Class Kohana_Auth_Bcrypt

Kohana_Auth_Bcrypt

extends Auth
extends Kohana_Auth

Bcrypt Auth driver.

package
Kohana/Auth
author
Kohana Team
copyright
(c) Kohana Team
license
http://kohanaframework.org/license


Properties

protected $_config

Default value:
NULL

protected static $_instance

NULL

protected $_session

Default value:
NULL

Methods

public __construct([ array $config = array(0) ] ) (defined in Kohana_Auth_Bcrypt)

Loads Session and configuration options.

Parameters

  • array $config = array(0) - Config Options

Return Values

  • void

Source Code

public function __construct($config = [])
{
    if ( ! isset($config['cost']) OR ! is_numeric($config['cost']) OR $config['cost'] < 10)
    {
        throw new Kohana_Exception(__CLASS__ . ' cost parameter must be set and must be integer >= 10');
    }
    parent::__construct($config);
}

public auto_login() (defined in Kohana_Auth_Bcrypt)

Logs a user in, based on the authautologin cookie.

Return Values

  • mixed

Source Code

public function auto_login()
{
    if ($token = Cookie::get('authautologin'))
    {
        // Load the token and user
        $token = ORM::factory('User_Token', ['token' => $token]);

        if ($token->loaded() AND $token->user->loaded())
        {
            if ($token->user_agent === hash('sha256', Request::$user_agent))
            {
                // Save the token to create a new unique token
                $token->save();

                // Set the new token
                Cookie::set('authautologin', $token->token, $token->expires - time());

                // Complete the login with the found data
                $this->complete_login($token->user);

                // Automatic login was successful
                return $token->user;
            }

            // Token is invalid
            $token->delete();
        }
    }

    return FALSE;
}

public check_password(string $password ) (defined in Kohana_Auth_Bcrypt)

Compare password with original (hashed). Works for current (logged in) user

Parameters

  • string $password required - $password

Return Values

  • boolean

Source Code

public function check_password($password)
{
    $user = $this->get_user();

    if ( ! $user)
    {
        return false;
    }

    return password_verify($password, $user->password);
}

public force_login(mixed $user [, boolean $mark_session_as_forced = bool FALSE ] ) (defined in Kohana_Auth_Bcrypt)

Forces a user to be logged in, without specifying a password.

Parameters

  • mixed $user required - Username string, or user ORM object
  • boolean $mark_session_as_forced = bool FALSE - Mark the session as forced

Return Values

  • boolean

Source Code

public function force_login($user, $mark_session_as_forced = FALSE)
{
    if ( ! is_object($user))
    {
        $username = $user;

        // Load the user
        $user = ORM::factory('User');
        $user->where($user->unique_key($username), '=', $username)->find();
    }

    if ($mark_session_as_forced === TRUE)
    {
        // Mark the session as forced, to prevent users from changing account information
        $this->_session->set('auth_forced', TRUE);
    }

    // Run the standard completion
    $this->complete_login($user);
}

public get_user([ mixed $default = NULL ] ) (defined in Kohana_Auth_Bcrypt)

Gets the currently logged in user from the session (with auto_login check). Returns $default if no user is currently logged in.

Parameters

  • mixed $default = NULL - To return in case user isn't logged in

Return Values

  • mixed

Source Code

public function get_user($default = NULL)
{
    $user = parent::get_user($default);

    if ($user === $default)
    {
        // check for "remembered" login
        if (($user = $this->auto_login()) === FALSE)
            return $default;
    }

    return $user;
}

public hash() (defined in Kohana_Auth_Bcrypt)

Tags

  • Inheritdoc -

Source Code

public function hash($str)
{
    return password_hash($str, PASSWORD_BCRYPT, [
        'cost' => $this->_config['cost']
    ]);
}

public logout([ boolean $destroy = bool FALSE , boolean $logout_all = bool FALSE ] ) (defined in Kohana_Auth_Bcrypt)

Log a user out and remove any autologin cookies.

Parameters

  • boolean $destroy = bool FALSE - Completely destroy the session
  • boolean $logout_all = bool FALSE - Remove all tokens for user

Return Values

  • boolean

Source Code

public function logout($destroy = FALSE, $logout_all = FALSE)
{
    // Set by force_login()
    $this->_session->delete('auth_forced');

    if ($token = Cookie::get('authautologin'))
    {
        // Delete the autologin cookie to prevent re-login
        Cookie::delete('authautologin');

        // Clear the autologin token from the database
        $token = ORM::factory('User_Token', ['token' => $token]);

        if ($token->loaded() AND $logout_all)
        {
            // Delete all user tokens. This isn't the most elegant solution but does the job
            $tokens = ORM::factory('User_Token')->where('user_id', '=', $token->user_id)->find_all();

            foreach ($tokens as $_token)
            {
                $_token->delete();
            }
        }
        elseif ($token->loaded())
        {
            $token->delete();
        }
    }

    return parent::logout($destroy);
}

public password(mixed $user ) (defined in Kohana_Auth_Bcrypt)

Get the stored password for a username.

Parameters

  • mixed $user required - Username string, or user ORM object

Return Values

  • string

Source Code

public function password($user)
{
    if ( ! is_object($user))
    {
        $username = $user;

        // Load the user
        $user = ORM::factory('User');
        $user->where($user->unique_key($username), '=', $username)->find();
    }

    return $user->password;
}

public hash_password(string $password ) (defined in Kohana_Auth)

Creates a hashed hmac password from a plaintext password. This method is deprecated, Auth::hash should be used instead.

Parameters

  • string $password required - Plaintext password

Tags

  • Deprecated -

Source Code

public function hash_password($password)
{
	return $this->hash($password);
}

public static instance() (defined in Kohana_Auth)

Singleton pattern

Return Values

  • Auth

Source Code

public static function instance()
{
	if ( ! isset(Auth::$_instance))
	{
		// Load the configuration for this type
		$config = Kohana::$config->load('auth');

		if ( ! $type = $config->get('driver'))
		{
			$type = 'file';
		}

		// Set the session class name
		$class = 'Auth_'.ucfirst($type);

		// Create a new session instance
		Auth::$_instance = new $class($config);
	}

	return Auth::$_instance;
}

public logged_in([ string $role = NULL ] ) (defined in Kohana_Auth)

Check if there is an active session. Optionally allows checking for a specific role.

Parameters

  • string $role = NULL - Role name

Return Values

  • mixed

Source Code

public function logged_in($role = NULL)
{
	return ($this->get_user() !== NULL);
}

public login(string $username , string $password [, boolean $remember = bool FALSE ] ) (defined in Kohana_Auth)

Attempt to log in a user by using an ORM object and plain-text password.

Parameters

  • string $username required - Username to log in
  • string $password required - Password to check against
  • boolean $remember = bool FALSE - Enable autologin

Return Values

  • boolean

Source Code

public function login($username, $password, $remember = FALSE)
{
	if (empty($password))
		return FALSE;

	return $this->_login($username, $password, $remember);
}

protected _login(string $username , string $password [, bool $remember = bool FALSE ] ) (defined in Kohana_Auth_Bcrypt)

Performs login on user

Parameters

  • string $username required - Username
  • string $password required - Password
  • bool $remember = bool FALSE - Remembers login

Tags

Return Values

  • boolean

Source Code

protected function _login($username, $password, $remember = FALSE)
{
    if ( ! is_string($username) OR ! is_string($password) OR ! is_bool($remember))
    {
        throw new Kohana_Exception('Username and password must be strings, remember must be bool');
    }

    // Load the user
    $user = ORM::factory('User');
    $user->where($user->unique_key($username), '=', $username)->find();

    if ($user->loaded() AND $user->has('roles', ORM::factory('Role', ['name' => 'login'])) AND password_verify($password, $user->password))
    {
        if ($remember === TRUE)
        {
            // Token data
            $data = [
                'user_id' => $user->pk(),
                'expires' => time() + $this->_config['lifetime'],
                'user_agent' => hash('sha256', Request::$user_agent),
            ];

            // Create a new autologin token
            $token = ORM::factory('User_Token')
                    ->values($data)
                    ->create();

            // Set the autologin cookie
            Cookie::set('authautologin', $token->token, $this->_config['lifetime']);
        }

        $this->complete_login($user);
        $user->complete_login();

        if (password_needs_rehash($user->password, PASSWORD_BCRYPT, ['cost' => $this->_config['cost']]))
        {
            $user->password = $password;
            $user->save();
        }

        return TRUE;
    }
    
    return FALSE;
}

protected complete_login() (defined in Kohana_Auth)

Source Code

protected function complete_login($user)
{
	// Regenerate session_id
	$this->_session->regenerate();

	// Store username in session
	$this->_session->set($this->_config['session_key'], $user);

	return TRUE;
}

Do you want to contribute to Koseven?

We need YOUR help!

This project is open source. What does this mean? YOU can help:
  • Found a bug? Report it on Github
  • Need a feature? Add it Here
  • Want to help? Join the Forum
Go to Github