Source for file User.php
Documentation is available at User.php
6: * @copyright Copyright (c) 2004, 2010 David Grudl
7: * @license http://nettephp.com/license Nette license
8: * @link http://nettephp.com
16: * User authentication and authorization.
18: * @copyright Copyright (c) 2004, 2010 David Grudl
21: * @property-read IIdentity $identity
22: * @property IAuthenticator $authenticationHandler
23: * @property IAuthorizator $authorizationHandler
24: * @property-read int $logoutReason
25: * @property-read array $roles
26: * @property-read bool $authenticated
30: /**#@+ log-out reason {@link User::getLogoutReason()} */
36: /** @var string default role for unauthenticated user */
39: /** @var string default role for authenticated user without own identity */
42: /** @var array of function(User $sender); Occurs when the user is successfully logged in */
45: /** @var array of function(User $sender); Occurs when the user is logged out */
54: /** @var IAuthenticator */
55: private $authenticationHandler;
57: /** @var IAuthorizator */
58: private $authorizationHandler;
61: private $namespace =
'';
63: /** @var SessionNamespace */
77: /********************* Authentication ****************d*g**/
82: * Conducts the authentication process.
87: * @throws AuthenticationException if authentication was not successful
89: public function login($username, $password, $extra =
NULL)
92: if ($handler ===
NULL) {
98: $credentials =
array(
106: $this->onLoggedIn($this);
112: * Logs out the user from the current session.
113: * @param bool clear the identity from persistent storage?
116: final public function logout($clearIdentity =
FALSE)
120: $this->onLoggedOut($this);
123: if ($clearIdentity) {
131: * Is this user authenticated?
137: return $session &&
$session->authenticated;
143: * Returns current user identity, if any.
149: return $session ?
$session->identity :
NULL;
155: * Sets authentication handler.
156: * @param IAuthenticator
157: * @return User provides a fluent interface
161: $this->authenticationHandler =
$handler;
168: * Returns authentication handler.
169: * @return IAuthenticator
173: if ($this->authenticationHandler ===
NULL) {
176: return $this->authenticationHandler;
182: * Changes namespace; allows more users to share a session.
184: * @return User provides a fluent interface
188: if ($this->namespace !==
$namespace) {
189: $this->namespace = (string)
$namespace;
190: $this->session =
NULL;
198: * Returns current namespace.
203: return $this->namespace;
209: * Enables log out after inactivity.
210: * @param string|int|DateTimenumber of seconds or timestamp
211: * @param bool log out when the browser is closed?
212: * @param bool clear the identity from persistent storage?
213: * @return User provides a fluent interface
215: public function setExpiration($time, $whenBrowserIsClosed =
TRUE, $clearIdentity =
FALSE)
220: $session->expireTime =
$time;
221: $session->expireDelta =
$time -
time();
224: unset($session->expireTime, $session->expireDelta);
227: $session->expireIdentity = (bool)
$clearIdentity;
228: $session->expireBrowser = (bool)
$whenBrowserIsClosed;
229: $session->browserCheck =
TRUE;
230: $session->setExpiration(0, 'browserCheck');
237: * Why was user logged out?
243: return $session ?
$session->reason :
NULL;
249: * Returns and initializes $this->session.
250: * @return SessionNamespace
254: if ($this->session !==
NULL) {
255: return $this->session;
259: if (!$need &&
!$sessionHandler->exists()) {
263: $this->session =
$session =
$sessionHandler->getNamespace('Nette.Web.User/' .
$this->namespace);
269: if ($session->authenticated &&
$session->expireBrowser &&
!$session->browserCheck) { // check if browser was closed?
270: $session->reason =
self::BROWSER_CLOSED;
271: $session->authenticated =
FALSE;
272: $this->onLoggedOut($this);
273: if ($session->expireIdentity) {
274: unset($session->identity);
278: if ($session->authenticated &&
$session->expireDelta >
0) { // check time expiration
279: if ($session->expireTime <
time()) {
280: $session->reason =
self::INACTIVITY;
281: $session->authenticated =
FALSE;
282: $this->onLoggedOut($this);
283: if ($session->expireIdentity) {
284: unset($session->identity);
287: $session->expireTime =
time() +
$session->expireDelta; // sliding expiration
290: if (!$session->authenticated) {
291: unset($session->expireTime, $session->expireDelta, $session->expireIdentity,
292: $session->expireBrowser, $session->browserCheck, $session->authTime);
295: return $this->session;
301: * Sets the authenticated status of this user.
302: * @param bool flag indicating the authenticated status of user
303: * @return User provides a fluent interface
308: $session->authenticated = (bool)
$state;
310: // Session Fixation defence
314: $session->reason =
NULL;
315: $session->authTime =
time(); // informative value
318: $session->reason =
self::MANUAL;
319: $session->authTime =
NULL;
327: * Sets the user identity.
329: * @return User provides a fluent interface
339: /********************* Authorization ****************d*g**/
344: * Returns a list of effective roles that a user has been granted.
360: * Is a user in the specified effective role?
372: * Has a user effective access to the Resource?
373: * If $resource is NULL, then the query applies to all resources.
374: * @param string resource
375: * @param string privilege
378: public function isAllowed($resource =
NULL, $privilege =
NULL)
386: if ($handler->isAllowed($role, $resource, $privilege)) return TRUE;
395: * Sets authorization handler.
396: * @param IAuthorizator
397: * @return User provides a fluent interface
401: $this->authorizationHandler =
$handler;
408: * Returns current authorization handler.
409: * @return IAuthorizator
413: if ($this->authorizationHandler ===
NULL) {
416: return $this->authorizationHandler;
421: /********************* backend ****************d*g**/
426: * Returns session handler.
436: /**#@+ deprecated method - use login(), logout(), isLoggedIn() */
439: return $this->login($username, $password, $extra);