cakephp2-php8/lib/Cake/Controller/Component/Auth/FormAuthenticate.php

<?php
/**
 * PHP 5
 *
 * CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
 * Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
 *
 * Licensed under The MIT License
 * For full copyright and license information, please see the LICENSE.txt
 * Redistributions of files must retain the above copyright notice.
 *
 * @copyright     Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
 * @link          http://cakephp.org CakePHP(tm) Project
 * @license       MIT License (http://www.opensource.org/licenses/mit-license.php)
 */

App::uses('BaseAuthenticate', 'Controller/Component/Auth');

/**
 * An authentication adapter for AuthComponent. Provides the ability to authenticate using POST
 * data. Can be used by configuring AuthComponent to use it via the AuthComponent::$authenticate setting.
 *
 * {{{
 *	$this->Auth->authenticate = array(
 *		'Form' => array(
 *			'scope' => array('User.active' => 1)
 *		)
 *	)
 * }}}
 *
 * When configuring FormAuthenticate you can pass in settings to which fields, model and additional conditions
 * are used. See FormAuthenticate::$settings for more information.
 *
 * @package       Cake.Controller.Component.Auth
 * @since 2.0
 * @see AuthComponent::$authenticate
 */
class FormAuthenticate extends BaseAuthenticate {

/**
 * Checks the fields to ensure they are supplied.
 *
 * @param CakeRequest $request The request that contains login information.
 * @param string $model The model used for login verification.
 * @param array $fields The fields to be checked.
 * @return boolean False if the fields have not been supplied. True if they exist.
 */
	protected function _checkFields(CakeRequest $request, $model, $fields) {
		if (empty($request->data[$model])) {
			return false;
		}
		if (
			empty($request->data[$model][$fields['username']]) ||
			empty($request->data[$model][$fields['password']])
		) {
			return false;
		}
		return true;
	}

/**
 * Authenticates the identity contained in a request. Will use the `settings.userModel`, and `settings.fields`
 * to find POST data that is used to find a matching record in the `settings.userModel`. Will return false if
 * there is no post data, either username or password is missing, of if the scope conditions have not been met.
 *
 * @param CakeRequest $request The request that contains login information.
 * @param CakeResponse $response Unused response object.
 * @return mixed False on login failure. An array of User data on success.
 */
	public function authenticate(CakeRequest $request, CakeResponse $response) {
		$userModel = $this->settings['userModel'];
		list(, $model) = pluginSplit($userModel);

		$fields = $this->settings['fields'];
		if (!$this->_checkFields($request, $model, $fields)) {
			return false;
		}
		return $this->_findUser(
			$request->data[$model][$fields['username']],
			$request->data[$model][$fields['password']]
		);
	}

}
Starting to extract authentication objects out of AuthComponent. Started off with extracting FormAuthenticate as its what currently exists in AuthComponent. Test case added. 2011-01-02 05:57:23 +00:00			`<?php`
Adding doc blocks for FormAuthenticate. 2011-01-02 17:31:48 +00:00			`/**`
			`* PHP 5`
			`*`
			`* CakePHP(tm) : Rapid Development Framework (http://cakephp.org)`
This commit is dedicated to Mark Story, who has put in much dedicated time and effort into CakePHP over the years. I just wanted to ruin his evening, because this change needs to be merged into CakePHP 3.0. 2013-02-08 11:59:49 +00:00			`* Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)`
Adding doc blocks for FormAuthenticate. 2011-01-02 17:31:48 +00:00			`*`
			`* Licensed under The MIT License`
Added extra line for referencing license file for copyright 2013-02-08 12:22:51 +00:00			`* For full copyright and license information, please see the LICENSE.txt`
Adding doc blocks for FormAuthenticate. 2011-01-02 17:31:48 +00:00			`* Redistributions of files must retain the above copyright notice.`
			`*`
This commit is dedicated to Mark Story, who has put in much dedicated time and effort into CakePHP over the years. I just wanted to ruin his evening, because this change needs to be merged into CakePHP 3.0. 2013-02-08 11:59:49 +00:00			`* @copyright Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)`
Adding doc blocks for FormAuthenticate. 2011-01-02 17:31:48 +00:00			`* @link http://cakephp.org CakePHP(tm) Project`
			`* @license MIT License (http://www.opensource.org/licenses/mit-license.php)`
			`*/`
Starting to migrate AuthComponent to the new class loader 2011-03-05 22:10:42 +00:00
			`App::uses('BaseAuthenticate', 'Controller/Component/Auth');`
Starting to extract authentication objects out of AuthComponent. Started off with extracting FormAuthenticate as its what currently exists in AuthComponent. Test case added. 2011-01-02 05:57:23 +00:00
Adding doc blocks for FormAuthenticate. 2011-01-02 17:31:48 +00:00			`/**`
double spaces to single ones 2012-12-22 22:48:15 +00:00			`* An authentication adapter for AuthComponent. Provides the ability to authenticate using POST`
			`* data. Can be used by configuring AuthComponent to use it via the AuthComponent::$authenticate setting.`
Adding doc blocks for FormAuthenticate. 2011-01-02 17:31:48 +00:00			`*`
			`* {{{`
			`* $this->Auth->authenticate = array(`
			`* 'Form' => array(`
			`* 'scope' => array('User.active' => 1)`
			`* )`
			`* )`
			`* }}}`
			`*`
			`* When configuring FormAuthenticate you can pass in settings to which fields, model and additional conditions`
			`* are used. See FormAuthenticate::$settings for more information.`
			`*`
Updating all @package annotations in doc blocks 2011-07-26 06:16:14 +00:00			`* @package Cake.Controller.Component.Auth`
Adding doc blocks for FormAuthenticate. 2011-01-02 17:31:48 +00:00			`* @since 2.0`
Removing isAuthorized() as there is no need for it once AuthComponent is updated. 2011-01-02 18:21:21 +00:00			`* @see AuthComponent::$authenticate`
Adding doc blocks for FormAuthenticate. 2011-01-02 17:31:48 +00:00			`*/`
Extracting a base class. 2011-01-21 23:09:41 +00:00			`class FormAuthenticate extends BaseAuthenticate {`
Starting to extract authentication objects out of AuthComponent. Started off with extracting FormAuthenticate as its what currently exists in AuthComponent. Test case added. 2011-01-02 05:57:23 +00:00
Add BlowfishAuthenticate adapter. 2012-08-15 17:49:31 +00:00			`/**`
			`* Checks the fields to ensure they are supplied.`
			`*`
			`* @param CakeRequest $request The request that contains login information.`
			`* @param string $model The model used for login verification.`
			`* @param array $fields The fields to be checked.`
			`* @return boolean False if the fields have not been supplied. True if they exist.`
			`*/`
			`protected function _checkFields(CakeRequest $request, $model, $fields) {`
			`if (empty($request->data[$model])) {`
			`return false;`
			`}`
			`if (`
			`empty($request->data[$model][$fields['username']]) \|\|`
			`empty($request->data[$model][$fields['password']])`
			`) {`
			`return false;`
			`}`
			`return true;`
			`}`

Starting to extract authentication objects out of AuthComponent. Started off with extracting FormAuthenticate as its what currently exists in AuthComponent. Test case added. 2011-01-02 05:57:23 +00:00			`/**`
double spaces to single ones 2012-12-22 22:48:15 +00:00			* Authenticates the identity contained in a request. Will use the `settings.userModel`, and `settings.fields`
			* to find POST data that is used to find a matching record in the `settings.userModel`. Will return false if
Starting to extract authentication objects out of AuthComponent. Started off with extracting FormAuthenticate as its what currently exists in AuthComponent. Test case added. 2011-01-02 05:57:23 +00:00			`* there is no post data, either username or password is missing, of if the scope conditions have not been met.`
			`*`
			`* @param CakeRequest $request The request that contains login information.`
Adding a response parameter to authenticate() both basic and digest auth need to set response headers. 2011-01-22 00:56:23 +00:00			`* @param CakeResponse $response Unused response object.`
Docblock fixes 2012-11-28 22:30:47 +00:00			`* @return mixed False on login failure. An array of User data on success.`
Starting to extract authentication objects out of AuthComponent. Started off with extracting FormAuthenticate as its what currently exists in AuthComponent. Test case added. 2011-01-02 05:57:23 +00:00			`*/`
Adding a response parameter to authenticate() both basic and digest auth need to set response headers. 2011-01-22 00:56:23 +00:00			`public function authenticate(CakeRequest $request, CakeResponse $response) {`
Starting to extract authentication objects out of AuthComponent. Started off with extracting FormAuthenticate as its what currently exists in AuthComponent. Test case added. 2011-01-02 05:57:23 +00:00			`$userModel = $this->settings['userModel'];`
remove unused local variables and a few improvements 2012-12-20 12:47:03 +00:00			`list(, $model) = pluginSplit($userModel);`
Fixing issues with FormAuthenticate and plugin models. 2011-01-03 23:17:27 +00:00
Starting to extract authentication objects out of AuthComponent. Started off with extracting FormAuthenticate as its what currently exists in AuthComponent. Test case added. 2011-01-02 05:57:23 +00:00			`$fields = $this->settings['fields'];`
Add BlowfishAuthenticate adapter. 2012-08-15 17:49:31 +00:00			`if (!$this->_checkFields($request, $model, $fields)) {`
Starting to extract authentication objects out of AuthComponent. Started off with extracting FormAuthenticate as its what currently exists in AuthComponent. Test case added. 2011-01-02 05:57:23 +00:00			`return false;`
			`}`
Extracting common logic into the base class. 2011-01-22 01:52:38 +00:00			`return $this->_findUser(`
			`$request->data[$model][$fields['username']],`
			`$request->data[$model][$fields['password']]`
Starting to extract authentication objects out of AuthComponent. Started off with extracting FormAuthenticate as its what currently exists in AuthComponent. Test case added. 2011-01-02 05:57:23 +00:00			`);`
			`}`
Removing automatic password hashing from AuthComponent. Its a frustrating feature that often befuddles new users, and can be plain annoying sometimes. Moving hashing into FormAuthenticate. Updating tests. 2011-01-21 21:22:29 +00:00
Extracting password hashing into as separate method. This makes is much easier for a subclass to only change how passwords are hashed. 2011-09-21 11:38:22 +00:00			`}`