Manager
in package
implements
IdentityProviderInterface, LoggerAwareInterface
Uses
LoggerAwareTrait
Wrapper class for handling logged-in user in session.
Tags
Interfaces, Classes, Traits and Enums
- IdentityProviderInterface
- LoggerAwareInterface
Table of Contents
- $activeAuth : string
- Currently selected authentication module
- $auth : array<string|int, AbstractBase>
- Authentication modules
- $config : Config
- $cookieManager : CookieManager
- $csrf : CsrfInterface
- $currentUser : UserEntityInterface|null
- Cache for current logged in user object
- $hideLogin : bool|null
- Cache for hideLogin setting
- $ils : Connection
- $legalAuthOptions : array<string|int, mixed>
- List of values allowed to be set into $activeAuth
- $loginTokenManager : LoginTokenManager
- $pluginManager : PluginManager
- $sessionManager : SessionManager
- $userService : UserServiceInterface
- $userSession : UserSessionPersistenceInterface
- __construct() : mixed
- Constructor
- ajaxEnabled() : bool
- Is login currently allowed?
- allowsUserIlsLogin() : bool
- Is the user allowed to log directly into the ILS?
- checkForExpiredCredentials() : bool
- Resets the session if the logged in user's credentials have expired.
- connectLibraryCard() : void
- Connect authenticated user as library card to his account.
- create() : UserEntityInterface
- Create a new user account from the request.
- deleteToken() : void
- Delete a login token
- deleteUserLoginTokens() : void
- Delete all login tokens for a user
- dropdownEnabled() : bool
- Is login currently allowed?
- getAuthClassForTemplateRendering() : string
- In VuFind, views are tied to the name of the active authentication class.
- getAuthMethod() : string
- Get the name of the current authentication method.
- getCsrfHash() : string
- Retrieve CSRF token
- getDefaultLoginTarget() : string
- Does the current auth class allow for authentication from more than one target? (e.g. MultiILS) If so return the default target.
- getIdentity() : IdentityInterface|null
- Get the logged-in user's identity (null if not logged in)
- getILSLoginMethod() : array<string|int, mixed>|false
- What login method does the ILS use (password, email, vufind)
- getLoginTargets() : array<string|int, mixed>
- Does the current auth class allow for authentication from more than one target? (e.g. MultiILS) If so return an array that lists the targets.
- getPasswordPolicy() : array<string|int, mixed>
- Password policy for a new password (e.g. minLength, maxLength)
- getPersistentLoginLifetime() : int
- Get persistent login lifetime in days
- getSelectableAuthOptions() : array<string|int, mixed>
- Return an array of all of the authentication options supported by the current auth class. In most cases (except for ChoiceAuth), this will just contain a single value.
- getSelectedAuthMethod() : string
- Get the name of the currently selected authentication method (if applicable) or the active authentication method.
- getSessionInitiator() : bool|string
- Get the URL to establish a session (needed when the internal VuFind login form is inadequate). Returns false when no session initiator is needed.
- getUsernamePolicy() : array<string|int, mixed>
- Username policy for a new account (e.g. minLength, maxLength)
- getUserObject() : UserEntityInterface|null
- Checks whether the user is logged in.
- inPrivacyMode() : bool
- Are we in privacy mode?
- isLoggedIn() : UserEntityInterface|false
- Checks whether the user is logged in.
- login() : UserEntityInterface
- Try to log in the user using current query parameters; return User object on success, throws exception on failure.
- loginEnabled() : bool
- Is login currently allowed?
- logout() : string
- Log out the current user.
- setAuthMethod() : void
- Setter
- supportsConnectingLibraryCard() : bool
- Is connecting library card allowed and supported?
- supportsCreation() : bool
- Does the current configuration support account creation?
- supportsEmailChange() : bool
- Is email changing currently allowed?
- supportsPasswordChange() : bool
- Is new passwords currently allowed?
- supportsPersistentLogin() : bool
- Is persistent login supported by the authentication method?
- supportsRecovery() : bool
- Does the current configuration support password recovery?
- updateEmail() : void
- Update a user's email from the request.
- updatePassword() : UserEntityInterface
- Update a user's password from the request.
- updateSession() : void
- Updates the user information in the session.
- updateUserVerifyHash() : void
- Update the verification hash for the provided user.
- userHasLoggedOut() : bool
- Checks whether the user has recently logged out.
- validateCredentials() : bool
- Validate the credentials in the provided request, but do not change the state of the current logged-in user. Return true for valid credentials, false otherwise.
- debug() : void
- Log a debug message.
- getAuth() : AbstractBase
- Get the authentication handler.
- log() : void
- Send a message to the logger.
- logError() : void
- Log an error message.
- logWarning() : void
- Log a warning message.
- makeAuth() : AbstractBase
- Helper
- processPolicyConfig() : array<string|int, mixed>
- Process a raw policy configuration
- updateUser() : void
- Update common user attributes on login
Properties
$activeAuth
Currently selected authentication module
protected
string
$activeAuth
$auth
Authentication modules
protected
array<string|int, AbstractBase>
$auth
= []
$config
protected
Config
$config
$cookieManager
protected
CookieManager
$cookieManager
$csrf
protected
CsrfInterface
$csrf
$currentUser
Cache for current logged in user object
protected
UserEntityInterface|null
$currentUser
= null
$hideLogin
Cache for hideLogin setting
protected
bool|null
$hideLogin
= null
$ils
protected
Connection
$ils
$legalAuthOptions
List of values allowed to be set into $activeAuth
protected
array<string|int, mixed>
$legalAuthOptions
$loginTokenManager
protected
LoginTokenManager
$loginTokenManager
$pluginManager
protected
PluginManager
$pluginManager
$sessionManager
protected
SessionManager
$sessionManager
$userService
protected
UserServiceInterface
$userService
$userSession
protected
UserSessionPersistenceInterface
$userSession
Methods
__construct()
Constructor
public
__construct(Config $config, UserServiceInterface $userService, UserSessionPersistenceInterface $userSession, SessionManager $sessionManager, PluginManager $pluginManager, CookieManager $cookieManager, CsrfInterface $csrf, LoginTokenManager $loginTokenManager, Connection $ils) : mixed
Parameters
- $config : Config
-
VuFind configuration
- $userService : UserServiceInterface
-
User database service
- $userSession : UserSessionPersistenceInterface
-
User session persistence service
- $sessionManager : SessionManager
-
Session manager
- $pluginManager : PluginManager
-
Authentication plugin manager
- $cookieManager : CookieManager
-
Cookie manager
- $csrf : CsrfInterface
-
CSRF validator
- $loginTokenManager : LoginTokenManager
-
Login Token manager
- $ils : Connection
-
ILS connection
Return values
mixed —ajaxEnabled()
Is login currently allowed?
public
ajaxEnabled() : bool
Return values
bool —allowsUserIlsLogin()
Is the user allowed to log directly into the ILS?
public
allowsUserIlsLogin() : bool
Return values
bool —checkForExpiredCredentials()
Resets the session if the logged in user's credentials have expired.
public
checkForExpiredCredentials() : bool
Return values
bool —True if session has expired.
connectLibraryCard()
Connect authenticated user as library card to his account.
public
connectLibraryCard(Request $request, UserEntityInterface $user) : void
Parameters
- $request : Request
-
Request object containing account credentials.
- $user : UserEntityInterface
-
Connect newly created library card to this user.
Tags
Return values
void —create()
Create a new user account from the request.
public
create(Request $request) : UserEntityInterface
Parameters
- $request : Request
-
Request object containing new account details.
Tags
Return values
UserEntityInterface —New user entity.
deleteToken()
Delete a login token
public
deleteToken(string $series) : void
Parameters
- $series : string
-
Series to identify the token
Return values
void —deleteUserLoginTokens()
Delete all login tokens for a user
public
deleteUserLoginTokens(int $userId) : void
Parameters
- $userId : int
-
User identifier
Return values
void —dropdownEnabled()
Is login currently allowed?
public
dropdownEnabled() : bool
Return values
bool —getAuthClassForTemplateRendering()
In VuFind, views are tied to the name of the active authentication class.
public
getAuthClassForTemplateRendering() : string
This method returns that name so that an appropriate template can be selected. It supports authentication methods that proxy other authentication methods (see ChoiceAuth for an example).
Return values
string —getAuthMethod()
Get the name of the current authentication method.
public
getAuthMethod() : string
Return values
string —getCsrfHash()
Retrieve CSRF token
public
getCsrfHash([bool $regenerate = false ][, int $maxTokens = 5 ]) : string
If no CSRF token currently exists, or should be regenerated, generates one.
Parameters
- $regenerate : bool = false
-
Should we regenerate token? (default false)
- $maxTokens : int = 5
-
The maximum number of tokens to store in the session.
Return values
string —getDefaultLoginTarget()
Does the current auth class allow for authentication from more than one target? (e.g. MultiILS) If so return the default target.
public
getDefaultLoginTarget() : string
Return values
string —getIdentity()
Get the logged-in user's identity (null if not logged in)
public
getIdentity() : IdentityInterface|null
Return values
IdentityInterface|null —getILSLoginMethod()
What login method does the ILS use (password, email, vufind)
public
getILSLoginMethod([string $target = '' ]) : array<string|int, mixed>|false
Parameters
- $target : string = ''
-
Login target (MultiILS only)
Return values
array<string|int, mixed>|false —getLoginTargets()
Does the current auth class allow for authentication from more than one target? (e.g. MultiILS) If so return an array that lists the targets.
public
getLoginTargets() : array<string|int, mixed>
Return values
array<string|int, mixed> —getPasswordPolicy()
Password policy for a new password (e.g. minLength, maxLength)
public
getPasswordPolicy([string $authMethod = null ]) : array<string|int, mixed>
Parameters
- $authMethod : string = null
-
optional; check this auth method rather than the one in config file
Return values
array<string|int, mixed> —getPersistentLoginLifetime()
Get persistent login lifetime in days
public
getPersistentLoginLifetime() : int
Return values
int —getSelectableAuthOptions()
Return an array of all of the authentication options supported by the current auth class. In most cases (except for ChoiceAuth), this will just contain a single value.
public
getSelectableAuthOptions() : array<string|int, mixed>
Return values
array<string|int, mixed> —getSelectedAuthMethod()
Get the name of the currently selected authentication method (if applicable) or the active authentication method.
public
getSelectedAuthMethod() : string
Return values
string —getSessionInitiator()
Get the URL to establish a session (needed when the internal VuFind login form is inadequate). Returns false when no session initiator is needed.
public
getSessionInitiator(string $target) : bool|string
Parameters
- $target : string
-
Full URL where external authentication method should send user after login (some drivers may override this).
Return values
bool|string —getUsernamePolicy()
Username policy for a new account (e.g. minLength, maxLength)
public
getUsernamePolicy([string $authMethod = null ]) : array<string|int, mixed>
Parameters
- $authMethod : string = null
-
optional; check this auth method rather than the one in config file
Return values
array<string|int, mixed> —getUserObject()
Checks whether the user is logged in.
public
getUserObject() : UserEntityInterface|null
Return values
UserEntityInterface|null —Object if user is logged in, null otherwise.
inPrivacyMode()
Are we in privacy mode?
public
inPrivacyMode() : bool
Return values
bool —isLoggedIn()
Checks whether the user is logged in.
public
isLoggedIn() : UserEntityInterface|false
Tags
Return values
UserEntityInterface|false —Object if user is logged in, false otherwise.
login()
Try to log in the user using current query parameters; return User object on success, throws exception on failure.
public
login(Request $request) : UserEntityInterface
Parameters
- $request : Request
-
Request object containing account credentials.
Tags
Return values
UserEntityInterface —Object representing logged-in user.
loginEnabled()
Is login currently allowed?
public
loginEnabled() : bool
Return values
bool —logout()
Log out the current user.
public
logout(string $url[, bool $destroy = true ]) : string
Parameters
- $url : string
-
URL to redirect user to after logging out.
- $destroy : bool = true
-
Should we destroy the session (true) or just reset it (false); destroy is for log out, reset is for expiration.
Return values
string —Redirect URL (usually same as $url, but modified in some authentication modules).
setAuthMethod()
Setter
public
setAuthMethod(string $method[, bool $forceLegal = false ]) : void
Parameters
- $method : string
-
The auth class to proxy
- $forceLegal : bool = false
-
Whether to force the new method legal
Return values
void —supportsConnectingLibraryCard()
Is connecting library card allowed and supported?
public
supportsConnectingLibraryCard([string $authMethod = null ]) : bool
Parameters
- $authMethod : string = null
-
optional; check this auth method rather than the one in config file
Return values
bool —supportsCreation()
Does the current configuration support account creation?
public
supportsCreation([string $authMethod = null ]) : bool
Parameters
- $authMethod : string = null
-
optional; check this auth method rather than the one in config file
Return values
bool —supportsEmailChange()
Is email changing currently allowed?
public
supportsEmailChange([string $authMethod = null ]) : bool
Parameters
- $authMethod : string = null
-
optional; check this auth method rather than the one in config file
Return values
bool —supportsPasswordChange()
Is new passwords currently allowed?
public
supportsPasswordChange([string $authMethod = null ]) : bool
Parameters
- $authMethod : string = null
-
optional; check this auth method rather than the one in config file
Return values
bool —supportsPersistentLogin()
Is persistent login supported by the authentication method?
public
supportsPersistentLogin([string $method = null ]) : bool
Parameters
- $method : string = null
-
Authentication method (overrides currently selected method)
Return values
bool —supportsRecovery()
Does the current configuration support password recovery?
public
supportsRecovery([string $authMethod = null ]) : bool
Parameters
- $authMethod : string = null
-
optional; check this auth method rather than the one in config file
Return values
bool —updateEmail()
Update a user's email from the request.
public
updateEmail(UserEntityInterface $user, string $email) : void
Parameters
- $user : UserEntityInterface
-
Object representing user being updated.
- $email : string
-
New email address to set (must be pre-validated!).
Tags
Return values
void —updatePassword()
Update a user's password from the request.
public
updatePassword(Request $request) : UserEntityInterface
Parameters
- $request : Request
-
Request object containing password change details.
Tags
Return values
UserEntityInterface —Updated user entity.
updateSession()
Updates the user information in the session.
public
updateSession(UserEntityInterface $user) : void
Parameters
- $user : UserEntityInterface
-
User object to store in the session
Return values
void —updateUserVerifyHash()
Update the verification hash for the provided user.
public
updateUserVerifyHash(UserEntityInterface $user) : void
Parameters
- $user : UserEntityInterface
-
User to update
Return values
void —userHasLoggedOut()
Checks whether the user has recently logged out.
public
userHasLoggedOut() : bool
Return values
bool —validateCredentials()
Validate the credentials in the provided request, but do not change the state of the current logged-in user. Return true for valid credentials, false otherwise.
public
validateCredentials(Request $request) : bool
Parameters
- $request : Request
-
Request object containing account credentials.
Tags
Return values
bool —debug()
Log a debug message.
protected
debug(string $msg[, array<string|int, mixed> $context = [] ][, bool $prependClass = true ]) : void
Parameters
- $msg : string
-
Log message
- $context : array<string|int, mixed> = []
-
Log context
- $prependClass : bool = true
-
Prepend class name to message?
Return values
void —getAuth()
Get the authentication handler.
protected
getAuth([string $name = null ]) : AbstractBase
Parameters
- $name : string = null
-
Auth module to load (null for currently active one)
Return values
AbstractBase —log()
Send a message to the logger.
protected
log(string $level, string $message[, array<string|int, mixed> $context = [] ][, bool $prependClass = false ]) : void
Parameters
- $level : string
-
Log level
- $message : string
-
Log message
- $context : array<string|int, mixed> = []
-
Log context
- $prependClass : bool = false
-
Prepend class name to message?
Return values
void —logError()
Log an error message.
protected
logError(string $msg[, array<string|int, mixed> $context = [] ][, bool $prependClass = true ]) : void
Parameters
- $msg : string
-
Log message
- $context : array<string|int, mixed> = []
-
Log context
- $prependClass : bool = true
-
Prepend class name to message?
Return values
void —logWarning()
Log a warning message.
protected
logWarning(string $msg[, array<string|int, mixed> $context = [] ][, bool $prependClass = true ]) : void
Parameters
- $msg : string
-
Log message
- $context : array<string|int, mixed> = []
-
Log context
- $prependClass : bool = true
-
Prepend class name to message?
Return values
void —makeAuth()
Helper
protected
makeAuth(string $method) : AbstractBase
Parameters
- $method : string
-
auth method to instantiate
Return values
AbstractBase —processPolicyConfig()
Process a raw policy configuration
protected
processPolicyConfig(array<string|int, mixed> $policy) : array<string|int, mixed>
Parameters
- $policy : array<string|int, mixed>
-
Policy configuration
Return values
array<string|int, mixed> —updateUser()
Update common user attributes on login
protected
updateUser(UserEntityInterface $user, string|null $authMethod) : void
Parameters
- $user : UserEntityInterface
-
User object
- $authMethod : string|null
-
Authentication method to user