench_AutoLinkEmails
      3. Bench_DateSpan
      4. Bench_ExplodeLimit
      5. Bench_GruberURL
      6. Bench_LtrimDigits
      7. Bench_MDDoBaseURL
      8. Bench_MDDoImageURL
      9. Bench_MDDoIncludeViews
      10. Bench_StripNullBytes
      11. Bench_Transliterate
      12. Bench_URLSite
      13. Bench_UserFuncArray
      14. Bench_ValidColor
      15. Bench_ValidURL
  5. Kohana/Database
    2. DB
    3. Database
    4. Database_Expression
    5. Configuration
      1. Config_Database
      2. Config_Database_Reader
      3. Config_Database_Writer
    6. Drivers
      1. Database_MySQLi
      2. Database_PDO
    7. Exceptions
      1. Database_Exception
    8. Models
      1. Model_Database
    9. Query
      1. Database_Query
      2. Database_Query_Builder
      3. Database_Query_Builder_Delete
      4. Database_Query_Builder_Insert
      5. Database_Query_Builder_Join
      6. Database_Query_Builder_Select
      7. Database_Query_Builder_Update
      8. Database_Query_Builder_Where
    10. Query/Result
      1. Database_MySQLi_Result
      2. Database_Result
      3. Database_Result_Cached
    11. Session
      1. Session_Database
  6. Kohana/Image
    2. Image
    3. Drivers
      1. Image_GD
      2. Image_Imagick
  7. Kohana/ORM
    2. ORM
    3. ORM_Validation_Exception
  8. Kohana/UnitTest
    2. Unittest_Database_TestCase
    3. Unittest_Tests
  9. Kohana/Userguide
    2. Kodoc
    3. Kodoc_Class
    4. Kodoc_Markdown
    5. Kodoc_Method
    6. Kodoc_Method_Param
    7. Kodoc_Property
    8. Controller
      1. Controller_Userguide
    9. Undocumented
      1. Kodoc_Missing
  10. [Unknown]
    2. Minion_CLI
    3. Minion_Task
    4. Unittest_Helpers
    5. Unittest_TestCase
    6. Unittest_TestSuite

Auth_ORM
extends Kohana_Auth_ORM
extends Auth
extends Kohana_Auth

ORM Auth driver.

package
Kohana/Auth
author
Kohana Team
copyright
© 2007-2012 Kohana Team
license
https://kohana.top/license

Class declared in MODPATH/orm/classes/Auth/ORM.php on line 3.

Constants

  • None

Properties

Methods

Properties

protected $_config

Default value:
NULL

protected static $_instance

NULL

protected $_session

Default value:
NULL

Methods

public auto_login( ) (defined in Kohana_Auth_ORM)

Logs a user in, based on the authautologin cookie.

Return Values

  • mixed

Source Code

public function auto_login()
{
    if ($token = Cookie::get('authautologin')) {
        // Load the token and user
        $token = ORM::factory('User_Token', ['token' => $token]);

        if ($token->loaded() AND $token->user->loaded()) {
            if ($token->user_agent === sha1(Request::$user_agent)) {
                // Save the token to create a new unique token
                $token->save();

                // Set the new token
                Cookie::set('authautologin', $token->token, $token->expires - time());

                // Complete the login with the found data
                $this->complete_login($token->user);

                // Automatic login was successful
                return $token->user;
            }

            // Token is invalid
            $token->delete();
        }
    }

    return false;
}

public check_password( string $password ) (defined in Kohana_Auth_ORM)

Compare password with original (hashed). Works for current (logged in) user

Parameters

  • string $password required - $password

Return Values

  • boolean

Source Code

public function check_password($password)
{
    $user = $this->get_user();

    if (!$user)
        return false;

    return ($this->hash($password) === $user->password);
}

public force_login( mixed $user [, boolean $mark_session_as_forced = bool FALSE ] ) (defined in Kohana_Auth_ORM)

Forces a user to be logged in, without specifying a password.

Parameters

  • mixed $user required - Username string, or user ORM object
  • boolean $mark_session_as_forced = bool FALSE - Mark the session as forced

Return Values

  • boolean

Source Code

public function force_login($user, $mark_session_as_forced = false)
{
    if (!is_object($user)) {
        $username = $user;

        // Load the user
        $user = ORM::factory('User');
        $user->where($user->unique_key($username), '=', $username)->find();
    }

    if ($mark_session_as_forced === true) {
        // Mark the session as forced, to prevent users from changing account information
        $this->_session->set('auth_forced', true);
    }

    // Run the standard completion
    $this->complete_login($user);
}

public get_user( [ mixed $default = NULL ] ) (defined in Kohana_Auth_ORM)

Gets the currently logged in user from the session (with auto_login check). Returns $default if no user is currently logged in.

Parameters

  • mixed $default = NULL - To return in case user isn't logged in

Return Values

  • mixed

Source Code

public function get_user($default = null)
{
    $user = parent::get_user($default);

    if ($user === $default) {
        // check for "remembered" login
        if (($user = $this->auto_login()) === false)
            return $default;
    }

    return $user;
}

public logged_in( [ mixed $role = NULL ] ) (defined in Kohana_Auth_ORM)

Checks if a session is active.

Parameters

  • mixed $role = NULL - Role name string, role ORM object, or array with role names

Return Values

  • boolean

Source Code

public function logged_in($role = null)
{
    // Get the user from the session
    $user = $this->get_user();

    if (!$user)
        return false;

    if ($user instanceof Model_User AND $user->loaded()) {
        // If we don't have a roll no further checking is needed
        if (!$role)
            return true;

        if (is_array($role)) {
            // Get all the roles
            $roles = ORM::factory('Role')
                ->where('name', 'IN', $role)
                ->find_all()
                ->as_array(null, 'id');

            // Make sure all the roles are valid ones
            if (count($roles) !== count($role))
                return false;
        }
        else {
            if (!is_object($role)) {
                // Load the role
                $roles = ORM::factory('Role', ['name' => $role]);

                if (!$roles->loaded())
                    return false;
            }
            else {
                $roles = $role;
            }
        }

        return $user->has('roles', $roles);
    }
}

public logout( [ boolean $destroy = bool FALSE , boolean $logout_all = bool FALSE ] ) (defined in Kohana_Auth_ORM)

Log a user out and remove any autologin cookies.

Parameters

  • boolean $destroy = bool FALSE - Completely destroy the session
  • boolean $logout_all = bool FALSE - Remove all tokens for user

Return Values

  • boolean

Source Code

public function logout($destroy = false, $logout_all = false)
{
    // Set by force_login()
    $this->_session->delete('auth_forced');

    if ($token = Cookie::get('authautologin')) {
        // Delete the autologin cookie to prevent re-login
        Cookie::delete('authautologin');

        // Clear the autologin token from the database
        $token = ORM::factory('User_Token', ['token' => $token]);

        if ($token->loaded() AND $logout_all) {
            // Delete all user tokens. This isn't the most elegant solution but does the job
            $tokens = ORM::factory('User_Token')->where('user_id', '=', $token->user_id)->find_all();

            foreach ($tokens as $_token) {
                $_token->delete();
            }
        } elseif ($token->loaded()) {
            $token->delete();
        }
    }

    return parent::logout($destroy);
}

public password( mixed $user ) (defined in Kohana_Auth_ORM)

Get the stored password for a username.

Parameters

  • mixed $user required - Username string, or user ORM object

Return Values

  • string

Source Code

public function password($user)
{
    if (!is_object($user)) {
        $username = $user;

        // Load the user
        $user = ORM::factory('User');
        $user->where($user->unique_key($username), '=', $username)->find();
    }

    return $user->password;
}

public __construct( [ array $config = array(0) ] ) (defined in Kohana_Auth)

Loads Session and configuration options.

Parameters

  • array $config = array(0) - Config Options

Return Values

  • void

Source Code

public function __construct($config = [])
{
    // Save the config in the object
    $this->_config = $config;

    $this->_session = Session::instance($this->_config['session_type']);
}

public hash( string $str ) (defined in Kohana_Auth)

Perform a hmac hash, using the configured method.

Parameters

  • string $str required - String to hash

Return Values

  • string

Source Code

public function hash($str)
{
    if (!$this->_config['hash_key'])
        throw new Kohana_Exception('A valid hash key must be set in your auth config.');

    return hash_hmac($this->_config['hash_method'], $str, $this->_config['hash_key']);
}

public static instance( ) (defined in Kohana_Auth)

Singleton pattern

Return Values

  • Auth

Source Code

public static function instance()
{
    if (!isset(Auth::$_instance)) {
        // Load the configuration for this type
        $config = Kohana::$config->load('auth');

        if (!$type = $config->get('driver')) {
            $type = 'file';
        }

        // Set the session class name
        $class = 'Auth_' . ucfirst($type);

        // Create a new session instance
        Auth::$_instance = new $class($config);
    }

    return Auth::$_instance;
}

public login( string $username , string $password [, boolean $remember = bool FALSE ] ) (defined in Kohana_Auth)

Attempt to log in a user by using an ORM object and plain-text password.

Parameters

  • string $username required - Username to log in
  • string $password required - Password to check against
  • boolean $remember = bool FALSE - Enable autologin

Return Values

  • boolean

Source Code

public function login($username, $password, $remember = false)
{
    if (empty($password))
        return false;

    return $this->_login($username, $password, $remember);
}

protected _login( string $user , string $password , boolean $remember ) (defined in Kohana_Auth_ORM)

Logs a user in.

Parameters

  • string $user required - Name
  • string $password required - $password
  • boolean $remember required - Enable autologin

Return Values

  • boolean

Source Code

protected function _login($user, $password, $remember)
{
    if (!is_object($user)) {
        $username = $user;

        // Load the user
        $user = ORM::factory('User');
        $user->where($user->unique_key($username), '=', $username)->find();
    }

    if (is_string($password)) {
        // Create a hashed password
        $password = $this->hash($password);
    }

    // If the passwords match, perform a login
    if ($user->has('roles', ORM::factory('Role', ['name' => 'login'])) AND $user->password === $password) {
        if ($remember === true) {
            // Token data
            $data = [
                'user_id' => $user->pk(),
                'expires' => time() + $this->_config['lifetime'],
                'user_agent' => sha1(Request::$user_agent),
            ];

            // Create a new autologin token
            $token = ORM::factory('User_Token')
                ->values($data)
                ->create();

            // Set the autologin cookie
            Cookie::set('authautologin', $token->token, $this->_config['lifetime']);
        }

        // Finish the login
        $this->complete_login($user);

        return true;
    }

    // Login failed
    return false;
}

protected complete_login( object $user ) (defined in Kohana_Auth_ORM)

Complete the login for a user by incrementing the logins and setting session data: user_id, username, roles.

Parameters

  • object $user required - User ORM object

Return Values

  • void

Source Code

protected function complete_login($user)
{
    $user->complete_login();

    return parent::complete_login($user);
}