Created
September 20, 2010 02:12
-
-
Save colinmollenhour/587345 to your computer and use it in GitHub Desktop.
Auth_Mongo for Kohana
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php defined('SYSPATH') OR die('No direct access allowed.'); | |
| /** | |
| * Mongo Auth driver. Adapted from Kohana_Auth_ORM. | |
| */ | |
| class Auth_Mongo extends Auth { | |
| /** | |
| * Checks if a session is active. | |
| * | |
| * @param string role name | |
| * @param array collection of role names | |
| * @return boolean | |
| */ | |
| public function logged_in($role = NULL) | |
| { | |
| $status = FALSE; | |
| // Get the user from the session | |
| $user = $this->session->get($this->config['session_key']); | |
| if (is_object($user) AND $user instanceof Model_User AND $user->loaded()) | |
| { | |
| // Everything is okay so far | |
| $status = TRUE; | |
| // Inactive users are never allowed | |
| if ( ! $user->active) | |
| { | |
| $status = FALSE; | |
| } | |
| // Check for a specific role | |
| else if ( ! empty($role)) | |
| { | |
| if ($user->role == 'admin') | |
| { | |
| $status = TRUE; | |
| } | |
| else if (is_array($role)) | |
| { | |
| $status = in_array($user->role, $role); | |
| } | |
| else | |
| { | |
| $status = ($user->role === $role); | |
| } | |
| } | |
| } | |
| return $status; | |
| } | |
| /** | |
| * Logs a user in. | |
| * | |
| * @param string username | |
| * @param string password | |
| * @param boolean enable auto-login | |
| * @return boolean | |
| */ | |
| public function _login($user, $password, $remember) | |
| { | |
| if ( ! is_object($user)) | |
| { | |
| // Load the user | |
| $user = Mongo_Document::factory('user', array('username' => $user)); | |
| } | |
| // If the passwords match, perform a login | |
| if ($user->loaded() AND $user->active AND $user->password === $password) | |
| { | |
| if ($remember === TRUE) | |
| { | |
| // Create a new autologin token | |
| $token = Mongo_Document::factory('user_token'); | |
| // Set token data | |
| $token->user = $user; | |
| $token->expires = time() + $this->config['lifetime']; | |
| $token->save(); | |
| // Set the autologin cookie | |
| cookie::set('authautologin', $token->token, $this->config['lifetime']); | |
| } | |
| // Finish the login | |
| $this->complete_login($user); | |
| return TRUE; | |
| } | |
| // Login failed | |
| return FALSE; | |
| } | |
| /** | |
| * Forces a user to be logged in, without specifying a password. | |
| * | |
| * @param mixed username | |
| * @return boolean | |
| */ | |
| public function force_login($user) | |
| { | |
| if ( ! is_object($user)) | |
| { | |
| // Load the user | |
| $user = Mongo_Document::factory('user', array('username' => $user)); | |
| if( ! $user->loaded()) | |
| { | |
| return FALSE; | |
| } | |
| } | |
| // Mark the session as forced, to prevent users from changing account information | |
| $_SESSION['auth_forced'] = TRUE; | |
| // Run the standard completion | |
| return $this->complete_login($user); | |
| } | |
| /** | |
| * Logs a user in, based on the authautologin cookie. | |
| * | |
| * @return boolean | |
| */ | |
| public function auto_login() | |
| { | |
| if ($token = cookie::get('authautologin')) | |
| { | |
| // Load the token and user | |
| $token = Mongo_Document::factory('user_token', array('token' => $token)); | |
| if ($token->loaded() AND $token->user->loaded()) | |
| { | |
| if ($token->user_agent === sha1(Request::$user_agent)) | |
| { | |
| // Save the token to create a new unique token | |
| $token->save(); | |
| // Set the new token | |
| cookie::set('authautologin', $token->token, $token->expires - time()); | |
| // Complete the login with the found data | |
| $this->complete_login($token->user); | |
| // Automatic login was successful | |
| return TRUE; | |
| } | |
| // Token is invalid | |
| $token->delete(); | |
| } | |
| } | |
| return FALSE; | |
| } | |
| /** | |
| * Log a user out and remove any auto-login cookies. | |
| * | |
| * @param boolean completely destroy the session | |
| * @param boolean remove all tokens for user | |
| * @return boolean | |
| */ | |
| public function logout($destroy = FALSE, $logout_all = FALSE) | |
| { | |
| if ($token = cookie::get('authautologin')) | |
| { | |
| // Delete the autologin cookie to prevent re-login | |
| cookie::delete('authautologin'); | |
| // Clear the autologin token from the database | |
| $token = Mongo_Document::factory('user_token', array('token' => $token)); | |
| if ($token->loaded() AND $logout_all) | |
| { | |
| $token->collection()->remove(array('_user' => $token->_user)); | |
| } | |
| elseif ($token->loaded()) | |
| { | |
| $token->delete(); | |
| } | |
| } | |
| return parent::logout($destroy); | |
| } | |
| /** | |
| * Get the stored password for a username. | |
| * | |
| * @param mixed username | |
| * @return string | |
| */ | |
| public function password($user) | |
| { | |
| if ( ! is_object($user)) | |
| { | |
| // Load the user | |
| $user = Mongo_Document::factory('user', array('username' => $user)); | |
| } | |
| return $user->password; | |
| } | |
| /** | |
| * Complete the login for a user by incrementing the logins and setting | |
| * session data: user_id, username, roles | |
| * | |
| * @param object user model object | |
| * @return void | |
| */ | |
| protected function complete_login($user) | |
| { | |
| // Update the number of logins | |
| $user->inc('logins'); | |
| // Set the last login date | |
| $user->last_login = time(); | |
| // Save the user | |
| $user->save(); | |
| return parent::complete_login($user); | |
| } | |
| } // End Auth_Mongo |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment