Authentication

Introduction

All the classes of the Auth system live in the namespace Auth and is implemented as a reference structure for User Authentication in the \App\ namespace.

To note that additional Route Filters are also added to support this reference implementation, and the proper configuration of a valid ENCRYPT_KEY is required.

Being a Users Management, a Database is required and in scripts/nova_users.sql you will find the associated MySQL dump for a users table.

The App\Controllers\Users also implements a small private area for the authenticated User. The private area is a simple Dashboard and a Profile page, where the users have the ability to change their password.

Important: Nova's Authentication uses the new Database API and not the Helpers\Database. If you choose to use the Nova Authentication, you would need to use the new Database API in the whole application and to not touch the Helpers\Database instances.

Configuration

Nova aims to make implementing authentication very simple. In fact, almost everything is configured for you out of the box. The authentication configuration file is located at app/Config/Auth.php, which contains several well documented options for tweaking the behavior of the authentication facilities.

By default, Nova includes a User model in your app/Models directory which may be used with the default extended authentication driver, which uses Database\ORM.

If your application is not using ORM, you may use the database authentication driver which uses the Nova query builder.

Storing Passwords

The Nova Hash class provides secure Bcrypt hashing:

Hashing A Password Using Bcrypt

$password = Hash::make('secret');

Verifying A Password Against A Hash

if (Hash::check('secret', $hashedPassword))
{
// The passwords match...
}

Checking If A Password Needs To Be Rehashed

if (Hash::needsRehash($hashed))
{
$hashed = Hash::make('secret');
}

Authenticating Users

To log a user into your application, you may use the Auth::attempt method.

if (Auth::attempt(array('email' => $email, 'password' => $password)))
{
// User is authenticated there.
}

Take note that email is not a required option, it is merely used for an example. You should use whatever column name corresponds to a "username" in your database. The Redirect::intended function will redirect the user to the URL they were trying to access before being caught by the authentication filter. A fallback URI may be given to this method in case the intended destination is not available.

When the attempt method is called, the auth.attempt event will be fired. If the authentication attempt is successful and the user is logged in, the auth.login event will be fired as well.

Determining If A User Is Authenticated

To determine if the user is already logged into your application, you may use the check method:

if (Auth::check())
{
// The user is logged in...
}

Authenticating A User And "Remembering" Them

If you would like to provide "remember me" functionality in your application, you may pass true as the second argument to the attempt method, which will keep the user authenticated indefinitely (or until they manually logout). Of course, your users table must include the string remember_token column, which will be used to store the "remember me" token.

if (Auth::attempt(array('email' => $email, 'password' => $password), true))
{
// The user is being remembered...
}

Note: If the attempt method returns true, the user is considered logged into the application.

Determining If User Authed Via Remember

If you are "remembering" user logins, you may use the viaRemember method to determine if the user was authenticated using the "remember me" cookie:

if (Auth::viaRemember())
{
//
}

Authenticating A User With Conditions

You also may add extra conditions to the authenticating query:

if (Auth::attempt(array('email' => $email, 'password' => $password, 'active' => 1)))
{
// The user is active, not suspended, and exists.
}

Note: For added protection against session fixation, the user's session ID will automatically be regenerated after authenticating.

Accessing The Logged In User

Once a user is authenticated, you may access the User model / record:

$email = Auth::user()->email;

To retrieve the authenticated user's ID, you may use the id method:

$id = Auth::id();

To simply log a user into the application by their ID, use the loginUsingId method:

Auth::loginUsingId(1);

Validating User Credentials Without Login

The validate method allows you to validate a user's credentials without actually logging them into the application:

if (Auth::validate($credentials))
{
//
}

Logging A User In For A Single Request

You may also use the once method to log a user into the application for a single request. No sessions or cookies will be utilized.

if (Auth::once($credentials))
{
//
}

Logging A User Out Of The Application

Auth::logout();

Basic Usage

    public function postLogin()
{
// Retrieve the Authentication credentials.
$credentials = Input::only('username', 'password'); // Prepare the 'remember' parameter.
$remember = (Input::get('remember') == 'on'); // Make an attempt to login the Guest with the given credentials.
if(! Auth::attempt($credentials, $remember)) {
// An error has happened on authentication.
$status = __d('users', 'Wrong username or password.'); return Redirect::back()->withStatus($status, 'danger');
} // The User is authenticated now; retrieve his Model instance.
$user = Auth::user(); if (Hash::needsRehash($user->password)) {
$password = $credentials['password']; $user->password = Hash::make($password); // Save the User Model instance - used with the Extended Auth Driver.
$user->save(); // Save the User Model instance - used with the Database Auth Driver.
//$this->model->updateGenericUser($user);
} if($user->active == 0) {
Auth::logout(); // User not activated; logout and redirect him back.
$status = __d('users', 'There is a problem. Have you activated your Account?'); return Redirect::back()->withStatus($status, 'warning');
} // Prepare the flash message.
$status = __d('users', '<b>{0}</b>, you have successfully logged in.', $user->username); // Redirect to the User's Dashboard.
return Redirect::to('admin/dashboard')->withStatus($status);
}

Authentication的更多相关文章

  1. WCF : 修复 Security settings for this service require Windows Authentication but it is not enabled for the IIS application that hosts this service 问题

    摘要 : 最近遇到了一个奇怪的 WCF 安全配置问题, WCF Service 上面配置了Windows Authentication. IIS上也启用了 Windows Authentication ...

  2. Atitit HTTP 认证机制基本验证 (Basic Authentication) 和摘要验证 (Digest Authentication)attilax总结

    Atitit HTTP认证机制基本验证 (Basic Authentication) 和摘要验证 (Digest Authentication)attilax总结 1.1. 最广泛使用的是基本验证 ( ...

  3. [转]Web APi之认证(Authentication)及授权(Authorization)【一】(十二)

    本文转自:http://www.cnblogs.com/CreateMyself/p/4856133.html 前言 无论是ASP.NET MVC还是Web API框架,在从请求到响应这一过程中对于请 ...

  4. smtplib.SMTPAuthenticationError: (535, b'Error: authentication failed')解决办法

    raise SMTPAuthenticationError(code, resp) smtplib.SMTPAuthenticationError: (535, b'Error: authentica ...

  5. SharePoint Claim base authentication EnsureUser 不带claim(i:0#.w|)user Failed

    环境信息: 带有Form base authentication(FBA).Active Directory Federation Services(ADFS).以及windows Authentic ...

  6. 执行ssh-add时出现Could not open a connection to your authentication agent

    若执行ssh-add /path/to/xxx.pem是出现这个错误:Could not open a connection to your authentication agent,则先执行如下命令 ...

  7. Google Authentication的实现 - Odoo 安全登录

    在前边的一篇文章中,我们提到了利用二次验证增强Odoo登录的可靠性:http://www.cnblogs.com/kfx2007/p/6023991.html 今天我们来具体实现这一步: 后端的实现 ...

  8. Form authentication(表单认证)问题

    前言 最近在做ASP.NET MVC中表单认证时出了一些问题,特此记录. 问题 进行表单认证时,在 PostAuthenticateRequest 事件中从Cookie值中解密票据.如下: prote ...

  9. Web APi之认证(Authentication)及授权(Authorization)【一】(十二)

    前言 无论是ASP.NET MVC还是Web API框架,在从请求到响应这一过程中对于请求信息的认证以及认证成功过后对于访问页面的授权是极其重要的,用两节来重点来讲述这二者,这一节首先讲述一下关于这二 ...

  10. 【记录】ASP.NET MVC 4/5 Authentication 身份验证无效

    在 ASP.NET MVC 4/5 应用程序发布的时候,遇到一个问题,在本应用程序中进行身份验证是可以,但不能和其他"二级域名"共享,在其他应用程序身份验证,不能和本应用程序共享, ...

随机推荐

  1. HTML.ActionLink 和 Url.Action 的区别

    html.ActionLink生成一个<a href=".."></a>标记.而Url.Action只返回一个url.例如:@Html.ActionLink ...

  2. 在SharePoint 2010中创建网站的权限级别

    转:http://www.360sps.com/Item/CreatePermissionLevels.aspx 权限级别是SharePoint 2010新增加的功能,使我们对权限的设置又提高了一个层 ...

  3. C# 网页图片爬虫的几种技术基础

    一.文件流方式获取网络图片资源 方法1 , ); System.Net.WebRequest webreq = System.Net.WebRequest.Create(url); System.Ne ...

  4. [Bhatia.Matrix Analysis.Solutions to Exercises and Problems]ExI.2.10

    (1). The numerical radius defines a norm on $\scrL(\scrH)$. (2). $w(UAU^*)=w(A)$ for all $U\in \U(n) ...

  5. java jvm学习笔记三(class文件检验器)

    欢迎装载请说明出处:http://blog.csdn.net/yfqnihao 前面的学习我们知道了class文件被类装载器所装载,但是在装载class文件之前或之后,class文件实际上还需要被校验 ...

  6. 黑盒测试用例设计方法&理论结合实际 -> 因果图法

    一. 概念 因果图法是一种利用图解法分析输入的各种组合情况,从而设计测试用例的方法,它适合于检查程序输入条件的各种组合情况 二. 因果图法的应用 等价类划分法和边界值分析方法都是着重考虑输入条件,但没 ...

  7. Android_1_渐变背景色

    首先创建一个渐变背景色文件drawable-mdpi/bg_color.xml <?xml version="1.0" encoding="utf-8"? ...

  8. -Xms 和 -Xmx 不能设置的太大

    之前我一直有一个疑问,就是-Xms 和 -Xmx不是设置的越大越好吗?现在才明白怎么回事. 通过在命令行中执行 java 或者启动某种基于 Java 的中间件来运行 Java 应用程序时,Java 运 ...

  9. 导入showb时候出错--2015-12-4

    [root@cache-02 ~]# /opt/coreseek/csftweb-bash: /opt/coreseek/csftweb: is a directory[root@cache-02 ~ ...

  10. Java WebService简单使用

    一直在写java但从来没有使用webservice,在网上查了下资料写个简单的使用放这里做备份 具体步骤: 1.新建一个java工程在里面写一个类(服务端)如下: package com.webser ...