class LoginHandler extends LoginHandler (View source)

Traits

This trait encapsulates logic that can be added to a RequestHandler to work with logging in using MFA front-end app. It provides two main methods; createStartVerificationResponse - a response that can be easily consumed by the MFA app to prompt a login, and completeVerificationRequest - used to verify a request sent by the MFA app containing the login attempt.

This trait encapsulates logic that can be added to a RequestHandler to work with registering MFA authenticators using the MFA front-end app. It provides two main methods; createStartRegistrationResponse - creates a response that can be easily consumed by the MFA app to start the registration process for a method, and

Allows an object to have extensions applied to it.

A class that can be instantiated or replaced via DI

Provides extensions to this object to integrate it with standard config API methods.

Allows an object to declare a set of custom methods

Constants

SESSION_KEY

Config options

extensions array

An array of extension names and parameters to be applied to this object upon construction.

from  Extensible
unextendable_classes array

Classes that cannot be extended

from  Extensible
casting array

An array of objects to cast certain fields to. This is set up as an array in the format:

from  ViewableData
default_cast string

The default object to cast scalar fields to if casting information is not specified, and casting to an object is required.

from  ViewableData
casting_cache array from  ViewableData
url_segment string|null

Optional url_segment for this request handler

from  RequestHandler
url_handlers
allowed_actions
dependencies string[]

Properties

protected static array $extra_methods

Custom method sources

from  CustomMethods
protected array $extra_method_registers

Name of methods to invoke by defineMethods for this instance

from  CustomMethods
protected static array $built_in_methods

Non-custom public methods.

from  CustomMethods
protected Extension[] $extension_instances from  Extensible
protected callable[][] $beforeExtendCallbacks

List of callbacks to call prior to extensions having extend called on them, each grouped by methodName.

from  Extensible
protected callable[][] $afterExtendCallbacks

List of callbacks to call after extensions having extend called on them, each grouped by methodName.

from  Extensible
protected ViewableData $failover

A failover object to attempt to get data from if it is not present on this object.

from  ViewableData
protected ViewableData $customisedObject from  ViewableData
protected HTTPRequest $request from  RequestHandler
protected $model

The DataModel for this request

from  RequestHandler
protected bool $brokenOnConstruct

This variable records whether RequestHandler::construct() was called or not. Useful for checking if subclasses have called parent::construct()

from  RequestHandler
protected Authenticator $authenticator from  LoginHandler
string $link

Link to this handler

from  LoginHandler
protected StoreInterface $store

A "session store" object that helps contain MFA specific session detail

from  BaseHandlerTrait
protected LoggerInterface $logger

Methods

public
mixed
__call(string $method, array $arguments)

Attempts to locate and call a method dynamically added to a class at runtime if a default cannot be located

protected
defineMethods()

Adds any methods from Extension instances attached to this object.

protected
registerExtraMethodCallback(string $name, callable $callback)

Register an callback to invoke that defines extra methods

public
bool
hasMethod(string $method)

Return TRUE if a method exists on this object

protected
bool
hasCustomMethod($method)

Determines if a custom method with this name is defined.

protected
array
getExtraMethodConfig(string $method)

Get meta-data details on a named method

public
array
allMethodNames(bool $custom = false)

Return the names of all the methods available on this object

protected static 
array
findBuiltInMethods(string|object $class = null)

Get all public built in methods for this class

protected
array
findMethodsFrom(object $object)

Find all methods on the given object.

protected
addMethodsFrom(string $property, string|int $index = null)

Add all the methods from an object property.

protected
removeMethodsFrom(string $property, string|int $index = null)

Add all the methods from an object property (which is an Extension) to this object.

protected
addWrapperMethod(string $method, string $wrap)

Add a wrapper method - a method which points to another method with a different name. For example, Thumbnail(x) can be wrapped to generateThumbnail(x)

protected
addCallbackMethod(string $method, callable $callback)

Add callback as a method.

protected
beforeExtending(string $method, callable $callback)

Allows user code to hook into Object::extend prior to control being delegated to extensions. Each callback will be reset once called.

protected
afterExtending(string $method, callable $callback)

Allows user code to hook into Object::extend after control being delegated to extensions. Each callback will be reset once called.

protected
defineExtensionMethods()

Adds any methods from Extension instances attached to this object.

public static 
bool
add_extension(string $classOrExtension, string $extension = null)

Add an extension to a specific class.

public static 
remove_extension(string $extension)

Remove an extension from a class.

public static 
array
get_extensions(string $class = null, bool $includeArgumentString = false)

No description

public static 
array|null
get_extra_config_sources(string $class = null)

Get extra config sources for this class

public static 
bool
has_extension(string $classOrExtension, string $requiredExtension = null, bool $strict = false)

Return TRUE if a class has a specified extension.

public
array
invokeWithExtensions(string $method, mixed ...$arguments)

Calls a method if available on both this object and all applied Extensions, and then attempts to merge all results into an array

public
array
extend(string $method, mixed ...$arguments)

Run the given function on all of this object's extensions. Note that this method originally returned void, so if you wanted to return results, you're hosed

public
Extension|null
getExtensionInstance(string $extension)

Get an extension instance attached to this object by name.

public
bool
hasExtension(string $extension)

Returns TRUE if this object instance has a specific extension applied in $extension_instances. Extension instances are initialized at constructor time, meaning if you use add_extension() afterwards, the added extension will just be added to new instances of the extended class. Use the static method has_extension() to check if a class (not an instance) has a specific extension.

public
getExtensionInstances()

Get all extension instances for this specific object instance.

public static 
create(mixed ...$args)

An implementation of the factory method, allows you to create an instance of a class

public static 
singleton(string $class = null)

Creates a class instance by the "singleton" design pattern.

public static 
config()

Get a configuration accessor for this class. Short hand for Config::inst()->get($this->class, .....).

public
mixed
uninherited(string $name)

Gets the uninherited value for the given config option

public
__construct(string $link, MemberAuthenticator $authenticator)

No description

public
bool
__isset(string $property)

Check if a field exists on this object or its failover.

public
mixed
__get(string $property)

Get the value of a property/field on this object. This will check if a method called get{$property} exists, then check if a field is available using ViewableData::getField(), then fall back on a failover object.

public
__set(string $property, mixed $value)

Set a property/field on this object. This will check for the existence of a method called set{$property}, then use the ViewableData::setField() method.

public
setFailover(ViewableData $failover)

Set a failover object to attempt to get data from if it is not present on this object.

public
getFailover()

Get the current failover object if set

public
bool
hasField(string $field)

Check if a field exists on this object. This should be overloaded in child classes.

public
mixed
getField(string $field)

Get the value of a field on this object. This should be overloaded in child classes.

public
$this
setField(string $field, mixed $value)

Set a field on this object. This should be overloaded in child classes.

public
mixed
getDynamicData(string $field)

No description

public
setDynamicData(string $field, mixed $value)

No description

public
bool
hasDynamicData(string $field)

No description

public
customise(array|ViewableData $data)

Merge some arbitrary data in with this object. This method returns a ViewableData_Customised instance with references to both this and the new custom data.

public
bool
exists()

Return true if this object "exists" i.e. has a sensible value

public
string
__toString()

No description

public
getCustomisedObj()

No description

public
setCustomisedObj(ViewableData $object)

No description

public
string
castingHelper(string $field)

Return the "casting helper" (a piece of PHP code that when evaluated creates a casted value object) for a field on this object. This helper will be a subclass of DBField.

public
string
castingClass(string $field)

Get the class name a field on this object will be casted to.

public
string
escapeTypeForField(string $field)

Return the string-format type for the given field.

public
renderWith(string|array|SSViewer $template, array $customFields = null)

Render this object into the template, and get the result as a string. You can pass one of the following as the $template parameter:

  • a template name (e.g. Page)
  • an array of possible template names - the first valid one will be used
  • an SSViewer instance

protected
string
objCacheName(string $fieldName, array $arguments)

Generate the cache name for a field

protected
mixed
objCacheGet(string $key)

Get a cached value from the field cache

protected
$this
objCacheSet(string $key, mixed $value)

Store a value in the field cache

protected
$this
objCacheClear()

Clear object cache

public
object|DBField
obj(string $fieldName, array $arguments = [], bool $cache = false, string $cacheName = null)

Get the value of a field on this object, automatically inserting the value into any available casting objects that have been specified.

public
object|DBField
cachedCall(string $fieldName, array $arguments = [], string $identifier = null)

A simple wrapper around ViewableData::obj() that automatically caches the result so it can be used again without re-running the method.

public
bool
hasValue(string $field, array $arguments = [], bool $cache = true)

Checks if a given method/field has a valid value. If the result is an object, this will return the result of the exists method, otherwise will check if the result is not just an empty paragraph tag.

public
string
XML_val(string $field, array $arguments = [], bool $cache = false)

Get the string value of a field on this object that has been suitable escaped to be inserted directly into a template.

public
array
getXMLValues(array $fields)

Get an array of XML-escaped values by field name

public
getIterator() deprecated

Return a single-item iterator so you can iterate over the fields of a single record.

public
array
getViewerTemplates(string $suffix = '')

Find appropriate templates for SSViewer to use to render this object

public
Me()

When rendering some objects it is necessary to iterate over the object being rendered, to do this, you need access to itself.

public
string
CSSClasses(string $stopAtClass = ViewableData::class)

Get part of the current classes ancestry to be used as a CSS class.

public
Debug()

Return debug information about this object that can be rendered into a template

public
handleRequest(HTTPRequest $request)

Handles URL requests.

protected
array
findAction(HTTPRequest $request)

No description

protected
string
addBackURLParam(string $link)

No description

protected
handleAction($request, $action)

Given a request, and an action name, call that action name on this RequestHandler

public
array|null
allowedActions(string $limitToClass = null)

Get a array of allowed actions defined on this controller, any parent classes or extensions.

public
bool
hasAction(string $action)

Checks if this request handler has a specific action, even if the current user cannot access it.

protected
string
definingClassForAction(string $actionOrigCasing)

Return the class that defines the given action, so that we know where to check allowed_actions.

public
bool
checkAccessAction(string $action)

Check that the given action is allowed to be called from a URL.

public
httpError(int $errorCode, string $errorMessage = null)

Throws a HTTP error response encased in a HTTPResponse_Exception, which is later caught in RequestHandler::handleAction() and returned to the user.

public
getRequest()

Returns the HTTPRequest object that this controller is using.

public
setRequest(HTTPRequest $request)

Typically the request is set through handleAction() or handleRequest(), but in some based we want to set it manually.

public
?string
Link(string $action = null)

Return a link to this request handler.

public
?string
AbsoluteLink(string $action = '')

Get the absolute URL for this controller, including protocol and host.

public
redirect(string $url, int $code = 302)

Redirect to the given URL.

public
string
getBackURL()

Adds more options for the back URL - to be returned from a current MFA session store

public
string
getReferer()

Get referer

public
redirectBack()

Redirect back. Uses either the HTTP-Referer or a manually set request-variable called "BackURL".

protected
string
prepareDataForPjax(array $data)

Convert an array of data to JSON and wrap it in an HTML tag as pjax is used and jQuery will parse this as an element on the client side in LeftAndMain.js handleAjaxResponse() The attribute type="application/json" denotes this is a data block and won't be processed by a browser https://html.spec.whatwg.org/#the-script-element

public
array
login()

URL handler for the log-in screen

public
loginForm()

Return the MemberLoginForm form

public
doLogin(array $data, MemberLoginForm $form, HTTPRequest $request)

Override the parent "doLogin" to insert extra steps into the flow

public
getReturnReferer()

No description

public
redirectAfterSuccessfulLogin()

Login in the user and figure out where to redirect the browser.

public
checkLogin(array $data, HTTPRequest $request, ValidationResult $result = null)

Try to authenticate the user

public
performLogin(Member $member, array $data, HTTPRequest $request)

Try to authenticate the user

protected
redirectToChangePassword()

Invoked if password is expired and must be changed

protected
void
applyRequirements(bool $frontEndRequirements = true)

Perform the necessary "Requirements" calls to ensure client side scripts are available in the response

protected
StoreInterface|null
getStore()

No description

public
setStore(StoreInterface $store)

No description

protected
createStore(Member $member)

No description

protected
getSudoModeService()

Returns a sudo mode service instance

protected
createStartVerificationResponse(StoreInterface $store, MethodInterface|null $requestedMethod = null)

Create an HTTPResponse that provides information to the client side React MFA app to prompt the user to login with their configured MFA method

protected
completeVerificationRequest(StoreInterface $store, HTTPRequest $request)

Attempt to verify a login attempt provided by the given request

protected
bool
isVerificationComplete(StoreInterface $store)

Indicates the current member has verified with MFA methods enough to be considered "verified"

public
createStartRegistrationResponse(StoreInterface $store, MethodInterface $method, bool $allowReregistration = false)

Create a response that can be consumed by a front-end for starting a registration

public
completeRegistrationRequest(StoreInterface $store, MethodInterface $method, HTTPRequest $request)

Complete a registration request, returning a result object with a message and context for the result of the registration attempt.

public
HTTPResponse|array
mfa(HTTPRequest $request)

Action handler for loading the MFA authentication React app Template variables defined here will be used by the rendering controller's template - normally Page.ss

public
getSchema()

Provides information about the current Member's MFA state

public
startRegistration(HTTPRequest $request)

Handles the request to start a registration

public
finishRegistration(HTTPRequest $request)

Handles the request to verify and process a new registration

public
skipRegistration(HTTPRequest $request)

Handle an HTTP request to skip MFA registration

public
startVerification(HTTPRequest $request)

Handles the request to start an authentication process with an authenticator (possibly specified by the request)

public
finishVerification(HTTPRequest $request)

Handles requests to authenticate from any MFA method, directing verification to the Method supplied.

public
getMember()

No description

public
setLogger(LoggerInterface $logger)

No description

public
LoggerInterface|null
getLogger()

No description

public
jsonResponse(array $response, int $code = 200)

Respond with the given array as a JSON response

protected
doPerformLogin(HTTPRequest $request, Member $member)

Complete the login process for the given member by calling "performLogin" on the parent class

protected
getMethodRegistry()

No description

Details

mixed __call(string $method, array $arguments)

Attempts to locate and call a method dynamically added to a class at runtime if a default cannot be located

You can add extra methods to a class using Extensions}, {@link Object::createMethod() or Object::addWrapperMethod()

Parameters

string $method
array $arguments

Return Value

mixed

Exceptions

BadMethodCallException

protected defineMethods()

Adds any methods from Extension instances attached to this object.

All these methods can then be called directly on the instance (transparently mapped through __call()}), or called explicitly through {@link extend().

protected registerExtraMethodCallback(string $name, callable $callback)

Register an callback to invoke that defines extra methods

Parameters

string $name
callable $callback

bool hasMethod(string $method)

Return TRUE if a method exists on this object

This should be used rather than PHP's inbuild method_exists() as it takes into account methods added via extensions

Parameters

string $method

Return Value

bool

protected bool hasCustomMethod($method)

Determines if a custom method with this name is defined.

Parameters

$method

Return Value

bool

protected array getExtraMethodConfig(string $method)

Get meta-data details on a named method

Parameters

string $method

Return Value

array

List of custom method details, if defined for this method

array allMethodNames(bool $custom = false)

Return the names of all the methods available on this object

Parameters

bool $custom

include methods added dynamically at runtime

Return Value

array

Map of method names with lowercase keys

static protected array findBuiltInMethods(string|object $class = null)

Get all public built in methods for this class

Parameters

string|object $class

Class or instance to query methods from (defaults to static::class)

Return Value

array

Map of methods with lowercase key name

protected array findMethodsFrom(object $object)

Find all methods on the given object.

Parameters

object $object

Return Value

array

protected addMethodsFrom(string $property, string|int $index = null)

Add all the methods from an object property.

Parameters

string $property

the property name

string|int $index

an index to use if the property is an array

Exceptions

InvalidArgumentException

protected removeMethodsFrom(string $property, string|int $index = null)

Add all the methods from an object property (which is an Extension) to this object.

Parameters

string $property

the property name

string|int $index

an index to use if the property is an array

protected addWrapperMethod(string $method, string $wrap)

Add a wrapper method - a method which points to another method with a different name. For example, Thumbnail(x) can be wrapped to generateThumbnail(x)

Parameters

string $method

the method name to wrap

string $wrap

the method name to wrap to

protected addCallbackMethod(string $method, callable $callback)

Add callback as a method.

Parameters

string $method

Name of method

callable $callback

Callback to invoke. Note: $this is passed as first parameter to this callback and then $args as array

protected beforeExtending(string $method, callable $callback)

Allows user code to hook into Object::extend prior to control being delegated to extensions. Each callback will be reset once called.

Parameters

string $method

The name of the method to hook into

callable $callback

The callback to execute

protected afterExtending(string $method, callable $callback)

Allows user code to hook into Object::extend after control being delegated to extensions. Each callback will be reset once called.

Parameters

string $method

The name of the method to hook into

callable $callback

The callback to execute

protected defineExtensionMethods()

Adds any methods from Extension instances attached to this object.

All these methods can then be called directly on the instance (transparently mapped through __call()}), or called explicitly through {@link extend().

static bool add_extension(string $classOrExtension, string $extension = null)

Add an extension to a specific class.

The preferred method for adding extensions is through YAML config, since it avoids autoloading the class, and is easier to override in more specific configurations.

As an alternative, extensions can be added to a specific class directly in the Object::$extensions array. See SiteTree::$extensions for examples. Keep in mind that the extension will only be applied to new instances, not existing ones (including all instances created through singleton()).

Parameters

string $classOrExtension

Class that should be extended - has to be a subclass of Object

string $extension

Subclass of Extension with optional parameters as a string, e.g. "Versioned"

Return Value

bool

Flag if the extension was added

See also

http://doc.silverstripe.org/framework/en/trunk/reference/dataextension

static remove_extension(string $extension)

Remove an extension from a class.

Note: This will not remove extensions from parent classes, and must be called directly on the class assigned the extension.

Keep in mind that this won't revert any datamodel additions of the extension at runtime, unless its used before the schema building kicks in (in your _config.php). Doesn't remove the extension from any Object instances which are already created, but will have an effect on new extensions. Clears any previously created singletons through singleton() to avoid side-effects from stale extension information.

Parameters

string $extension

class name of an Extension subclass, without parameters

static array get_extensions(string $class = null, bool $includeArgumentString = false)

No description

Parameters

string $class

If omitted, will get extensions for the current class

bool $includeArgumentString

Include the argument string in the return array, FALSE would return array("Versioned"), TRUE returns array("Versioned('Stage','Live')").

Return Value

array

Numeric array of either DataExtension class names, or eval'ed class name strings with constructor arguments.

static array|null get_extra_config_sources(string $class = null)

Get extra config sources for this class

Parameters

string $class

Name of class. If left null will return for the current class

Return Value

array|null

static bool has_extension(string $classOrExtension, string $requiredExtension = null, bool $strict = false)

Return TRUE if a class has a specified extension.

This supports backwards-compatible format (static Object::has_extension($requiredExtension)) and new format ($object->has_extension($class, $requiredExtension))

Parameters

string $classOrExtension

Class to check extension for, or the extension name to check if the second argument is null.

string $requiredExtension

If the first argument is the parent class, this is the extension to check. If left null, the first parameter will be treated as the extension.

bool $strict

if the extension has to match the required extension and not be a subclass

Return Value

bool

Flag if the extension exists

array invokeWithExtensions(string $method, mixed ...$arguments)

Calls a method if available on both this object and all applied Extensions, and then attempts to merge all results into an array

Parameters

string $method

the method name to call

mixed ...$arguments

List of arguments

Return Value

array

List of results with nulls filtered out

array extend(string $method, mixed ...$arguments)

Run the given function on all of this object's extensions. Note that this method originally returned void, so if you wanted to return results, you're hosed

Currently returns an array, with an index resulting every time the function is called. Only adds returns if they're not NULL, to avoid bogus results from methods just defined on the parent extension. This is important for permission-checks through extend, as they use min() to determine if any of the returns is FALSE. As min() doesn't do type checking, an included NULL return would fail the permission checks.

The extension methods are defined during __construct()} in {@link defineMethods().

Parameters

string $method

the name of the method to call on each extension

mixed ...$arguments

Return Value

array

Extension|null getExtensionInstance(string $extension)

Get an extension instance attached to this object by name.

Parameters

string $extension

Return Value

Extension|null

bool hasExtension(string $extension)

Returns TRUE if this object instance has a specific extension applied in $extension_instances. Extension instances are initialized at constructor time, meaning if you use add_extension() afterwards, the added extension will just be added to new instances of the extended class. Use the static method has_extension() to check if a class (not an instance) has a specific extension.

Caution: Don't use singleton()->hasExtension() as it will give you inconsistent results based on when the singleton was first accessed.

Parameters

string $extension

Classname of an Extension subclass without parameters

Return Value

bool

Extension[] getExtensionInstances()

Get all extension instances for this specific object instance.

See get_extensions() to get all applied extension classes for this class (not the instance).

This method also provides lazy-population of the extension_instances property.

Return Value

Extension[]

Map of DataExtension instances, keyed by classname.

static Injectable create(mixed ...$args)

An implementation of the factory method, allows you to create an instance of a class

This method will defer class substitution to the Injector API, which can be customised via the Config API to declare substitution classes.

This can be called in one of two ways - either calling via the class directly, or calling on Object and passing the class name as the first parameter. The following are equivalent: $list = DataList::create(SiteTree::class); $list = SiteTree::get();

Parameters

mixed ...$args

Return Value

Injectable

static Injectable singleton(string $class = null)

Creates a class instance by the "singleton" design pattern.

It will always return the same instance for this class, which can be used for performance reasons and as a simple way to access instance methods which don't rely on instance data (e.g. the custom SilverStripe static handling).

Parameters

string $class

Optional classname to create, if the called class should not be used

Return Value

Injectable

The singleton instance

static Config_ForClass config()

Get a configuration accessor for this class. Short hand for Config::inst()->get($this->class, .....).

Return Value

Config_ForClass

mixed uninherited(string $name)

Gets the uninherited value for the given config option

Parameters

string $name

Return Value

mixed

__construct(string $link, MemberAuthenticator $authenticator)

No description

Parameters

string $link

The URL to recreate this request handler

MemberAuthenticator $authenticator

The authenticator to use

bool __isset(string $property)

Check if a field exists on this object or its failover.

Note that, unlike the core isset() implementation, this will return true if the property is defined and set to null.

Parameters

string $property

Return Value

bool

mixed __get(string $property)

Get the value of a property/field on this object. This will check if a method called get{$property} exists, then check if a field is available using ViewableData::getField(), then fall back on a failover object.

Parameters

string $property

Return Value

mixed

__set(string $property, mixed $value)

Set a property/field on this object. This will check for the existence of a method called set{$property}, then use the ViewableData::setField() method.

Parameters

string $property
mixed $value

setFailover(ViewableData $failover)

Set a failover object to attempt to get data from if it is not present on this object.

Parameters

ViewableData $failover

ViewableData|null getFailover()

Get the current failover object if set

Return Value

ViewableData|null

bool hasField(string $field)

Check if a field exists on this object. This should be overloaded in child classes.

Parameters

string $field

Return Value

bool

mixed getField(string $field)

Get the value of a field on this object. This should be overloaded in child classes.

Parameters

string $field

Return Value

mixed

$this setField(string $field, mixed $value)

Set a field on this object. This should be overloaded in child classes.

Parameters

string $field
mixed $value

Return Value

$this

mixed getDynamicData(string $field)

No description

Parameters

string $field

Return Value

mixed

ViewableData setDynamicData(string $field, mixed $value)

No description

Parameters

string $field
mixed $value

Return Value

ViewableData

bool hasDynamicData(string $field)

No description

Parameters

string $field

Return Value

bool

ViewableData_Customised customise(array|ViewableData $data)

Merge some arbitrary data in with this object. This method returns a ViewableData_Customised instance with references to both this and the new custom data.

Note that any fields you specify will take precedence over the fields on this object.

Parameters

array|ViewableData $data

Return Value

ViewableData_Customised

bool exists()

Return true if this object "exists" i.e. has a sensible value

This method should be overridden in subclasses to provide more context about the classes state. For example, a DataObject class could return false when it is deleted from the database

Return Value

bool

string __toString()

No description

Return Value

string

the class name

ViewableData getCustomisedObj()

No description

Return Value

ViewableData

setCustomisedObj(ViewableData $object)

No description

Parameters

ViewableData $object

string castingHelper(string $field)

Return the "casting helper" (a piece of PHP code that when evaluated creates a casted value object) for a field on this object. This helper will be a subclass of DBField.

Parameters

string $field

Return Value

string

Casting helper As a constructor pattern, and may include arguments.

Exceptions

Exception

string castingClass(string $field)

Get the class name a field on this object will be casted to.

Parameters

string $field

Return Value

string

string escapeTypeForField(string $field)

Return the string-format type for the given field.

Parameters

string $field

Return Value

string 'xml'|'raw'

DBHTMLText renderWith(string|array|SSViewer $template, array $customFields = null)

Render this object into the template, and get the result as a string. You can pass one of the following as the $template parameter:

  • a template name (e.g. Page)
  • an array of possible template names - the first valid one will be used
  • an SSViewer instance

Parameters

string|array|SSViewer $template

the template to render into

array $customFields

fields to customise() the object with before rendering

Return Value

DBHTMLText

protected string objCacheName(string $fieldName, array $arguments)

Generate the cache name for a field

Parameters

string $fieldName

Name of field

array $arguments

List of optional arguments given

Return Value

string

protected mixed objCacheGet(string $key)

Get a cached value from the field cache

Parameters

string $key

Cache key

Return Value

mixed

protected $this objCacheSet(string $key, mixed $value)

Store a value in the field cache

Parameters

string $key

Cache key

mixed $value

Return Value

$this

protected $this objCacheClear()

Clear object cache

Return Value

$this

object|DBField obj(string $fieldName, array $arguments = [], bool $cache = false, string $cacheName = null)

Get the value of a field on this object, automatically inserting the value into any available casting objects that have been specified.

Parameters

string $fieldName
array $arguments
bool $cache

Cache this object

string $cacheName

a custom cache name

Return Value

object|DBField

object|DBField cachedCall(string $fieldName, array $arguments = [], string $identifier = null)

A simple wrapper around ViewableData::obj() that automatically caches the result so it can be used again without re-running the method.

Parameters

string $fieldName
array $arguments
string $identifier

an optional custom cache identifier

Return Value

object|DBField

bool hasValue(string $field, array $arguments = [], bool $cache = true)

Checks if a given method/field has a valid value. If the result is an object, this will return the result of the exists method, otherwise will check if the result is not just an empty paragraph tag.

Parameters

string $field
array $arguments
bool $cache

Return Value

bool

string XML_val(string $field, array $arguments = [], bool $cache = false)

Get the string value of a field on this object that has been suitable escaped to be inserted directly into a template.

Parameters

string $field
array $arguments
bool $cache

Return Value

string

array getXMLValues(array $fields)

Get an array of XML-escaped values by field name

Parameters

array $fields

an array of field names

Return Value

array

Traversable getIterator() deprecated

deprecated 5.2.0 Will be removed without equivalent functionality

Return a single-item iterator so you can iterate over the fields of a single record.

This is useful so you can use a single record inside a <% control %> block in a template - and then use to access individual fields on this object.

Return Value

Traversable

array getViewerTemplates(string $suffix = '')

Find appropriate templates for SSViewer to use to render this object

Parameters

string $suffix

Return Value

array

ViewableData Me()

When rendering some objects it is necessary to iterate over the object being rendered, to do this, you need access to itself.

Return Value

ViewableData

string CSSClasses(string $stopAtClass = ViewableData::class)

Get part of the current classes ancestry to be used as a CSS class.

This method returns an escaped string of CSS classes representing the current classes ancestry until it hits a stop point - e.g. "Page DataObject ViewableData".

Parameters

string $stopAtClass

the class to stop at (default: ViewableData)

Return Value

string

ViewableData_Debugger Debug()

Return debug information about this object that can be rendered into a template

Return Value

ViewableData_Debugger

HTTPResponse|RequestHandler|string|array handleRequest(HTTPRequest $request)

Handles URL requests.

  • ViewableData::handleRequest() iterates through each rule in RequestHandler::$url_handlers.
    • If the rule matches, the named method will be called.
    • If there is still more URL to be processed, then handleRequest() is called on the object that that method returns.

Once all of the URL has been processed, the final result is returned. However, if the final result is an array, this array is interpreted as being additional template data to customise the 2nd to last result with, rather than an object in its own right. This is most frequently used when a Controller's action will return an array of data with which to customise the controller.

Parameters

HTTPRequest $request

The object that is responsible for distributing URL parsing

Return Value

HTTPResponse|RequestHandler|string|array

protected array findAction(HTTPRequest $request)

No description

Parameters

HTTPRequest $request

Return Value

array

protected string addBackURLParam(string $link)

No description

Parameters

string $link

Return Value

string

protected HTTPResponse handleAction($request, $action)

Given a request, and an action name, call that action name on this RequestHandler

Must not raise HTTPResponse_Exceptions - instead it should return

Parameters

$request
$action

Return Value

HTTPResponse

array|null allowedActions(string $limitToClass = null)

Get a array of allowed actions defined on this controller, any parent classes or extensions.

Caution: Since 3.1, allowed_actions definitions only apply to methods on the controller they're defined on, so it is recommended to use the $class argument when invoking this method.

Parameters

string $limitToClass

Return Value

array|null

bool hasAction(string $action)

Checks if this request handler has a specific action, even if the current user cannot access it.

Includes class ancestry and extensions in the checks.

Parameters

string $action

Return Value

bool

protected string definingClassForAction(string $actionOrigCasing)

Return the class that defines the given action, so that we know where to check allowed_actions.

Parameters

string $actionOrigCasing

Return Value

string

bool checkAccessAction(string $action)

Check that the given action is allowed to be called from a URL.

It will interrogate RequestHandler::$allowed_actions to determine this.

Parameters

string $action

Return Value

bool

Exceptions

Exception

httpError(int $errorCode, string $errorMessage = null)

Throws a HTTP error response encased in a HTTPResponse_Exception, which is later caught in RequestHandler::handleAction() and returned to the user.

Parameters

int $errorCode
string $errorMessage

Plaintext error message

Exceptions

HTTPResponse_Exception

HTTPRequest getRequest()

Returns the HTTPRequest object that this controller is using.

Returns a placeholder NullHTTPRequest object unless handleAction()} or {@link handleRequest() have been called, which adds a reference to an actual HTTPRequest object.

Return Value

HTTPRequest

RequestHandler setRequest(HTTPRequest $request)

Typically the request is set through handleAction() or handleRequest(), but in some based we want to set it manually.

Parameters

HTTPRequest $request

Return Value

RequestHandler

Return a link to this request handler.

The link returned is supplied in the constructor

Parameters

string $action

Optional action

Return Value

?string

Get the absolute URL for this controller, including protocol and host.

Returns null if no link could be generated.

Parameters

string $action

See Link()

Return Value

?string

HTTPResponse redirect(string $url, int $code = 302)

Redirect to the given URL.

Parameters

string $url
int $code

Return Value

HTTPResponse

string getBackURL()

Adds more options for the back URL - to be returned from a current MFA session store

Return Value

string

string getReferer()

Get referer

Return Value

string

HTTPResponse redirectBack()

Redirect back. Uses either the HTTP-Referer or a manually set request-variable called "BackURL".

This variable is needed in scenarios where HTTP-Referer is not sent (e.g when calling a page by location.href in IE). If none of the two variables is available, it will redirect to the base URL (see Director::baseURL()).

Return Value

HTTPResponse

protected string prepareDataForPjax(array $data)

Convert an array of data to JSON and wrap it in an HTML tag as pjax is used and jQuery will parse this as an element on the client side in LeftAndMain.js handleAjaxResponse() The attribute type="application/json" denotes this is a data block and won't be processed by a browser https://html.spec.whatwg.org/#the-script-element

Parameters

array $data

Return Value

string

array login()

URL handler for the log-in screen

Return Value

array

MemberLoginForm loginForm()

Return the MemberLoginForm form

Return Value

MemberLoginForm

HTTPResponse doLogin(array $data, MemberLoginForm $form, HTTPRequest $request)

Override the parent "doLogin" to insert extra steps into the flow

Parameters

array $data

Submitted data

MemberLoginForm $form
HTTPRequest $request

Return Value

HTTPResponse

getReturnReferer()

No description

HTTPResponse redirectAfterSuccessfulLogin()

Login in the user and figure out where to redirect the browser.

The $data has this format array( 'AuthenticationMethod' => 'MemberAuthenticator', 'Email' => '[email protected]', 'Password' => '1nitialPassword', 'BackURL' => 'test/link', [Optional: 'Remember' => 1 ] )

Return Value

HTTPResponse

Member checkLogin(array $data, HTTPRequest $request, ValidationResult $result = null)

Try to authenticate the user

Parameters

array $data

Submitted data

HTTPRequest $request
ValidationResult $result

Return Value

Member

Returns the member object on successful authentication or NULL on failure.

Member performLogin(Member $member, array $data, HTTPRequest $request)

Try to authenticate the user

Parameters

Member $member
array $data

Submitted data

HTTPRequest $request

Return Value

Member

Returns the member object on successful authentication or NULL on failure.

protected HTTPResponse redirectToChangePassword()

Invoked if password is expired and must be changed

Return Value

HTTPResponse

protected void applyRequirements(bool $frontEndRequirements = true)

Perform the necessary "Requirements" calls to ensure client side scripts are available in the response

Parameters

bool $frontEndRequirements

Indicates dependencies usually provided by admin should also be required

Return Value

void

protected StoreInterface|null getStore()

No description

Return Value

StoreInterface|null

BaseHandlerTrait setStore(StoreInterface $store)

No description

Parameters

StoreInterface $store

Return Value

BaseHandlerTrait

protected StoreInterface createStore(Member $member)

No description

Parameters

Member $member

Return Value

StoreInterface

protected SudoModeServiceInterface getSudoModeService()

Returns a sudo mode service instance

protected HTTPResponse createStartVerificationResponse(StoreInterface $store, MethodInterface|null $requestedMethod = null)

Create an HTTPResponse that provides information to the client side React MFA app to prompt the user to login with their configured MFA method

Parameters

StoreInterface $store
MethodInterface|null $requestedMethod

Return Value

HTTPResponse

protected Result completeVerificationRequest(StoreInterface $store, HTTPRequest $request)

Attempt to verify a login attempt provided by the given request

Parameters

StoreInterface $store
HTTPRequest $request

Return Value

Result

Exceptions

InvalidMethodException

protected bool isVerificationComplete(StoreInterface $store)

Indicates the current member has verified with MFA methods enough to be considered "verified"

Parameters

StoreInterface $store

Return Value

bool

HTTPResponse createStartRegistrationResponse(StoreInterface $store, MethodInterface $method, bool $allowReregistration = false)

Create a response that can be consumed by a front-end for starting a registration

Parameters

StoreInterface $store
MethodInterface $method
bool $allowReregistration

By default this method will return an error response when registering methods that already have a registration.

Return Value

HTTPResponse

Result completeRegistrationRequest(StoreInterface $store, MethodInterface $method, HTTPRequest $request)

Complete a registration request, returning a result object with a message and context for the result of the registration attempt.

Parameters

StoreInterface $store
MethodInterface $method
HTTPRequest $request

Return Value

Result

Exceptions

ValidationException

HTTPResponse|array mfa(HTTPRequest $request)

Action handler for loading the MFA authentication React app Template variables defined here will be used by the rendering controller's template - normally Page.ss

Parameters

HTTPRequest $request

Return Value

HTTPResponse|array

HTTPResponse getSchema()

Provides information about the current Member's MFA state

Return Value

HTTPResponse

HTTPResponse startRegistration(HTTPRequest $request)

Handles the request to start a registration

Parameters

HTTPRequest $request

Return Value

HTTPResponse

HTTPResponse finishRegistration(HTTPRequest $request)

Handles the request to verify and process a new registration

Parameters

HTTPRequest $request

Return Value

HTTPResponse

HTTPResponse skipRegistration(HTTPRequest $request)

Handle an HTTP request to skip MFA registration

Parameters

HTTPRequest $request

Return Value

HTTPResponse

Exceptions

ValidationException

HTTPResponse startVerification(HTTPRequest $request)

Handles the request to start an authentication process with an authenticator (possibly specified by the request)

Parameters

HTTPRequest $request

Return Value

HTTPResponse

HTTPResponse finishVerification(HTTPRequest $request)

Handles requests to authenticate from any MFA method, directing verification to the Method supplied.

Parameters

HTTPRequest $request

Return Value

HTTPResponse

Member&MemberExtension getMember()

No description

LoginHandler setLogger(LoggerInterface $logger)

No description

Parameters

LoggerInterface $logger

Return Value

LoginHandler

LoggerInterface|null getLogger()

No description

Return Value

LoggerInterface|null

HTTPResponse jsonResponse(array $response, int $code = 200)

Respond with the given array as a JSON response

Parameters

array $response
int $code

The HTTP response code to set on the response

Return Value

HTTPResponse

protected doPerformLogin(HTTPRequest $request, Member $member)

Complete the login process for the given member by calling "performLogin" on the parent class

Parameters

HTTPRequest $request
Member $member

protected MethodRegistry getMethodRegistry()

No description

Return Value

MethodRegistry