Docs For Class Nexista

Description

The Nexista Auth model is setup to allow user specified handlers to be used in order to provide whatever functionality is desired. A developer can setup their preferred authentication system and hook it into the nexista core.

Each gate can be setup in the sitemap to require a role. PHP Auth methods can also be used in scripts where a particular role is required, though with judicious use, the gate role is usually all that is needed.

Note that we us the term role which may imply a role-based system but since all of the inner user-group-role workings are handled by custom functions it does not matter to nexista what system is used. One could use a complex role based system or a simple one password / one user, as desired.

To use the Authentication system, the developer needs to implement a custom Login handler and optionally a Denied, Expired and Timeout handler in the prepend file. If a user is not logged in and encounters a role requirement, the login handler will be called. This handler is responsible for authenticating the user in whatever manner is preferred, then calling the Auth::registerUser() method with an array of allowed roles for this user.

If the session of a logged in user times out, expires or if the user encounters a role they do not have, the Timeout, Expired and Denied handler will be called respectively if setup. If the required handler is not setup, then it will default to the Login handler.

Located in /kernel/auth.php (line 45)

Class Constant Summary

NX_AUTH_STATUS_ACTIVE = 0

NX_AUTH_STATUS_EXPIRED = 3

NX_AUTH_STATUS_INACTIVE = 1

NX_AUTH_STATUS_TIMEOUT = 2

Variable Summary

array $sessionData

Method Summary

static void registerDeniedHandler (mixed $handler)

static void registerExpiredHandler (mixed $handler)

static void registerLoginHandler (mixed $handler)

static void registerTimeoutHandler (mixed $handler)

static object class singleton ()

Nexista_Auth __construct ()

void checkStatus ()

mixed getSessionData ([string $name = false])

boolean registerUser ([array $roles = array()])

void removeUser ()

boolean requireRole (string $role)

void setSessionData (string $name, string $value)

void setSessionName (string $name)

Variables

array $sessionData = false (line 139)

User session data

This array keeps track of certain items such as user roles, if they are identified, what url they came from etc... It is stored in sessions.

access: public

Methods

static registerDeniedHandler (line 498)

Registers a function to be called on auth denied access

This function will be called when a user, who is already logged in somehow, encounters a role beyond their access level. It might be used to offer the user to upgrade their level or present them with a denied screem.

access: public

void registerDeniedHandler (mixed $handler)

mixed $handler: function or an array of class=>method

static registerExpiredHandler (line 516)

Registers a function to be called on auth session expiry

This function will be called when the user's session expires. It might be used to reshow a login screen.

access: public

void registerExpiredHandler (mixed $handler)

mixed $handler: function or an array of class=>method

static registerLoginHandler (line 479)

Registers a function to be called on auth login

This function will be called when the user needs a specific role for an action and has not yet logged in. It could be used to show a login screen or somehow inform user that the action needs a special role.

access: public

void registerLoginHandler (mixed $handler)

mixed $handler: function or an array of class=>method

static registerTimeoutHandler (line 532)

Registers a function to be called on auth session timeout This function will be called when the user's session times out from inactivity. It might be used to reshow a login screen.

access: public

void registerTimeoutHandler (mixed $handler)

mixed $handler: function or an array of class=>method

static singleton (line 396)

Returns a class Nexista_singleton.

return: Nexista_singleton instance
access: public

object class singleton ()

Constructor __construct (line 147)

Constructor - Inits session, config

access: public

Nexista_Auth __construct ()

checkStatus (line 431)

Checks a user's current state

This method will return the current user status as a constant:

Auth::NX_AUTH_STATUS_ACTIVE (user is logged in)
Auth::NX_AUTH_STATUS_EXPIRED (user session expired)
Auth::NX_AUTH_STATUS_TIMEOUT (user session timeout from inactivity)
Auth::NX_AUTH_STATUS_INACTIVE (user is not yet logged in)

access: public

void checkStatus ()

getSessionData (line 364)

Returns user session data

If a variable name is passed, the value for it will be returned. If no name is passed, the entire array will be returned

return: value of requested variable, or whole session data
access: public

mixed getSessionData ([string $name = false])

string $name: (optional) user session value name

registerUser (line 326)

Registers a user with valid roles

This methid is used by the login handle to register (login) the user with an array of allowed roles. These roles are called either in the sitemap tag as:

<map:gate name="somegate" role="editArticle">

or in a PHP script as:

$auth = Auth::singleton();
if(auth->requireRole('someRole'))
{
...do my stuff
}

return: success
access: public

boolean registerUser ([array $roles = array()])

array $roles: User info to register with sessions

removeUser (line 412)

Delete all session information and logout the user.

access: public

void removeUser ()

requireRole (line 214)

Require that the user has a particular role

These roles are called using the sitemap tag as:

<map:gate name="somegate" role="editArticle">

or in a PHP script as:

$auth = Auth::singleton();
if(auth->requireRole('someRole'))
{
...do my stuff
}

return: if user has role permission
access: public

boolean requireRole (string $role)

string $role: role for this action/gate

setSessionData (line 385)

Sets a user session data value

This method will set a variable value in the user session

access: public

void setSessionData (string $name, string $value)

string $name: user session variable name
string $value: user session variable value

setSessionName (line 347)

Sets the auth session name

access: public

void setSessionName (string $name)

string $name: session name

Class Constants

NX_AUTH_STATUS_ACTIVE = 0 (line 52)

user status - logged in

NX_AUTH_STATUS_EXPIRED = 3 (line 73)

user status - expired

NX_AUTH_STATUS_INACTIVE = 1 (line 59)

user status - inactive

NX_AUTH_STATUS_TIMEOUT = 2 (line 66)

user status - timed out