authenticators.BaseAuthenticator
Method Summary | |
public any |
init([any firewallInstance])
Initialize the Authenticator on firewall configure. |
package void |
auditUserEvent([string user_id="0"], string event_type, string event_description)
I log a user action |
public boolean |
authenticate(string username, string password)
I authenticate a user credential |
public boolean |
authenticateByToken([string auth_token="#getAuthenticationCookieValue()#"])
|
public boolean |
canEditUsers()
Returns true if this Authenticator supports the methods to edit users and change passwords |
public boolean |
changeForgotPassword(string email, string password, string confirm_password, string forgot_password_hash)
|
public void |
changePassword(string user_id, string old_password, string new_password, string confirm_password)
Used to change a users password |
public boolean |
constantTimeCompare([string a], [string b])
Returns true if same string. Does not return early if difference found to avoid timing flaws. |
package string |
createAuthenticationToken([string user_id], [string password_hash], [string token])
|
public void |
deleteAuthenticationCookie()
I remove the authenication cookie value. |
package string |
generateForgotPasswordToken([any user_id])
|
public string |
generateHash([string data], [string algorithm="#getHashAlgorithm()#"], [string salt="#generateToken()#"], [any work_factor="#getWorkFactor()#"], [any keysize="#getKeySize()#"])
Performs a Hash Operation |
public any |
generateToken()
Returns a token to be stored with the user account. |
public query |
getAllUsers()
Returns a query of all users with columns id,username,email,roles,enabled |
public string |
getAuthenticatedUserID()
Returns authenticated user id or 0 if not authenticated |
public string |
getAuthenticatedUserRoles()
Returns authenticated user roles or empty string if not authenticated |
public string |
getAuthenticatedUserToken()
|
public string |
getAuthenticationCookieValue()
I return authentication cookie value |
public string |
getDefaultHashAlgorithm()
Returns the default password hashing algorithm for this implementation. |
public string |
getDescription()
Returns a description of where the data is stored, eg datasource name. |
public string |
getHashAlgorithm()
Returns the hashing algorithm used to hash passwords |
public string |
getKeySize()
Returns the password storage key size |
public numeric |
getMinimumPasswordLength()
Returns the minimum password length |
public string |
getTokenType()
Returns one of AES,DES,DESEDE,BLOWFISH, or UUID |
public query |
getUserByEmail([any email])
Returns user info query by email address |
public query |
getUserByID([any user_id])
Returns a query with columns id, username, token, email, password, enabled, roles |
public string |
getWorkFactor()
Returns the password work factor |
public boolean |
isAuthenticatedUserAdmin()
Returns true if authenticated user has admin role. |
public boolean |
isAuthenticatedUserInRole([variablename role="admin"])
Returns true if the user is authenticated |
public boolean |
isPasswordValid(string password)
Used to validate that a password matches required criteria, (eg min length) |
public boolean |
isUserAuthenticated()
Returns true if a user is authenticated. |
public void |
logout()
Removes all authentication cookies |
public void |
sendForgotPasswordEmail(string email)
|
package void |
setAuthenticationCookie([string auth_token])
|
public void |
setHashAlgorithm([string algorithm])
Changes the hashing algorithm used. WARNING if you change this you may not be able to login without updating your data. |
package void |
setIsAuthenticated([string user_id], [string username], [string email], [string password_hash], [string token], [string roles=""], [string auth_token=""])
|
public void |
setKeySize([any size="256"])
Used to set the password storage key size. |
public void |
setMinimumPasswordLength([numeric length="5"])
Used to set the minimum password length |
public void |
setWorkFactor([any work_factor="10000"])
Used to set the password storage work factor. |
public string |
updateUser([string user_id], [struct user])
Updates or creates a user by passing in a struct with keys email, roles, enabled, etc. Performs security checks to make sure the current user may perform this action as well. Returns the user id of the new or existing user. |
package boolean |
verifyForgotPasswordToken([any user_id], [any token])
|
public boolean |
verifyHash([string hashData], [string plainData])
Checks a hash value against a plain text value |
Method Detail |
package void auditUserEvent([string user_id="0"], string event_type, string event_description)
[string user_id="0"]
string event_type
string event_description
public boolean authenticate(string username, string password)
string username
string password
public boolean authenticateByToken([string auth_token="#getAuthenticationCookieValue()#"])
[string auth_token="#getAuthenticationCookieValue()#"]
public boolean canEditUsers()
public boolean changeForgotPassword(string email, string password, string confirm_password, string forgot_password_hash)
string email
string password
string confirm_password
string forgot_password_hash
public void changePassword(string user_id, string old_password, string new_password, string confirm_password)
string user_id
string old_password
string new_password
string confirm_password
public boolean constantTimeCompare([string a], [string b])
[string a]
[string b]
package string createAuthenticationToken([string user_id], [string password_hash], [string token])
[string user_id]
[string password_hash]
[string token]
public void deleteAuthenticationCookie()
package string generateForgotPasswordToken([any user_id])
[any user_id]
public string generateHash([string data], [string algorithm="#getHashAlgorithm()#"], [string salt="#generateToken()#"], [any work_factor="#getWorkFactor()#"], [any keysize="#getKeySize()#"])
[string data]
[string algorithm="#getHashAlgorithm()#"]
[string salt="#generateToken()#"]
[any work_factor="#getWorkFactor()#"]
[any keysize="#getKeySize()#"]
public any generateToken()
public query getAllUsers()
public string getAuthenticatedUserID()
public string getAuthenticatedUserRoles()
public string getAuthenticatedUserToken()
public string getAuthenticationCookieValue()
public string getDefaultHashAlgorithm()
public string getDescription()
public string getHashAlgorithm()
public string getKeySize()
public numeric getMinimumPasswordLength()
public string getTokenType()
public query getUserByEmail([any email])
[any email]
public query getUserByID([any user_id])
[any user_id]
public string getWorkFactor()
public any init([any firewallInstance])
[any firewallInstance]
public boolean isAuthenticatedUserAdmin()
public boolean isAuthenticatedUserInRole([variablename role="admin"])
[variablename role="admin"]
public boolean isPasswordValid(string password)
string password
public boolean isUserAuthenticated()
public void logout()
public void sendForgotPasswordEmail(string email)
string email
package void setAuthenticationCookie([string auth_token])
[string auth_token]
public void setHashAlgorithm([string algorithm])
[string algorithm]
package void setIsAuthenticated([string user_id], [string username], [string email], [string password_hash], [string token], [string roles=""], [string auth_token=""])
[string user_id]
[string username]
[string email]
[string password_hash]
[string token]
[string roles=""]
[string auth_token=""]
public void setKeySize([any size="256"])
[any size="256"]
public void setMinimumPasswordLength([numeric length="5"])
[numeric length="5"]
public void setWorkFactor([any work_factor="10000"])
[any work_factor="10000"]
public string updateUser([string user_id], [struct user])
[string user_id]
[struct user]
package boolean verifyForgotPasswordToken([any user_id], [any token])
[any user_id]
[any token]
public boolean verifyHash([string hashData], [string plainData])
[string hashData]
[string plainData]