An authentication adapter for AuthComponent. Provides the ability to authenticate using POST data using Blowfish hashing. Can be used by configuring AuthComponent to use it via the AuthComponent::$authenticate setting.
$this->Auth->authenticate = array( 'Blowfish' => array( 'scope' => array('User.active' => 1) ) )
When configuring BlowfishAuthenticate you can pass in settings to which fields, model and additional conditions are used. See FormAuthenticate::$settings for more information.
For initial password hashing/creation see Security::hash(). Other than how the password is initially hashed, BlowfishAuthenticate works exactly the same way as FormAuthenticate.
__construct( ComponentCollection $collection , array $settings )
Constructor. Sets default passwordHasher to Blowfish
ComponentCollection
$collection
$settings
BaseAuthenticate::__construct()
_checkFields( CakeRequest $request , string $model , array $fields )
Checks the fields to ensure they are supplied.
CakeRequest
$request
$model
$fields
authenticate( CakeRequest $request , CakeResponse $response )
Authenticates the identity contained in a request. Will use the settings.userModel
, and settings.fields
to find POST data that is used to find a matching record in the settings.userModel
. Will return false if there is no post data, either username or password is missing, or if the scope conditions have not been met.
CakeRequest
$request
CakeResponse
$response
_findUser( string|array $username , string $password null )
Find a user record using the standard options.
The $username parameter can be a (string)username or an array containing conditions for Model::find('first'). If the $password param is not provided the password field will be present in returned array.
Input passwords will be hashed even when a user doesn't exist. This helps mitigate timing attacks that are attempting to find valid usernames.
$username
$password
optional null _password( string $password )
Hash the plain text password so that it matches the hashed/encrypted password in the datasource.
$password
getUser( CakeRequest $request )
Get a user based on information in the request. Primarily used by stateless authentication systems like basic and digest auth.
CakeRequest
$request
implementedEvents( )
Implemented events
CakeEventListener::implementedEvents()
logout( array $user )
Allows you to hook into AuthComponent::logout(), and implement specialized logout behavior.
All attached authentication objects will have this method called when a user logs out.
$user
passwordHasher( )
Return password hasher object
AbstractPasswordHasher
CakeException
If password hasher class not found or it does not extend AbstractPasswordHasher
unauthenticated( CakeRequest $request , CakeResponse $response )
Handle unauthenticated access attempt.
CakeRequest
$request
CakeResponse
$response
Either true to indicate the unauthenticated request has been dealt with and no more action is required by AuthComponent or void (default).
© 2005–2016 The Cake Software Foundation, Inc.
Licensed under the MIT License.
CakePHP is a registered trademark of Cake Software Foundation, Inc.
We are not endorsed by or affiliated with CakePHP.
http://api.cakephp.org/2.8/class-BlowfishAuthenticate.html