interface Authenticator (View source)

Abstract base class for an authentication method

This class is used as a base class for the different authentication methods like {@link MemberAuthenticator} or {@link OpenIDAuthenticator}.

Constants

LOGIN

Can log a user in

LOGOUT

Can log user out

CHANGE_PASSWORD

Can change password (check + reset)

RESET_PASSWORD

Can modify password

CMS_LOGIN

In-CMS authentication

CHECK_PASSWORD

Can check password is valid without logging the user in or modifying the password

Methods

int
supportedServices()

Returns the services supported by this authenticator

getLoginHandler(string $link)

Return RequestHandler to manage the log-in process.

getLogOutHandler(string $link)

Return the RequestHandler to manage the log-out process.

getChangePasswordHandler(string $link)

Return RequestHandler to manage the change-password process.

mixed
getLostPasswordHandler(string $link)

No description

authenticate(array $data, HTTPRequest $request, ValidationResult $result = null)

Method to authenticate an user.

checkPassword(Member $member, string $password, ValidationResult $result = null)

Check if the passed password matches the stored one (if the member is not locked out).

Details

int supportedServices()

Returns the services supported by this authenticator

The number should be a bitwise-OR of 1 or more of the following constants: Authenticator::LOGIN, Authenticator::LOGOUT, Authenticator::CHANGE_PASSWORD, Authenticator::RESET_PASSWORD, or Authenticator::CMS_LOGIN

Return Value

int

LoginHandler getLoginHandler(string $link)

Return RequestHandler to manage the log-in process.

The default URL of the RequestHandler should return the initial log-in form, any other URL may be added for other steps & processing.

URL-handling methods may return an array [ "Form" => (form-object) ] which can then be merged into a default controller.

Parameters

string $link

The base link to use for this RequestHandler

Return Value

LoginHandler

LogoutHandler getLogOutHandler(string $link)

Return the RequestHandler to manage the log-out process.

The default URL of the RequestHandler should log the user out immediately and destroy the session.

Parameters

string $link

The base link to use for this RequestHandler

Return Value

LogoutHandler

getChangePasswordHandler(string $link)

Return RequestHandler to manage the change-password process.

The default URL of the RequetHandler should return the initial change-password form, any other URL may be added for other steps & processing.

URL-handling methods may return an array [ "Form" => (form-object) ] which can then be merged into a default controller.

Parameters

string $link

The base link to use for this RequestHnadler

mixed getLostPasswordHandler(string $link)

Parameters

string $link

Return Value

mixed

Member authenticate(array $data, HTTPRequest $request, ValidationResult $result = null)

Method to authenticate an user.

Parameters

array $data

Raw data to authenticate the user.

HTTPRequest $request
ValidationResult $result

A validationresult which is either valid or contains the error message(s)

Return Value

Member

The matched member, or null if the authentication fails

ValidationResult checkPassword(Member $member, string $password, ValidationResult $result = null)

Check if the passed password matches the stored one (if the member is not locked out).

Note, we don't return early, to prevent differences in timings to give away if a member password is invalid.

Parameters

Member $member
string $password
ValidationResult $result

Return Value

ValidationResult