Class TAuthManager
TAuthManager class
TAuthManager performs user authentication and authorization for a Prado
application. TAuthManager works together with a IUserManager
module that
can be specified via the setUserManager UserManager property. If an
authorization fails, TAuthManager will try to redirect the client browser to a
login page that is specified via the setLoginPage LoginPage. To login or
logout a user, call TAuthManager::login()
or TAuthManager::logout()
, respectively.
The setAuthExpire AuthExpire property can be used to define the time in seconds after which the authentication should expire. setAllowAutoLogin AllowAutoLogin specifies if the login information should be stored in a cookie to perform automatic login. Enabling this feature will cause that setAuthExpire AuthExpire has no effect since the user will be logged in again on authentication expiration.
To load TAuthManager, configure it in application configuration as follows, <module id="auth" class="System.Security.TAuthManager" UserManager="users" LoginPage="login" /> <module id="users" class="System.Security.TUserManager" />
- TComponent
-
TApplicationComponent
-
TModule implements IModule
-
TAuthManager
Copyright: Copyright © 2005-2014 PradoSoft
License: http://www.pradosoft.com/license/
Author: Qiang Xue <qiang.xue@gmail.com>
Since: 3.0
Located at Security/TAuthManager.php
public
|
#
init(
Initializes this module. This method is required by the IModule interface. |
public
|
|
public
|
|
public
string
|
|
public
|
#
setLoginPage( string $pagePath )
Sets the login page that the client browser will be redirected to if login is needed. Login page should be specified in the format of page path. |
public
|
#
doAuthentication( mixed $sender, mixed $param )
Performs authentication. This is the event handler attached to application's Authentication event. Do not call this method directly. |
public
|
#
doAuthorization( mixed $sender, mixed $param )
Performs authorization. This is the event handler attached to application's Authorization event. Do not call this method directly. |
public
|
#
leave( mixed $sender, mixed $param )
Performs login redirect if authorization fails. This is the event handler attached to application's EndRequest event. Do not call this method directly. |
public
string
|
|
public
|
|
public
string
|
|
public
|
#
setReturnUrl( string $value )
Sets the URL that the browser should be redirected to when login succeeds. |
public
boolean
|
|
public
|
|
public
integer
|
|
public
|
|
public
|
#
onAuthenticate( mixed $param )
Performs the real authentication work. An OnAuthenticate event will be raised if there is any handler attached to it. If the application already has a non-null user, it will return without further authentication. Otherwise, user information will be restored from session data. |
public
|
#
onAuthExpire( mixed $param )
Performs user logout on authentication expiration. An 'OnAuthExpire' event will be raised if there is any handler attached to it. |
public
|
#
onAuthorize( mixed $param )
Performs the real authorization work. Authorization rules obtained from the application will be used to check if a user is allowed. If authorization fails, the response status code will be set as 401 and the application terminates. |
public
string
|
|
protected
string
|
|
public
|
|
public
boolean
|
#
switchUser( string $username )
Switches to a new user. This method will logout the current user first and login with a new one (without password.) |
public
boolean
|
#
login( string $username, string $password, integer $expire = 0 )
Logs in a user with username and password. The username and password will be used to validate if login is successful. If yes, a user object will be created for the application. |
public
|
getID(),
setID()
|
getApplication(),
getRequest(),
getResponse(),
getService(),
getSession(),
getUser(),
publishAsset(),
publishFilePath()
|
string |
RETURN_URL_VAR |
'ReturnUrl' |
#
GET variable name for return url |
GLOBAL_RAISE_EVENT_LISTENER
|