|
libSmalldb
v0.3
|
IAuth implementation using Smalldb state machine and shared session token in a cookie to identify SharedTokenMachine instance. More...
Public Member Functions | |
| __construct ($config,\Smalldb::StateMachine::AbstractBackend $smalldb) | |
| Constructor. | |
| checkSession () | |
| Check session - read & update cookies, setup session state machine and register callbacks. More... | |
| getSessionMachine () | |
| Get session machine which manages all stuff around login and session. | |
| getUserId () | |
| Get user's ID. More... | |
| hasUserRoles ($roles) | |
| Check whether user has given role(s). More... | |
| isAllMighty () | |
| Is user all mighty? (Admin or something like that.) More... | |
Protected Member Functions | |
| getUserRoles () | |
| Get list of user's roles, or null if not logged in. More... | |
Protected Attributes | |
| $smalldb | |
| Smalldb backend. | |
| $session_machine | |
| Reference to session state machine. | |
| $cookie_name = 'AuthToken' | |
| Cookie name. | |
| $cookie_ttl = 2592000 | |
| Cookie duration [seconds] (default: 30 days) | |
| $session_ttl = 2592000 | |
| Session duration [seconds] (default: 30 days) | |
| $user_id_property = 'user_id' | |
| Name of the session machine property with user's ID. | |
| $user_roles_property = 'user_roles' | |
| Name of the session machine property with user's role. | |
| $all_mighty_user_role = null | |
| Name of all mighty user role (admin) | |
| $all_mighty_cli = false | |
| Is command line all mighty? | |
| $session_machine_null_ref = 'session' | |
| Null reference to session machine (array; use session_machine_ref_prefix if not set) | |
| $session_machine_ref_prefix = 'session' | |
| Prefix of session machine reference (array; token ID will be appended) | |
IAuth implementation using Smalldb state machine and shared session token in a cookie to identify SharedTokenMachine instance.
This class handles cookies only, it is up to session machine to maintain session.
To log in, use Auth::getSessionMachine() and invoke proper transition.
To log out, use only the defined logout transition, otherwise token will not get deleted.
Configuration options:
smalldb: Instance of Smalldb::StateMachine::AbstractBackend (mandatory).machine_ref_prefix: Prefix of machine ID (array; mandatory).machine_null_ref: State machine type for null ref.cookie_name: Name of the cookie for a token. (default: 'auth')cookie_ttl: How long cookie is valid. (default: 10 years)session_ttl: Duration of the session (should be greater or equal to cookie_ttl, default: 10 years).user_id_property: Name of the session machine property with user's ID.user_role_property: Name of the session machine property with user's role. You may want to have this property calculated. | checkSession | ( | ) |
Check session - read & update cookies, setup session state machine and register callbacks.
This must be called before using any state machines. No transitions are invoked at this point, only the session state machine reference is created.
Implements IAuth.
| getUserId | ( | ) |
Get user's ID.
User's ID is limited to single scalar value (any integer or string).
Implements IAuth.
| hasUserRoles | ( | $roles | ) |
Check whether user has given role(s).
Smalldb does not understand user roles, it can only check whether user's roles contain one of required values. User's roles are global and they are not related to any instance of anything.
User may have any number of roles.
| $roles | Name of required role (string), or array of required roles (array of strings). |
Implements IAuth.
| isAllMighty | ( | ) |
Is user all mighty? (Admin or something like that.)
When this function returns true, access control will be disabled.
Implements IAuth.
|
protected |
Get list of user's roles, or null if not logged in.
1.8.11