Class TAuthManager

Description

TAuthManager class

TAuthManager performs user authentication and authorization for a Prado application. TAuthManager works together with a IUserManager module that can be specified via the UserManager property. If an authorization fails, TAuthManager will try to redirect the client browser to a login page that is specified via the LoginPage. To login or logout a user, call login or logout, respectively.

To load TAuthManager, configure it in application configuration as follows, <module id="auth" class="System.Security.TAuthManager" UserManager="users" LoginPage="login" /> <module id="users" class="System.Security.TUserManager" />

Located in /Security/TAuthManager.php (line 37)

TComponent
   |
   --TApplicationComponent
      |
      --TModule
         |
         --TAuthManager
Class Constant Summary
 RETURN_URL_VAR = 'ReturnUrl'
Method Summary
void doAuthentication (mixed $sender, mixed $param)
void doAuthorization (mixed $sender, mixed $param)
string getLoginPage ()
string getReturnUrl ()
void init (TXmlElement $config)
void leave (mixed $sender, mixed $param)
boolean login (string $username, string $password)
void logout ()
void onAuthenticate (mixed $param)
void onAuthorize (mixed $param)
void setLoginPage (string $pagePath)
void setUserManager (string|IUserManager $provider)
void updateSessionUser (IUser $user)
Methods
doAuthentication (line 132)

Performs authentication.

This is the event handler attached to application's Authentication event. Do not call this method directly.

  • access: public
void doAuthentication (mixed $sender, mixed $param)
  • mixed $sender: sender of the Authentication event
  • mixed $param: event parameter
doAuthorization (line 148)

Performs authorization.

This is the event handler attached to application's Authorization event. Do not call this method directly.

  • access: public
void doAuthorization (mixed $sender, mixed $param)
  • mixed $sender: sender of the Authorization event
  • mixed $param: event parameter
generateUserSessionKey (line 233)
  • return: a key used to store user information in session
  • access: protected
string generateUserSessionKey ()
getLoginPage (line 109)
  • return: path of login page should login is required
  • access: public
string getLoginPage ()
getReturnUrl (line 182)
  • return: URL that the browser should be redirected to when login succeeds.
  • access: public
string getReturnUrl ()
getUserManager (line 88)
  • return: user manager instance
  • access: public
IUserManager getUserManager ()
init (line 66)

Initializes this module.

This method is required by the IModule interface.

  • access: public
  • throws: TConfigurationException if user manager does not exist or is not IUserManager
void init (TXmlElement $config)
  • TXmlElement $config: configuration for this module, can be null

Redefinition of:
TModule::init()
Initializes the module.
leave (line 163)

Performs login redirect if authorization fails.

This is the event handler attached to application's EndRequest event. Do not call this method directly.

  • access: public
void leave (mixed $sender, mixed $param)
  • mixed $sender: sender of the event
  • mixed $param: event parameter
login (line 262)

Logs in a user with username and password.

The username and password will be used to validate if login is successful. If yes, a user object will be created for the application.

  • return: if login is successful
  • access: public
boolean login (string $username, string $password)
  • string $username: username
  • string $password: password
logout (line 280)

Logs out a user.

User session will be destroyed after this method is called.

  • access: public
  • throws: TConfigurationException if session module is not loaded.
void logout ()
onAuthenticate (line 195)

Performs the real authentication work.

An OnAuthenticate event will be raised if there is any handler attached to it. If the application already has a non-null user, it will return without further authentication. Otherwise, user information will be restored from session data.

  • access: public
  • throws: TConfigurationException if session module does not exist.
void onAuthenticate (mixed $param)
  • mixed $param: parameter to be passed to OnAuthenticate event
onAuthorize (line 218)

Performs the real authorization work.

Authorization rules obtained from the application will be used to check if a user is allowed. If authorization fails, the response status code will be set as 401 and the application terminates.

  • access: public
void onAuthorize (mixed $param)
  • mixed $param: parameter to be passed to OnAuthorize event
setLoginPage (line 120)

Sets the login page that the client browser will be redirected to if login is needed.

Login page should be specified in the format of page path.

void setLoginPage (string $pagePath)
  • string $pagePath: path of login page should login is required
setUserManager (line 97)
  • access: public
  • throws: TInvalidOperationException if the module has been initialized or the user manager object is not IUserManager
void setUserManager (string|IUserManager $provider)
  • string|IUserManager $provider: the user manager module ID or the user mananger object
updateSessionUser (line 243)

Updates the user data stored in session.

  • access: public
  • throws: new TConfigurationException if session module is not loaded.
void updateSessionUser (IUser $user)
  • IUser $user: user object

Inherited Methods

Inherited From TModule

TModule::getID()
TModule::init()
TModule::setID()

Inherited From TApplicationComponent

TApplicationComponent::getApplication()
TApplicationComponent::getRequest()
TApplicationComponent::getResponse()
TApplicationComponent::getService()
TApplicationComponent::getSession()
TApplicationComponent::getUser()
TApplicationComponent::publishAsset()
TApplicationComponent::publishFilePath()

Inherited From TComponent

TComponent::attachEventHandler()
TComponent::canGetProperty()
TComponent::canSetProperty()
TComponent::detachEventHandler()
TComponent::evaluateExpression()
TComponent::evaluateStatements()
TComponent::getEventHandlers()
TComponent::getSubProperty()
TComponent::hasEvent()
TComponent::hasEventHandler()
TComponent::hasProperty()
TComponent::raiseEvent()
TComponent::setSubProperty()
TComponent::__get()
TComponent::__set()
Class Constants
RETURN_URL_VAR = 'ReturnUrl' (line 42)

GET variable name for return url

Documentation generated on Sun, 04 Jun 2006 18:58:36 -0400 by phpDocumentor 1.3.0RC4