Authentication
Authentication
Introduction
All the classes of the Auth system live in the namespace Auth and is implemented as a reference structure for User Authentication in the \App\ namespace.
To note that additional Route Filters are also added to support this reference implementation, and the proper configuration of a valid ENCRYPT_KEY is required.
Being a Users Management, a Database is required and in scripts/nova_users.sql you will find the associated MySQL dump for a users table.
The App\Controllers\Users also implements a small private area for the authenticated User. The private area is a simple Dashboard and a Profile page, where the users have the ability to change their password.
Important: Nova's Authentication uses the new Database API and not the Helpers\Database. If you choose to use the Nova Authentication, you would need to use the new Database API in the whole application and to not touch the Helpers\Database instances.
Configuration
Nova aims to make implementing authentication very simple. In fact, almost everything is configured for you out of the box. The authentication configuration file is located at app/Config/Auth.php, which contains several well documented options for tweaking the behavior of the authentication facilities.
By default, Nova includes a User model in your app/Models directory which may be used with the default extended authentication driver, which uses Database\ORM.
If your application is not using ORM, you may use the database authentication driver which uses the Nova query builder.
Storing Passwords
The Nova Hash class provides secure Bcrypt hashing:
Hashing A Password Using Bcrypt
$password = Hash::make('secret');
Verifying A Password Against A Hash
if (Hash::check('secret', $hashedPassword))
{
// The passwords match...
}
Checking If A Password Needs To Be Rehashed
if (Hash::needsRehash($hashed))
{
$hashed = Hash::make('secret');
}
Authenticating Users
To log a user into your application, you may use the Auth::attempt method.
if (Auth::attempt(array('email' => $email, 'password' => $password)))
{
// User is authenticated there.
}
Take note that email is not a required option, it is merely used for an example. You should use whatever column name corresponds to a "username" in your database. The Redirect::intended function will redirect the user to the URL they were trying to access before being caught by the authentication filter. A fallback URI may be given to this method in case the intended destination is not available.
When the attempt method is called, the auth.attempt event will be fired. If the authentication attempt is successful and the user is logged in, the auth.login event will be fired as well.
Determining If A User Is Authenticated
To determine if the user is already logged into your application, you may use the check method:
if (Auth::check())
{
// The user is logged in...
}
Authenticating A User And "Remembering" Them
If you would like to provide "remember me" functionality in your application, you may pass true as the second argument to the attempt method, which will keep the user authenticated indefinitely (or until they manually logout). Of course, your users table must include the string remember_token column, which will be used to store the "remember me" token.
if (Auth::attempt(array('email' => $email, 'password' => $password), true))
{
// The user is being remembered...
}
Note: If the attempt method returns true, the user is considered logged into the application.
Determining If User Authed Via Remember
If you are "remembering" user logins, you may use the viaRemember method to determine if the user was authenticated using the "remember me" cookie:
if (Auth::viaRemember())
{
//
}
Authenticating A User With Conditions
You also may add extra conditions to the authenticating query:
if (Auth::attempt(array('email' => $email, 'password' => $password, 'active' => 1)))
{
// The user is active, not suspended, and exists.
}
Note: For added protection against session fixation, the user's session ID will automatically be regenerated after authenticating.
Accessing The Logged In User
Once a user is authenticated, you may access the User model / record:
$email = Auth::user()->email;
To retrieve the authenticated user's ID, you may use the id method:
$id = Auth::id();
To simply log a user into the application by their ID, use the loginUsingId method:
Auth::loginUsingId(1);
Validating User Credentials Without Login
The validate method allows you to validate a user's credentials without actually logging them into the application:
if (Auth::validate($credentials))
{
//
}
Logging A User In For A Single Request
You may also use the once method to log a user into the application for a single request. No sessions or cookies will be utilized.
if (Auth::once($credentials))
{
//
}
Logging A User Out Of The Application
Auth::logout();
Basic Usage
public function postLogin()
{
// Retrieve the Authentication credentials.
$credentials = Input::only('username', 'password');
// Prepare the 'remember' parameter.
$remember = (Input::get('remember') == 'on');
// Make an attempt to login the Guest with the given credentials.
if(! Auth::attempt($credentials, $remember)) {
// An error has happened on authentication.
$status = __d('users', 'Wrong username or password.');
return Redirect::back()->withStatus($status, 'danger');
}
// The User is authenticated now; retrieve his Model instance.
$user = Auth::user();
if (Hash::needsRehash($user->password)) {
$password = $credentials['password'];
$user->password = Hash::make($password);
// Save the User Model instance - used with the Extended Auth Driver.
$user->save();
// Save the User Model instance - used with the Database Auth Driver.
//$this->model->updateGenericUser($user);
}
if($user->active == 0) {
Auth::logout();
// User not activated; logout and redirect him back.
$status = __d('users', 'There is a problem. Have you activated your Account?');
return Redirect::back()->withStatus($status, 'warning');
}
// Prepare the flash message.
$status = __d('users', '<b>{0}</b>, you have successfully logged in.', $user->username);
// Redirect to the User's Dashboard.
return Redirect::to('admin/dashboard')->withStatus($status);
}
Authentication的更多相关文章
- WCF : 修复 Security settings for this service require Windows Authentication but it is not enabled for the IIS application that hosts this service 问题
摘要 : 最近遇到了一个奇怪的 WCF 安全配置问题, WCF Service 上面配置了Windows Authentication. IIS上也启用了 Windows Authentication ...
- Atitit HTTP 认证机制基本验证 (Basic Authentication) 和摘要验证 (Digest Authentication)attilax总结
Atitit HTTP认证机制基本验证 (Basic Authentication) 和摘要验证 (Digest Authentication)attilax总结 1.1. 最广泛使用的是基本验证 ( ...
- [转]Web APi之认证(Authentication)及授权(Authorization)【一】(十二)
本文转自:http://www.cnblogs.com/CreateMyself/p/4856133.html 前言 无论是ASP.NET MVC还是Web API框架,在从请求到响应这一过程中对于请 ...
- smtplib.SMTPAuthenticationError: (535, b'Error: authentication failed')解决办法
raise SMTPAuthenticationError(code, resp) smtplib.SMTPAuthenticationError: (535, b'Error: authentica ...
- SharePoint Claim base authentication EnsureUser 不带claim(i:0#.w|)user Failed
环境信息: 带有Form base authentication(FBA).Active Directory Federation Services(ADFS).以及windows Authentic ...
- 执行ssh-add时出现Could not open a connection to your authentication agent
若执行ssh-add /path/to/xxx.pem是出现这个错误:Could not open a connection to your authentication agent,则先执行如下命令 ...
- Google Authentication的实现 - Odoo 安全登录
在前边的一篇文章中,我们提到了利用二次验证增强Odoo登录的可靠性:http://www.cnblogs.com/kfx2007/p/6023991.html 今天我们来具体实现这一步: 后端的实现 ...
- Form authentication(表单认证)问题
前言 最近在做ASP.NET MVC中表单认证时出了一些问题,特此记录. 问题 进行表单认证时,在 PostAuthenticateRequest 事件中从Cookie值中解密票据.如下: prote ...
- Web APi之认证(Authentication)及授权(Authorization)【一】(十二)
前言 无论是ASP.NET MVC还是Web API框架,在从请求到响应这一过程中对于请求信息的认证以及认证成功过后对于访问页面的授权是极其重要的,用两节来重点来讲述这二者,这一节首先讲述一下关于这二 ...
- 【记录】ASP.NET MVC 4/5 Authentication 身份验证无效
在 ASP.NET MVC 4/5 应用程序发布的时候,遇到一个问题,在本应用程序中进行身份验证是可以,但不能和其他"二级域名"共享,在其他应用程序身份验证,不能和本应用程序共享, ...
随机推荐
- C#日期时间格式化
日期转化一为了达到不同的显示效果有时,我们需要对时间进行转化,默认格式为:2007-01-03 14:33:34 ,要转化为其他格式,要用到DateTime.ToString的方法(String, I ...
- FZU 2214 Knapsack dp (转化背包)
就是一个背包裸题,由于物品的重量太大,开不了这么大的数组 所以转化一下,由于价值总和不大于5000,所以把价值看作重量,重量看作价值,那么就是同样的价值下,求一个最轻的重量 #include<c ...
- sql经典语句
1.表形式如下:Year Salary2000 10002001 20002002 30002003 4000想得到如下形式的查询结 ...
- MapReduce概述,原理,执行过程
MapReduce概述 MapReduce是一种分布式计算模型,运行时不会在一台机器上运行.hadoop是分布式的,它是运行在很多的TaskTracker之上的. 在我们的TaskTracker上面跑 ...
- 【Zookeeper学习】Zookeeper-3.4.6安装部署
[时间]2014年11月19日 [平台]Centos 6.5 [工具] [软件]jdk-7u67-linux-x64.rpm zookeeper-3.4.6.tar.gz [步骤] 1. 准备条件 ( ...
- Sort--冒泡排序
冒泡排序 public class BubbleSort { public static void bubblesort(int[] a){ for(int i=0;i<a.length-1;i ...
- python 使用@property
在绑定属性时,如果我们直接把属性暴露出去,虽然写起来很简单,但是,没办法检查参数,导致可以把成绩随便改: s = Student() s.score = 9999 这显然不合逻辑.为了限制score的 ...
- jquery判断input值不为空 val()
<input type="text" class="searchbox" /> <script type='text/javascript'& ...
- Java数据类型(一)
1 public class VarDemo 2 { 3 public static void main(String []args){ 4 //先声明后赋值 5 int number; 6 numb ...
- in和exists的区别与SQL执行效率
in和exists的区别与SQL执行效率最近很多论坛又开始讨论in和exists的区别与SQL执行效率的问题,本文特整理一些in和exists的区别与SQL执行效率分析 SQL中in可以分为三类: 1 ...