fuseguard.components.authenticators.BaseAuthenticator

fuseguard.components.authenticators
Component BaseAuthenticator

authenticators.BaseAuthenticator

The base authentication component (abstract)

Method Summary

public any init([any firewallInstance])
          Initialize the Authenticator on firewall configure.

package void auditUserEvent([string user_id="0"], string event_type, string event_description)
          I log a user action

public boolean authenticate(string username, string password)
          I authenticate a user credential

public boolean authenticateByToken([string auth_token="#getAuthenticationCookieValue()#"])

public boolean canEditUsers()
          Returns true if this Authenticator supports the methods to edit users and change passwords

public boolean changeForgotPassword(string email, string password, string confirm_password, string forgot_password_hash)

public void changePassword(string user_id, string old_password, string new_password, string confirm_password)
          Used to change a users password

public boolean constantTimeCompare([string a], [string b])
          Returns true if same string. Does not return early if difference found to avoid timing flaws.

package string createAuthenticationToken([string user_id], [string password_hash], [string token])

public void deleteAuthenticationCookie()
          I remove the authenication cookie value.

package string generateForgotPasswordToken([any user_id])

public string generateHash([string data], [string algorithm="#getHashAlgorithm()#"], [string salt="#generateToken()#"], [any work_factor="#getWorkFactor()#"], [any keysize="#getKeySize()#"])
          Performs a Hash Operation

public any generateToken()
          Returns a token to be stored with the user account.

public query getAllUsers()
          Returns a query of all users with columns id,username,email,roles,enabled

public string getAuthenticatedUserID()
          Returns authenticated user id or 0 if not authenticated

public string getAuthenticatedUserRoles()
          Returns authenticated user roles or empty string if not authenticated

public string getAuthenticatedUserToken()

public string getAuthenticationCookieValue()
          I return authentication cookie value

public string getDefaultHashAlgorithm()
          Returns the default password hashing algorithm for this implementation.

public string getDescription()
          Returns a description of where the data is stored, eg datasource name.

public string getHashAlgorithm()
          Returns the hashing algorithm used to hash passwords

public string getKeySize()
          Returns the password storage key size

public numeric getMinimumPasswordLength()
          Returns the minimum password length

public string getTokenType()
          Returns one of AES,DES,DESEDE,BLOWFISH, or UUID

public query getUserByEmail([any email])
          Returns user info query by email address

public query getUserByID([any user_id])
          Returns a query with columns id, username, token, email, password, enabled, roles

public string getWorkFactor()
          Returns the password work factor

public boolean isAuthenticatedUserAdmin()
          Returns true if authenticated user has admin role.

public boolean isAuthenticatedUserInRole([variablename role="admin"])
          Returns true if the user is authenticated

public boolean isPasswordValid(string password)
          Used to validate that a password matches required criteria, (eg min length)

public boolean isUserAuthenticated()
          Returns true if a user is authenticated.

public void logout()
          Removes all authentication cookies

public void sendForgotPasswordEmail(string email)

package void setAuthenticationCookie([string auth_token])

public void setHashAlgorithm([string algorithm])
          Changes the hashing algorithm used. WARNING if you change this you may not be able to login without updating your data.

package void setIsAuthenticated([string user_id], [string username], [string email], [string password_hash], [string token], [string roles=""], [string auth_token=""])

public void setKeySize([any size="256"])
          Used to set the password storage key size.

public void setMinimumPasswordLength([numeric length="5"])
          Used to set the minimum password length

public void setWorkFactor([any work_factor="10000"])
          Used to set the password storage work factor.

public string updateUser([string user_id], [struct user])
          Updates or creates a user by passing in a struct with keys email, roles, enabled, etc. Performs security checks to make sure the current user may perform this action as well. Returns the user id of the new or existing user.

package boolean verifyForgotPasswordToken([any user_id], [any token])

public boolean verifyHash([string hashData], [string plainData])
          Checks a hash value against a plain text value

Method Detail

auditUserEvent

package void auditUserEvent([string user_id="0"], string event_type, string event_description)

I log a user action

Parameters:: [string user_id="0"]; string event_type; string event_description

authenticate

public boolean authenticate(string username, string password)

I authenticate a user credential

Parameters:: string username; string password

authenticateByToken

public boolean authenticateByToken([string auth_token="#getAuthenticationCookieValue()#"])

Parameters:: [string auth_token="#getAuthenticationCookieValue()#"]

canEditUsers

public boolean canEditUsers()

Returns true if this Authenticator supports the methods to edit users and change passwords

changeForgotPassword

public boolean changeForgotPassword(string email, string password, string confirm_password, string forgot_password_hash)

Parameters:: string email; string password; string confirm_password; string forgot_password_hash

changePassword

public void changePassword(string user_id, string old_password, string new_password, string confirm_password)

Used to change a users password

Parameters:: string user_id; string old_password; string new_password; string confirm_password

constantTimeCompare

public boolean constantTimeCompare([string a], [string b])

Returns true if same string. Does not return early if difference found to avoid timing flaws.

Parameters:: [string a]; [string b]

createAuthenticationToken

package string createAuthenticationToken([string user_id], [string password_hash], [string token])

Parameters:: [string user_id]; [string password_hash]; [string token]

deleteAuthenticationCookie

public void deleteAuthenticationCookie()

I remove the authenication cookie value.

generateForgotPasswordToken

package string generateForgotPasswordToken([any user_id])

Parameters:: [any user_id]

generateHash

public string generateHash([string data], [string algorithm="#getHashAlgorithm()#"], [string salt="#generateToken()#"], [any work_factor="#getWorkFactor()#"], [any keysize="#getKeySize()#"])

Performs a Hash Operation

Parameters:: [string data]; [string algorithm="#getHashAlgorithm()#"]; [string salt="#generateToken()#"]; [any work_factor="#getWorkFactor()#"]; [any keysize="#getKeySize()#"]

generateToken

public any generateToken()

Returns a token to be stored with the user account.

getAllUsers

public query getAllUsers()

Returns a query of all users with columns id,username,email,roles,enabled

getAuthenticatedUserID

public string getAuthenticatedUserID()

Returns authenticated user id or 0 if not authenticated

getAuthenticatedUserRoles

public string getAuthenticatedUserRoles()

Returns authenticated user roles or empty string if not authenticated

getAuthenticatedUserToken

public string getAuthenticatedUserToken()

getAuthenticationCookieValue

public string getAuthenticationCookieValue()

I return authentication cookie value

getDefaultHashAlgorithm

public string getDefaultHashAlgorithm()

Returns the default password hashing algorithm for this implementation.

getDescription

public string getDescription()

Returns a description of where the data is stored, eg datasource name.

getHashAlgorithm

public string getHashAlgorithm()

Returns the hashing algorithm used to hash passwords

getKeySize

public string getKeySize()

Returns the password storage key size

getMinimumPasswordLength

public numeric getMinimumPasswordLength()

Returns the minimum password length

getTokenType

public string getTokenType()

Returns one of AES,DES,DESEDE,BLOWFISH, or UUID

getUserByEmail

public query getUserByEmail([any email])

Returns user info query by email address

Parameters:: [any email]

getUserByID

public query getUserByID([any user_id])

Returns a query with columns id, username, token, email, password, enabled, roles

Parameters:: [any user_id]

getWorkFactor

public string getWorkFactor()

Returns the password work factor

init

public any init([any firewallInstance])

Initialize the Authenticator on firewall configure.

Parameters:: [any firewallInstance]

isAuthenticatedUserAdmin

public boolean isAuthenticatedUserAdmin()

Returns true if authenticated user has admin role.

isAuthenticatedUserInRole

public boolean isAuthenticatedUserInRole([variablename role="admin"])

Returns true if the user is authenticated

Parameters:: [variablename role="admin"]

isPasswordValid

public boolean isPasswordValid(string password)

Used to validate that a password matches required criteria, (eg min length)

Parameters:: string password

isUserAuthenticated

public boolean isUserAuthenticated()

Returns true if a user is authenticated.

logout

public void logout()

Removes all authentication cookies

sendForgotPasswordEmail

public void sendForgotPasswordEmail(string email)

Parameters:: string email

setAuthenticationCookie

package void setAuthenticationCookie([string auth_token])

Parameters:: [string auth_token]

setHashAlgorithm

public void setHashAlgorithm([string algorithm])

Changes the hashing algorithm used. WARNING if you change this you may not be able to login without updating your data.

Parameters:: [string algorithm]

setIsAuthenticated

package void setIsAuthenticated([string user_id], [string username], [string email], [string password_hash], [string token], [string roles=""], [string auth_token=""])

Parameters:: [string user_id]; [string username]; [string email]; [string password_hash]; [string token]; [string roles=""]; [string auth_token=""]

setKeySize

public void setKeySize([any size="256"])

Used to set the password storage key size.

Parameters:: [any size="256"]

setMinimumPasswordLength

public void setMinimumPasswordLength([numeric length="5"])

Used to set the minimum password length

Parameters:: [numeric length="5"]

setWorkFactor

public void setWorkFactor([any work_factor="10000"])

Used to set the password storage work factor.

Parameters:: [any work_factor="10000"]

updateUser

public string updateUser([string user_id], [struct user])

Updates or creates a user by passing in a struct with keys email, roles, enabled, etc. Performs security checks to make sure the current user may perform this action as well. Returns the user id of the new or existing user.

Parameters:: [string user_id]; [struct user]

verifyForgotPasswordToken

package boolean verifyForgotPasswordToken([any user_id], [any token])

Parameters:: [any user_id]; [any token]

verifyHash

public boolean verifyHash([string hashData], [string plainData])

Checks a hash value against a plain text value

Parameters:: [string hashData]; [string plainData]

Method Summary
`public any`	`init([any firewallInstance])` Initialize the Authenticator on firewall configure.
`package void`	`auditUserEvent([string user_id="0"], string event_type, string event_description)` I log a user action
`public boolean`	`authenticate(string username, string password)` I authenticate a user credential
`public boolean`	`authenticateByToken([string auth_token="#getAuthenticationCookieValue()#"])`
`public boolean`	`canEditUsers()` Returns true if this Authenticator supports the methods to edit users and change passwords
`public boolean`	`changeForgotPassword(string email, string password, string confirm_password, string forgot_password_hash)`
`public void`	`changePassword(string user_id, string old_password, string new_password, string confirm_password)` Used to change a users password
`public boolean`	`constantTimeCompare([string a], [string b])` Returns true if same string. Does not return early if difference found to avoid timing flaws.
`package string`	`createAuthenticationToken([string user_id], [string password_hash], [string token])`
`public void`	`deleteAuthenticationCookie()` I remove the authenication cookie value.
`package string`	`generateForgotPasswordToken([any user_id])`
`public string`	`generateHash([string data], [string algorithm="#getHashAlgorithm()#"], [string salt="#generateToken()#"], [any work_factor="#getWorkFactor()#"], [any keysize="#getKeySize()#"])` Performs a Hash Operation
`public any`	`generateToken()` Returns a token to be stored with the user account.
`public query`	`getAllUsers()` Returns a query of all users with columns id,username,email,roles,enabled
`public string`	`getAuthenticatedUserID()` Returns authenticated user id or 0 if not authenticated
`public string`	`getAuthenticatedUserRoles()` Returns authenticated user roles or empty string if not authenticated
`public string`	`getAuthenticatedUserToken()`
`public string`	`getAuthenticationCookieValue()` I return authentication cookie value
`public string`	`getDefaultHashAlgorithm()` Returns the default password hashing algorithm for this implementation.
`public string`	`getDescription()` Returns a description of where the data is stored, eg datasource name.
`public string`	`getHashAlgorithm()` Returns the hashing algorithm used to hash passwords
`public string`	`getKeySize()` Returns the password storage key size
`public numeric`	`getMinimumPasswordLength()` Returns the minimum password length
`public string`	`getTokenType()` Returns one of AES,DES,DESEDE,BLOWFISH, or UUID
`public query`	`getUserByEmail([any email])` Returns user info query by email address
`public query`	`getUserByID([any user_id])` Returns a query with columns id, username, token, email, password, enabled, roles
`public string`	`getWorkFactor()` Returns the password work factor
`public boolean`	`isAuthenticatedUserAdmin()` Returns true if authenticated user has admin role.
`public boolean`	`isAuthenticatedUserInRole([variablename role="admin"])` Returns true if the user is authenticated
`public boolean`	`isPasswordValid(string password)` Used to validate that a password matches required criteria, (eg min length)
`public boolean`	`isUserAuthenticated()` Returns true if a user is authenticated.
`public void`	`logout()` Removes all authentication cookies
`public void`	`sendForgotPasswordEmail(string email)`
`package void`	`setAuthenticationCookie([string auth_token])`
`public void`	`setHashAlgorithm([string algorithm])` Changes the hashing algorithm used. WARNING if you change this you may not be able to login without updating your data.
`package void`	`setIsAuthenticated([string user_id], [string username], [string email], [string password_hash], [string token], [string roles=""], [string auth_token=""])`
`public void`	`setKeySize([any size="256"])` Used to set the password storage key size.
`public void`	`setMinimumPasswordLength([numeric length="5"])` Used to set the minimum password length
`public void`	`setWorkFactor([any work_factor="10000"])` Used to set the password storage work factor.
`public string`	`updateUser([string user_id], [struct user])` Updates or creates a user by passing in a struct with keys email, roles, enabled, etc. Performs security checks to make sure the current user may perform this action as well. Returns the user id of the new or existing user.
`package boolean`	`verifyForgotPasswordToken([any user_id], [any token])`
`public boolean`	`verifyHash([string hashData], [string plainData])` Checks a hash value against a plain text value

fuseguard.components.authenticators Component BaseAuthenticator