Skip to content

Instantly share code, notes, and snippets.

@colinmollenhour
Created September 20, 2010 02:12
Show Gist options
  • Save colinmollenhour/587345 to your computer and use it in GitHub Desktop.
Save colinmollenhour/587345 to your computer and use it in GitHub Desktop.
Auth_Mongo for Kohana
<?php defined('SYSPATH') OR die('No direct access allowed.');
/**
* Mongo Auth driver. Adapted from Kohana_Auth_ORM.
*/
class Auth_Mongo extends Auth {
/**
* Checks if a session is active.
*
* @param string role name
* @param array collection of role names
* @return boolean
*/
public function logged_in($role = NULL)
{
$status = FALSE;
// Get the user from the session
$user = $this->session->get($this->config['session_key']);
if (is_object($user) AND $user instanceof Model_User AND $user->loaded())
{
// Everything is okay so far
$status = TRUE;
// Inactive users are never allowed
if ( ! $user->active)
{
$status = FALSE;
}
// Check for a specific role
else if ( ! empty($role))
{
if ($user->role == 'admin')
{
$status = TRUE;
}
else if (is_array($role))
{
$status = in_array($user->role, $role);
}
else
{
$status = ($user->role === $role);
}
}
}
return $status;
}
/**
* Logs a user in.
*
* @param string username
* @param string password
* @param boolean enable auto-login
* @return boolean
*/
public function _login($user, $password, $remember)
{
if ( ! is_object($user))
{
// Load the user
$user = Mongo_Document::factory('user', array('username' => $user));
}
// If the passwords match, perform a login
if ($user->loaded() AND $user->active AND $user->password === $password)
{
if ($remember === TRUE)
{
// Create a new autologin token
$token = Mongo_Document::factory('user_token');
// Set token data
$token->user = $user;
$token->expires = time() + $this->config['lifetime'];
$token->save();
// Set the autologin cookie
cookie::set('authautologin', $token->token, $this->config['lifetime']);
}
// Finish the login
$this->complete_login($user);
return TRUE;
}
// Login failed
return FALSE;
}
/**
* Forces a user to be logged in, without specifying a password.
*
* @param mixed username
* @return boolean
*/
public function force_login($user)
{
if ( ! is_object($user))
{
// Load the user
$user = Mongo_Document::factory('user', array('username' => $user));
if( ! $user->loaded())
{
return FALSE;
}
}
// Mark the session as forced, to prevent users from changing account information
$_SESSION['auth_forced'] = TRUE;
// Run the standard completion
return $this->complete_login($user);
}
/**
* Logs a user in, based on the authautologin cookie.
*
* @return boolean
*/
public function auto_login()
{
if ($token = cookie::get('authautologin'))
{
// Load the token and user
$token = Mongo_Document::factory('user_token', array('token' => $token));
if ($token->loaded() AND $token->user->loaded())
{
if ($token->user_agent === sha1(Request::$user_agent))
{
// Save the token to create a new unique token
$token->save();
// Set the new token
cookie::set('authautologin', $token->token, $token->expires - time());
// Complete the login with the found data
$this->complete_login($token->user);
// Automatic login was successful
return TRUE;
}
// Token is invalid
$token->delete();
}
}
return FALSE;
}
/**
* Log a user out and remove any auto-login cookies.
*
* @param boolean completely destroy the session
* @param boolean remove all tokens for user
* @return boolean
*/
public function logout($destroy = FALSE, $logout_all = FALSE)
{
if ($token = cookie::get('authautologin'))
{
// Delete the autologin cookie to prevent re-login
cookie::delete('authautologin');
// Clear the autologin token from the database
$token = Mongo_Document::factory('user_token', array('token' => $token));
if ($token->loaded() AND $logout_all)
{
$token->collection()->remove(array('_user' => $token->_user));
}
elseif ($token->loaded())
{
$token->delete();
}
}
return parent::logout($destroy);
}
/**
* Get the stored password for a username.
*
* @param mixed username
* @return string
*/
public function password($user)
{
if ( ! is_object($user))
{
// Load the user
$user = Mongo_Document::factory('user', array('username' => $user));
}
return $user->password;
}
/**
* Complete the login for a user by incrementing the logins and setting
* session data: user_id, username, roles
*
* @param object user model object
* @return void
*/
protected function complete_login($user)
{
// Update the number of logins
$user->inc('logins');
// Set the last login date
$user->last_login = time();
// Save the user
$user->save();
return parent::complete_login($user);
}
} // End Auth_Mongo
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment