/
BasicAuthenticate.php
102 lines (94 loc) · 3.31 KB
/
BasicAuthenticate.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
<?php
/**
*
*
* CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
* Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
*
* Licensed under The MIT License
* For full copyright and license information, please see the LICENSE.txt
* Redistributions of files must retain the above copyright notice.
*
* @copyright Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
* @link http://cakephp.org CakePHP(tm) Project
* @license http://www.opensource.org/licenses/mit-license.php MIT License
*/
namespace Cake\Controller\Component\Auth;
use Cake\Controller\ComponentRegistry;
use Cake\Error;
use Cake\Network\Request;
use Cake\Network\Response;
/**
* Basic Authentication adapter for AuthComponent.
*
* Provides Basic HTTP authentication support for AuthComponent. Basic Auth will authenticate users
* against the configured userModel and verify the username and passwords match. Clients using Basic Authentication
* must support cookies. Since AuthComponent identifies users based on Session contents, clients using Basic
* Auth must support cookies.
*
* ### Using Basic auth
*
* In your controller's components array, add auth + the required settings.
* {{{
* public $components = array(
* 'Auth' => array(
* 'authenticate' => array('Basic')
* )
* );
* }}}
*
* In your login function just call `$this->Auth->login()` without any checks for POST data. This
* will send the authentication headers, and trigger the login dialog in the browser/client.
*
* @since 2.0
*/
class BasicAuthenticate extends BaseAuthenticate {
/**
* Authenticate a user using HTTP auth. Will use the configured User model and attempt a
* login using HTTP auth.
*
* @param Cake\Network\Request $request The request to authenticate with.
* @param Cake\Network\Response $response The response to add headers to.
* @return mixed Either false on failure, or an array of user data on success.
*/
public function authenticate(Request $request, Response $response) {
return $this->getUser($request);
}
/**
* Get a user based on information in the request. Used by cookie-less auth for stateless clients.
*
* @param Cake\Network\Request $request Request object.
* @return mixed Either false or an array of user information
*/
public function getUser(Request $request) {
$username = $request->env('PHP_AUTH_USER');
$pass = $request->env('PHP_AUTH_PW');
if (empty($username) || empty($pass)) {
return false;
}
return $this->_findUser($username, $pass);
}
/**
* Handles an unauthenticated access attempt by sending appropriate login headers
*
* @param CakeRequest $request A request object.
* @param CakeResponse $response A response object.
* @return void
* @throws Cake\Error\UnauthorizedException
*/
public function unauthenticated(Request $request, Response $response) {
$Exception = new Error\UnauthorizedException();
$Exception->responseHeader(array($this->loginHeaders($request)));
throw $Exception;
}
/**
* Generate the login headers
*
* @param Cake\Network\Request $request Request object.
* @return string Headers for logging in.
*/
public function loginHeaders(Request $request) {
$realm = !empty($this->settings['realm']) ? $this->settings['realm'] : $request->env('SERVER_NAME');
return sprintf('WWW-Authenticate: Basic realm="%s"', $realm);
}
}