|
1
|
|
|
<?php |
|
2
|
|
|
/** |
|
3
|
|
|
* Copyright 2016 - 2018, Cake Development Corporation (http://cakedc.com) |
|
4
|
|
|
* |
|
5
|
|
|
* Licensed under The MIT License |
|
6
|
|
|
* Redistributions of files must retain the above copyright notice. |
|
7
|
|
|
* |
|
8
|
|
|
* @copyright Copyright 2016 - 2018, Cake Development Corporation (http://cakedc.com) |
|
9
|
|
|
* @license MIT License (http://www.opensource.org/licenses/mit-license.php) |
|
10
|
|
|
*/ |
|
11
|
|
|
|
|
12
|
|
|
/** |
|
13
|
|
|
* CakePHP(tm) : Rapid Development Framework (http://cakephp.org) |
|
14
|
|
|
* Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org) |
|
15
|
|
|
* |
|
16
|
|
|
* Licensed under The MIT License |
|
17
|
|
|
* For full copyright and license information, please see the LICENSE.txt |
|
18
|
|
|
* Redistributions of files must retain the above copyright notice. |
|
19
|
|
|
* |
|
20
|
|
|
* @copyright Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org) |
|
21
|
|
|
* @link http://cakephp.org CakePHP(tm) Project |
|
22
|
|
|
* @since 0.10.0 |
|
23
|
|
|
* @license http://www.opensource.org/licenses/mit-license.php MIT License |
|
24
|
|
|
*/ |
|
25
|
|
|
|
|
26
|
|
|
namespace CakeDC\Api\Service\Auth\Authenticate; |
|
27
|
|
|
|
|
28
|
|
|
use Cake\Http\Response; |
|
29
|
|
|
use Cake\Http\ServerRequest; |
|
30
|
|
|
|
|
31
|
|
|
/** |
|
32
|
|
|
* Class FormAuthenticate. |
|
33
|
|
|
*/ |
|
34
|
|
|
class FormAuthenticate extends BaseAuthenticate |
|
35
|
|
|
{ |
|
36
|
|
|
|
|
37
|
|
|
/** |
|
38
|
|
|
* Checks the fields to ensure they are supplied. |
|
39
|
|
|
* |
|
40
|
|
|
* @param \Cake\Http\ServerRequest $request The request that contains login information. |
|
41
|
|
|
* @param array $fields The fields to be checked. |
|
42
|
|
|
* @return bool False if the fields have not been supplied. True if they exist. |
|
43
|
|
|
*/ |
|
44
|
4 |
|
protected function _checkFields(ServerRequest $request, array $fields) |
|
45
|
|
|
{ |
|
46
|
4 |
|
foreach ([$fields['username'], $fields['password']] as $field) { |
|
47
|
4 |
|
$value = $request->getData($field); |
|
48
|
4 |
|
if (empty($value) || !is_string($value)) { |
|
49
|
|
|
return false; |
|
50
|
|
|
} |
|
51
|
4 |
|
} |
|
52
|
|
|
|
|
53
|
4 |
|
return true; |
|
54
|
|
|
} |
|
55
|
|
|
|
|
56
|
|
|
/** |
|
57
|
|
|
* Authenticates the identity contained in a request. Will use the `config.userModel`, and `config.fields` |
|
58
|
|
|
* to find POST data that is used to find a matching record in the `config.userModel`. Will return false if |
|
59
|
|
|
* there is no post data, either username or password is missing, or if the scope conditions have not been met. |
|
60
|
|
|
* |
|
61
|
|
|
* @param \Cake\Http\ServerRequest $request The request that contains login information. |
|
62
|
|
|
* @param \Cake\Http\Response $response Unused response object. |
|
63
|
|
|
* @return mixed False on login failure. An array of User data on success. |
|
64
|
|
|
*/ |
|
65
|
4 |
|
public function authenticate(ServerRequest $request, Response $response) |
|
66
|
|
|
{ |
|
67
|
4 |
|
$fields = $this->_config['fields']; |
|
68
|
4 |
|
if (!$this->_checkFields($request, $fields)) { |
|
69
|
|
|
return false; |
|
70
|
|
|
} |
|
71
|
|
|
|
|
72
|
4 |
|
return $this->_findUser( |
|
73
|
4 |
|
$request->getData($fields['username']), |
|
|
|
|
|
|
74
|
4 |
|
$request->getData($fields['password']) |
|
|
|
|
|
|
75
|
4 |
|
); |
|
76
|
|
|
} |
|
77
|
|
|
} |
|
78
|
|
|
|
CakeDC /
cakephp-api
Loading history...
This check looks at variables that are passed out again to other methods.
If the outgoing method call has stricter type requirements than the method itself, an issue is raised.
An additional type check may prevent trouble.