Auth_ORM
Kohana_Auth_ORM
Auth
Kohana_Auth

Class Contents

Constants

  • None

Properties

  • None

Methods

Class declared in MODPATH/auth/classes/auth/orm.php on line 3.

Methods

protected _login( )
Kohana_Auth_ORM

Source Code
protected function _login($user, $password, $remember)
{
	if ( ! is_object($user))
	{
		$username = $user;

		// Load the user
		$user = ORM::factory('user');
		$user->where($user->unique_key($username), '=', $username)->find();
	}

	// If the passwords match, perform a login
	if ($user->has('roles', ORM::factory('role', array('name' => 'login'))) AND $user->password === $password)
	{
		if ($remember === TRUE)
		{
			// Create a new autologin token
			$token = ORM::factory('user_token');

			// Set token data
			$token->user_id = $user->id;
			$token->expires = time() + $this->_config['lifetime'];
			$token->save();

			// Set the autologin cookie
			Cookie::set('authautologin', $token->token, $this->_config['lifetime']);
		}

		// Finish the login
		$this->complete_login($user);

		return TRUE;
	}

	// Login failed
	return FALSE;
}

public auto_login( )
Kohana_Auth_ORM

Source Code
public function auto_login()
{
	if ($token = Cookie::get('authautologin'))
	{
		// Load the token and user
		$token = ORM::factory('user_token', array('token' => $token));

		if ($token->loaded() AND $token->user->loaded())
		{
			if ($token->user_agent === sha1(Request::$user_agent))
			{
				// Save the token to create a new unique token
				$token->save();

				// Set the new token
				Cookie::set('authautologin', $token->token, $token->expires - time());

				// Complete the login with the found data
				$this->complete_login($token->user);

				// Automatic login was successful
				return $token->user;
			}

			// Token is invalid
			$token->delete();
		}
	}

	return FALSE;
}

public check_password( )
Kohana_Auth_ORM

Source Code
public function check_password($password)
{
	$user = $this->get_user();

	if ($user === FALSE)
	{
		// nothing to compare
		return FALSE;
	}

	$hash = $this->hash_password($password, $this->find_salt($user->password));

	return $hash == $user->password;
}

protected complete_login( )
Kohana_Auth_ORM

Source Code
protected function complete_login($user)
{
	$user->complete_login();

	return parent::complete_login($user);
}

public force_login( )
Kohana_Auth_ORM

Source Code
public function force_login($user, $mark_session_as_forced = FALSE)
{
	if ( ! is_object($user))
	{
		$username = $user;

		// Load the user
		$user = ORM::factory('user');
		$user->where($user->unique_key($username), '=', $username)->find();
	}

	if ($mark_session_as_forced === TRUE)
	{
		// Mark the session as forced, to prevent users from changing account information
		$this->_session->set('auth_forced', TRUE);
	}

	// Run the standard completion
	$this->complete_login($user);
}

public get_user( )
Kohana_Auth_ORM

Source Code
public function get_user()
{
	$user = parent::get_user();

	if ($user === FALSE)
	{
		// check for "remembered" login
		$user = $this->auto_login();
	}

	return $user;
}

public logged_in( )
Kohana_Auth_ORM

Source Code
public function logged_in($role = NULL)
{
	$status = FALSE;

	// Get the user from the session
	$user = $this->get_user();

	if (is_object($user) AND $user instanceof Model_User AND $user->loaded())
	{
		// Everything is okay so far
		$status = TRUE;

		if ( ! empty($role))
		{
			// Multiple roles to check
			if (is_array($role))
			{
				// Check each role
				foreach ($role as $_role)
				{
					if ( ! is_object($_role))
					{
						$_role = ORM::factory('role', array('name' => $_role));
					}

					// If the user doesn't have the role
					if ( ! $user->has('roles', $_role))
					{
						// Set the status false and get outta here
						$status = FALSE;
						break;
					}
				}
			}
			// Single role to check
			else
			{
				if ( ! is_object($role))
				{
					// Load the role
					$role = ORM::factory('role', array('name' => $role));
				}

				// Check that the user has the given role
				$status = $user->has('roles', $role);
			}
		}
	}

	return $status;
}

public logout( )
Kohana_Auth_ORM

Source Code
public function logout($destroy = FALSE, $logout_all = FALSE)
{
	// Set by force_login()
	$this->_session->delete('auth_forced');

	if ($token = Cookie::get('authautologin'))
	{
		// Delete the autologin cookie to prevent re-login
		Cookie::delete('authautologin');

		// Clear the autologin token from the database
		$token = ORM::factory('user_token', array('token' => $token));

		if ($token->loaded() AND $logout_all)
		{
			ORM::factory('user_token')->where('user_id', '=', $token->user_id)->delete_all();
		}
		elseif ($token->loaded())
		{
			$token->delete();
		}
	}

	return parent::logout($destroy);
}

public password( )
Kohana_Auth_ORM

Source Code
public function password($user)
{
	if ( ! is_object($user))
	{
		$username = $user;

		// Load the user
		$user = ORM::factory('user');
		$user->where($user->unique_key($username), '=', $username)->find();
	}

	return $user->password;
}

public __construct( )
Kohana_Auth

Source Code
public function __construct($config = array())
{
	// Clean up the salt pattern and split it into an array
	$config['salt_pattern'] = preg_split('/,\s*/', Kohana::config('auth')->get('salt_pattern'));

	// Save the config in the object
	$this->_config = $config;

	$this->_session = Session::instance();
}

public static factory( )
Kohana_Auth

Source Code
public static function factory($config = array())
{
	return new Auth($config);
}

public find_salt( )
Kohana_Auth

Source Code
public function find_salt($password)
{
	$salt = '';

	foreach ($this->_config['salt_pattern'] as $i => $offset)
	{
		// Find salt characters, take a good long look...
		$salt .= substr($password, $offset + $i, 1);
	}

	return $salt;
}

public hash( )
Kohana_Auth

Source Code
public function hash($str)
{
	return hash($this->_config['hash_method'], $str);
}

public hash_password( )
Kohana_Auth

Source Code
public function hash_password($password, $salt = FALSE)
{
	if ($salt === FALSE)
	{
		// Create a salt seed, same length as the number of offsets in the pattern
		$salt = substr($this->hash(uniqid(NULL, TRUE)), 0, count($this->_config['salt_pattern']));
	}

	// Password hash that the salt will be inserted into
	$hash = $this->hash($salt.$password);

	// Change salt to an array
	$salt = str_split($salt, 1);

	// Returned password
	$password = '';

	// Used to calculate the length of splits
	$last_offset = 0;

	foreach ($this->_config['salt_pattern'] as $offset)
	{
		// Split a new part of the hash off
		$part = substr($hash, 0, $offset - $last_offset);

		// Cut the current part out of the hash
		$hash = substr($hash, $offset - $last_offset);

		// Add the part to the password, appending the salt character
		$password .= $part.array_shift($salt);

		// Set the last offset to the current offset
		$last_offset = $offset;
	}

	// Return the password, with the remaining hash appended
	return $password.$hash;
}

public static instance( )
Kohana_Auth

Source Code
public static function instance()
{
	if ( ! isset(Auth::$_instance))
	{
		// Load the configuration for this type
		$config = Kohana::config('auth');

		if ( ! $type = $config->get('driver'))
		{
			$type = 'ORM';
		}

		// Set the session class name
		$class = 'Auth_'.ucfirst($type);

		// Create a new session instance
		Auth::$_instance = new $class($config);
	}

	return Auth::$_instance;
}

public login( )
Kohana_Auth

Source Code
public function login($username, $password, $remember = FALSE)
{
	if (empty($password))
		return FALSE;

	if (is_string($password))
	{
		// Get the salt from the stored password
		$salt = $this->find_salt($this->password($username));

		// Create a hashed password using the salt from the stored password
		$password = $this->hash_password($password, $salt);
	}

	return $this->_login($username, $password, $remember);
}