Authentication control component class.
Binds access control with user authentication and session management.
__get( string $name )
Magic accessor for backward compatibility for property $sessionKey
.
$name
mixed
Cake\Controller\Component::__get()
__set( string $name , mixed $value )
Magic setter for backward compatibility for property $sessionKey
.
$name
$value
_getUser( )
Similar to AuthComponent::user() except if user is not found in configured storage, connected authentication objects will have their getUser() methods called.
This lets stateless authentication methods function correctly.
boolean
_isAllowed( Cake\Controller\Controller $controller )
Checks whether current action is accessible without authentication.
Cake\Controller\Controller
$controller
boolean
_isLoginAction( Cake\Controller\Controller $controller )
Normalizes config loginAction
and checks if current request URL is same as login action.
Cake\Controller\Controller
$controller
boolean
_unauthenticated( Cake\Controller\Controller $controller )
Handles unauthenticated access attempt. First the unauthenticated()
method of the last authenticator in the chain will be called. The authenticator can handle sending response or redirection as appropriate and return true
to indicate no further action is necessary. If authenticator returns null this method redirects user to login action. If it's an AJAX request and config ajaxLogin
is specified that element is rendered else a 403 HTTP status code is returned.
Cake\Controller\Controller
$controller
Cake\Network\Response|null
_unauthorized( Cake\Controller\Controller $controller )
Handle unauthorized access attempt
Cake\Controller\Controller
$controller
Cake\Network\Response
Cake\Network\Exception\ForbiddenException
allow( string|array $actions null )
Takes a list of actions in the current controller for which authentication is not required, or no parameters to allow all actions.
You can use allow with either an array or a simple string.
$this->Auth->allow('view'); $this->Auth->allow(['edit', 'add']);
or to allow all actions
$this->Auth->allow();
$actions
optional null authCheck( Cake\Event\Event $event )
Main execution method, handles initial authentication check and redirection of invalid users.
The auth check is done when event name is same as the one configured in checkAuthIn
config.
Cake\Event\Event
$event
Cake\Network\Response|null
authenticationProvider( )
If login was called during this request and the user was successfully authenticated, this function will return the instance of the authentication object that was used for logging the user in.
Cake\Auth\BaseAuthenticate|null
authorizationProvider( )
If there was any authorization processing for the current request, this function will return the instance of the Authorization object that granted access to the user to the current address.
Cake\Auth\BaseAuthorize|null
constructAuthenticate( )
Loads the configured authentication objects.
array|null
Cake\Core\Exception\Exception
constructAuthorize( )
Loads the authorization objects configured.
array|null
Cake\Core\Exception\Exception
deny( string|array $actions null )
Removes items from the list of allowed/no authentication required actions.
You can use deny with either an array or a simple string.
$this->Auth->deny('view'); $this->Auth->deny(['edit', 'add']);
or
$this->Auth->deny();
to remove all items from the allowed list
$actions
optional null Cake\Controller\Component\AuthComponent::allow()
flash( string $message )
Set a flash message. Uses the Flash component with values from flash
config.
$message
getAuthenticate( string $alias )
Getter for authenticate objects. Will return a particular authenticate object.
$alias
Cake\Auth\BaseAuthenticate|null
getAuthorize( string $alias )
Getter for authorize objects. Will return a particular authorize object.
$alias
Cake\Auth\BaseAuthorize|null
identify( )
Use the configured authentication adapters, and attempt to identify the user by credentials contained in $request.
Triggers Auth.afterIdentify
event which the authenticate classes can listen to.
array|boolean
implementedEvents( )
Events supported by this component.
array
Cake\Controller\Component::implementedEvents()
initialize( array $config )
Initialize properties.
$config
Cake\Controller\Component::initialize()
isAuthorized( array|null $user null , Cake\Network\Request $request null )
Check if the provided user is authorized for the request.
Uses the configured Authorization adapters to check whether or not a user is authorized. Each adapter will be checked in sequence, if any of them return true, then the user will be authorized for the request.
$user
optional null Cake\Network\Request
$request
optional null boolean
logout( )
Log a user out.
Returns the logout action to redirect to. Triggers the Auth.logout
event which the authenticate classes can listen for and perform custom logout logic.
string
logoutRedirect
redirectUrl( string|array $url null )
Get the URL a user should be redirected to upon login.
Pass a URL in to set the destination a user should be redirected to upon logging in.
If no parameter is passed, gets the authentication redirect URL. The URL returned is as per following rules:
- Returns the normalized redirect URL from storage if it is present and for the same domain the current app is running on. - If there is no URL returned from storage and there is a config loginRedirect
, the loginRedirect
value is returned. - If there is no session and no loginRedirect
, / is returned.
$url
optional null string
setUser( array $user )
Set provided user info to storage as logged in user.
The storage class is configured using storage
config key or passing instance to AuthComponent::storage().
$user
startup( Cake\Event\Event $event )
Callback for Controller.startup event.
Cake\Event\Event
$event
Cake\Network\Response|null
storage( Cake\Auth\Storage\StorageInterface $storage null )
Get/set user record storage object.
Cake\Auth\Storage\StorageInterface
$storage
optional null Cake\Auth\Storage\StorageInterface|null
user( string $key null )
Get the current user from storage.
$key
optional null array|null
__construct( Cake\Controller\ComponentRegistry $registry , array $config [] )
Constructor
Cake\Controller\ComponentRegistry
$registry
$config
optional [] __debugInfo( )
Returns an array that can be used to describe the internal state of this object.
array
dispatchEvent( string $name , array|null $data null , object|null $subject null )
Wrapper for creating and dispatching events.
Returns a dispatched event.
$name
$data
optional null $subject
optional null Cake\Event\Event
eventManager( Cake\Event\EventManager $eventManager null )
Returns the Cake\Event\EventManager manager instance for this object.
You can use this instance to register any new listeners or callbacks to the object events, or create your own events and trigger them at will.
Cake\Event\EventManager
$eventManager
optional null Cake\Event\EventManager
_configDelete( string $key )
Delete a single config key
$key
Cake\Core\Exception\Exception
_configRead( string|null $key )
Read a config variable
$key
mixed
_configWrite( string|array $key , mixed $value , boolean|string $merge false )
Write a config variable
$key
$value
$merge
optional false Cake\Core\Exception\Exception
config( string|array|null $key null , mixed|null $value null , boolean $merge true )
Reading the whole config:
$this->config();
Reading a specific value:
$this->config('key');
Reading a nested value:
$this->config('some.nested.key');
Setting a specific value:
$this->config('key', $value);
Setting a nested value:
$this->config('some.nested.key', $value);
Updating multiple config settings at the same time:
$this->config(['one' => 'value', 'another' => 'value']);
$key
optional null $value
optional null $merge
optional true mixed
Cake\Core\Exception\Exception
configShallow( string|array $key , mixed|null $value null )
Merge provided config with existing config. Unlike config()
which does a recursive merge for nested keys, this method does a simple merge.
Setting a specific value:
$this->config('key', $value);
Setting a nested value:
$this->config('some.nested.key', $value);
Updating multiple config settings at the same time:
$this->config(['one' => 'value', 'another' => 'value']);
$key
$value
optional null mixed
log( mixed $msg , integer|string $level LogLevel::ERROR , string|array $context [] )
Convenience method to write a message to Log. See Log::write() for more information on writing to logs.
$msg
$level
optional LogLevel::ERROR $context
optional [] boolean
string | ALL Constant for 'all' | 'all' |
protected array
A component lookup table used to lazy load component objects.
[]
protected Cake\Controller\ComponentRegistry
Component registry class used to lazy load components.
protected boolean
Whether the config property has already been configured with defaults
false
protected Cake\Event\EventManager
Instance of the Cake\Event\EventManager this object is using to dispatch inner events.
null
© 2005–2016 The Cake Software Foundation, Inc.
Licensed under the MIT License.
CakePHP is a registered trademark of Cake Software Foundation, Inc.
We are not endorsed by or affiliated with CakePHP.
http://api.cakephp.org/3.1/class-Cake.Controller.Component.AuthComponent.html