Class WFAuthorizationManager

Description
Description | Vars (details) | Methods (details) Constants (details)

The WFAuthorizationManager helps the application manage user authentication, login, and access control.

By default, a web application has no login capabilities and thus all users are unprivileged.

WFAuthorizationManager works in conjuction with the bundled "login" module. The following is the public interface of the login module (via invocationPath redirects)

  • promptLogin/<continueURL:base64>
  • doLogout
  • notAuthorized
You can reliably link to the above listed invocationPaths from your application.

  • todo: Remember-me logins not yet implemented.
  • todo: captcha option

Located in /framework/WFAuthorization.php (line 251) 

WFObject
   |
   --WFAuthorizationManager
Class Constant Summary
Description | Constants (details) Vars (details) | | Methods (details)
ALLOW = 1
DENY = 2
RECENT_LOGIN_SECS = 900
SESSION_KEY_AUTHORIZATION_INFO = 'authorizationInfo'
SESSION_KEY_LOGGED_IN = 'isLoggedIn'
SESSION_KEY_RECENT_LOGIN_TIME = 'recentLoginTime'
SESSION_KEY_VERSION = 'version'
SESSION_NAMESPACE = 'WFAuthorizationManager'
VERSION = 1.0
Variable Summary
Description | Vars (details) | Methods (details) Constants (details)
object WFAuthorizationDelegate $authorizationDelegate
object WFAuthorizationInfo $authorizationInfo
Method Summary
Description | Constants (details) Vars (details) | Methods (details)
static object The sharedAuthorizationManager ()
WFAuthorizationManager __construct ()
object WFAuthorizationInfo authorizationInfo ()
string defaultLoginContinueURL ()
string defaultLogoutContinueURL ()
void doLoginRedirect (string $continueURL)
void init ()
boolean login (string $username, string $password, [boolean $passIsToken = false])
mixed loginFailedMessage (string $username)
string loginInvocationPath ()
string loginMessage ()
void logout ()
string resetPassword (string $username)
void setDelegate (object An $d)
boolean shouldEnableForgottenPasswordReset ()
boolean shouldEnableRememberMe ()
boolean shouldRememberMeByDefault ()
boolean shouldShowLogoutConfirmation ()
string usernameLabel ()
Variables
Description | Vars (details) Constants (details) | Methods (details)
object WFAuthorizationDelegate $authorizationDelegate (line 273)
  • var: The delegate object for handling authorization-related things.
  • access: protected
object WFAuthorizationInfo $authorizationInfo (line 269)
  • var: The authorization info for the current session.
  • access: protected
Methods
Description | Vars (details) Constants (details) Methods (details)
static method sharedAuthorizationManager (line 321)

Get a reference to the shared WFAuthorizationManager object.

  • return: WFAuthorizationManager object.
  • access: public
static object The sharedAuthorizationManager ()
Constructor __construct (line 275)
WFAuthorizationManager __construct ()
Redefinition of:
WFObject::__construct()
authorizationInfo (line 335)

Get the current auth info.

  • return: The active WFAuthorizationInfo info.
object WFAuthorizationInfo authorizationInfo ()
defaultLoginContinueURL (line 444)

The URL to continue to if the user logs in but there is no "continue to url" set.

Will call the login delegate method to get info as well.

string defaultLoginContinueURL ()
defaultLogoutContinueURL (line 471)

The URL to continue to if the user logs out.

Will call the login delegate method.

If NULL, no redirect will be performed, and just a message saying "Logout successful" will be seen.

string defaultLogoutContinueURL ()
doLoginRedirect (line 407)

Cause the visitor to be re-directed to the login page.

OPTIONAL: "continueURL" support.

This will issue a 302 redirect and exit the current request execution.

void doLoginRedirect (string $continueURL)
  • string $continueURL: The URL of the page to go to after successful login. Note that this should be a PLAIN URL, but it WILL BE base64-encoded before being passed to the login module.
init (line 308)

Initialize the auth manager to the default state.

void init ()
login (line 371)

Attempt to authorize the user with the given name/password.

This will call the delegate's login function to authenticate and get the authorizationInfo.

boolean login (string $username, string $password, [boolean $passIsToken = false])
  • string $username: The username to use for the authentication.
  • string $password: The password to use for the authentication.
  • boolean $passIsToken: TRUE if the password is in "token" form; ie, not the clear-text password. Useful for remember-me logins or single-sign-on (SSO) setups.
loginFailedMessage (line 599)

The message to display to a use on unsuccessful login.

Will call the login delegate method.

  • return: string: The message to display on failed login. array of strings; Multiple messages to display (as list items). DEFAULT: string:"Login username or password is not valid."
  • see: WFAuthorizationDelegate::loginFailedMessage()
mixed loginFailedMessage (string $username)
  • string $username: The username that the attempted login was for.
loginInvocationPath (line 419)

Get the login modulePath to use.

  • return: The modulePath for the login module. The module at the given path must implement promptLogin/doLogout/notAuthorized
string loginInvocationPath ()
loginMessage (line 556)

The login help message that should be displayed above the login box.

Will call the login delegate method.

string loginMessage ()
logout (line 355)

Logout the current session.

void logout ()
resetPassword (line 649)

Reset the password for the given user.

Your delegate method should craft an email or such to that user with the new password info. If there is a problem (ie user doesn't exist) throw a WFException with an appropriate message to be displyed. If not, just send your email and that's it. The default implementation will show an appropriate confirmation message.

Alternatively, if you have more complicated reset password logic you want to implement, throw a WFRedirectRequestException.

Will call the login delegate method.

  • return: The message to show the user on successful password reset.
  • see: WFAuthorizationDelegate::resetPassword($username)
  • throws: object WFException If the password cannot be reset, throw a WFException with the message to be displayed as the string.
string resetPassword (string $username)
  • string $username: The username that the attempted login was for.
setDelegate (line 347)

Set the WFAuthorizationDelegate to use.

The WFWebApplication will usually do this for you.

void setDelegate (object An $d)
  • object An $d: object that implements WFAuthorizationDelegate.
shouldEnableForgottenPasswordReset (line 620)

Should a "forgot your password" link be shown?

Will call the login delegate method.

boolean shouldEnableForgottenPasswordReset ()
shouldEnableRememberMe (line 513)

Should the login interface have a "remember me" checkbox?

Will call the login delegate method.

boolean shouldEnableRememberMe ()
shouldRememberMeByDefault (line 535)

If "remember me" is enabled with shouldEnableRememberMe, should "remember me" be checked by default?

Will call the login delegate method.

boolean shouldRememberMeByDefault ()
shouldShowLogoutConfirmation (line 492)

Should there be an interstitial "You have logged out successfully, click here to continue", or should logout immediately redirect to defaultLogoutContinueURL()?

Will call login delegate.

boolean shouldShowLogoutConfirmation ()
usernameLabel (line 577)

The label to use for the "username" field.

Will call the login delegate method.

string usernameLabel ()

Inherited Methods

Inherited From WFObject

WFObject::__construct()
WFObject::exposedProperties()
WFObject::getClass()
WFObject::keyPathToTargetAndKey()
WFObject::setValueForKey()
WFObject::setValueForKeyPath()
WFObject::validateValueForKey()
WFObject::validateValueForKeyPath()
WFObject::valueForKey()
WFObject::valueForKeyPath()
WFObject::valueForUndefinedKey()
WFObject::__toString()
Class Constants
Description | Constants (details) Vars (details) | Methods (details)
ALLOW = 1 (line 263)
DENY = 2 (line 264)
RECENT_LOGIN_SECS = 900 (line 261)
SESSION_KEY_AUTHORIZATION_INFO = 'authorizationInfo' (line 257)
SESSION_KEY_LOGGED_IN = 'isLoggedIn' (line 256)
SESSION_KEY_RECENT_LOGIN_TIME = 'recentLoginTime' (line 258)
SESSION_KEY_VERSION = 'version' (line 255)
SESSION_NAMESPACE = 'WFAuthorizationManager' (line 253)
VERSION = 1.0 (line 260)

Documentation generated on Thu, 17 Apr 2008 13:51:31 -0400 by phpDocumentor 1.4.1