Basic Authentication adapter for AuthComponent.
Provides Basic HTTP authentication support for AuthComponent. Basic Auth will authenticate users against the configured userModel and verify the username and passwords match.
Load AuthComponent in your controller's initialize() and add 'Basic' in 'authenticate' key
$this->loadComponent('Auth', [
'authenticate' => ['Basic']
'storage' => 'Memory',
'unauthorizedRedirect' => false,
]); You should set storage to Memory to prevent CakePHP from sending a session cookie to the client.
You should set unauthorizedRedirect to false. This causes AuthComponent to throw a ForbiddenException exception instead of redirecting to another page.
Since HTTP Basic Authentication is stateless you don't need call setUser() in your controller. The user credentials will be checked on each request. If valid credentials are not provided, required authentication headers will be sent by this authentication provider which triggers the login dialog in the browser/client.
array<string, mixed>Runtime config
boolWhether the config property has already been configured with defaults
array<string, mixed>Default config for this object.
boolWhether the user authenticated by this class requires their password to be rehashed with another algorithm.
Cake\Auth\AbstractPasswordHasher|nullPassword hasher instance.
Cake\Controller\ComponentRegistryA Component registry, used to get more components.
Cake\ORM\Locator\LocatorInterface|nullTable locator instance
string|nullThis object's default table alias.
Constructor
Deletes a single config key.
Reads a config key.
Writes a config key.
Find a user record using the username and password provided.
Get query object for fetching user from database.
Authenticate a user using HTTP auth. Will use the configured User model and attempt a login using HTTP auth.
Merge provided config with existing config. Unlike config() which does a recursive merge for nested keys, this method does a simple merge.
Convenience method to get a table instance.
Returns the config.
Returns the config for this specific key.
Gets the table locator.
Get a user based on information in the request. Used by cookie-less auth for stateless clients.
Returns a list of all events that this authenticate class will listen to.
Generate the login headers
Returns whether the password stored in the repository for the logged in user requires to be rehashed with another algorithm
Return password hasher object
Sets the config.
Sets the table locator.
Handles an unauthenticated access attempt by sending appropriate login headers
__construct(Cake\Controller\ComponentRegistry $registry, array<string, mixed> $config = [])
Constructor
Cake\Controller\ComponentRegistry $registry The Component registry used on this request.
array<string, mixed> $config optional Array of config to use.
_configDelete(string $key): void
Deletes a single config key.
string $key Key to delete.
voidCake\Core\Exception\CakeException_configRead(string|null $key): mixed
Reads a config key.
string|null $key Key to read.
mixed_configWrite(array<string, mixed>|string $key, mixed $value, string|bool $merge = false): void
Writes a config key.
array<string, mixed>|string $key Key to write to.
mixed $value Value to write.
string|bool $merge optional True to merge recursively, 'shallow' for simple merge, false to overwrite, defaults to false.
voidCake\Core\Exception\CakeException_findUser(string $username, string|null $password = null): array<string, mixed>|false
Find a user record using the username and password provided.
Input passwords will be hashed even when a user doesn't exist. This helps mitigate timing attacks that are attempting to find valid usernames.
string $username The username/identifier.
string|null $password optional The password, if not provided password checking is skipped and result of find is returned.
array<string, mixed>|false_query(string $username): Cake\ORM\Query
Get query object for fetching user from database.
string $username The username/identifier.
Cake\ORM\Queryauthenticate(Cake\Http\ServerRequest $request, Cake\Http\Response $response): array<string, mixed>|false
Authenticate a user using HTTP auth. Will use the configured User model and attempt a login using HTTP auth.
Cake\Http\ServerRequest $request The request to authenticate with.
Cake\Http\Response $response The response to add headers to.
array<string, mixed>|falseconfigShallow(array<string, mixed>|string $key, mixed|null $value = null): $this
Merge provided config with existing config. Unlike config() which does a recursive merge for nested keys, this method does a simple merge.
Setting a specific value:
$this->configShallow('key', $value); Setting a nested value:
$this->configShallow('some.nested.key', $value); Updating multiple config settings at the same time:
$this->configShallow(['one' => 'value', 'another' => 'value']);
array<string, mixed>|string $key The key to set, or a complete array of configs.
mixed|null $value optional The value to set.
$thisfetchTable(string|null $alias = null, array<string, mixed> $options = []): Cake\ORM\Table
Convenience method to get a table instance.
string|null $alias optional The alias name you want to get. Should be in CamelCase format. If null then the value of $defaultTable property is used.
array<string, mixed> $options optional The options you want to build the table with. If a table has already been loaded the registry options will be ignored.
Cake\ORM\TableCake\Core\Exception\CakeExceptiongetConfig(string|null $key = null, mixed $default = null): mixed
Returns the config.
Reading the whole config:
$this->getConfig();
Reading a specific value:
$this->getConfig('key'); Reading a nested value:
$this->getConfig('some.nested.key'); Reading with default value:
$this->getConfig('some-key', 'default-value'); string|null $key optional The key to get or null for the whole config.
mixed $default optional The return value when the key does not exist.
mixedgetConfigOrFail(string $key): mixed
Returns the config for this specific key.
The config value for this key must exist, it can never be null.
string $key The key to get.
mixedInvalidArgumentExceptiongetTableLocator(): Cake\ORM\Locator\LocatorInterface
Gets the table locator.
Cake\ORM\Locator\LocatorInterfacegetUser(Cake\Http\ServerRequest $request): array<string, mixed>|false
Get a user based on information in the request. Used by cookie-less auth for stateless clients.
Cake\Http\ServerRequest $request Request object.
array<string, mixed>|falseimplementedEvents(): array<string, mixed>
Returns a list of all events that this authenticate class will listen to.
An authenticate class can listen to following events fired by AuthComponent:
Auth.afterIdentify - Fired after a user has been identified using one of configured authenticate class. The callback function should have signature like afterIdentify(EventInterface $event, array $user) when $user is the identified user record.
Auth.logout - Fired when AuthComponent::logout() is called. The callback function should have signature like logout(EventInterface $event, array $user) where $user is the user about to be logged out.
array<string, mixed>loginHeaders(Cake\Http\ServerRequest $request): array<string, string>
Generate the login headers
Cake\Http\ServerRequest $request Request object.
array<string, string>needsPasswordRehash(): bool
Returns whether the password stored in the repository for the logged in user requires to be rehashed with another algorithm
boolpasswordHasher(): Cake\Auth\AbstractPasswordHasher
Return password hasher object
Cake\Auth\AbstractPasswordHasherRuntimeExceptionsetConfig(array<string, mixed>|string $key, mixed|null $value = null, bool $merge = true): $this
Sets the config.
Setting a specific value:
$this->setConfig('key', $value); Setting a nested value:
$this->setConfig('some.nested.key', $value); Updating multiple config settings at the same time:
$this->setConfig(['one' => 'value', 'another' => 'value']);
array<string, mixed>|string $key The key to set, or a complete array of configs.
mixed|null $value optional The value to set.
bool $merge optional Whether to recursively merge or overwrite existing config, defaults to true.
$thisCake\Core\Exception\CakeExceptionsetTableLocator(Cake\ORM\Locator\LocatorInterface $tableLocator): $this
Sets the table locator.
Cake\ORM\Locator\LocatorInterface $tableLocator LocatorInterface instance.
$thisunauthenticated(Cake\Http\ServerRequest $request, Cake\Http\Response $response): Cake\Http\Response|null|void
Handles an unauthenticated access attempt by sending appropriate login headers
Cake\Http\ServerRequest $request A request object.
Cake\Http\Response $response A response object.
Cake\Http\Response|null|voidCake\Http\Exception\UnauthorizedExceptionRuntime config
array<string, mixed>Whether the config property has already been configured with defaults
boolDefault config for this object.
fields The fields to use to identify a user by.userModel The alias for users table, defaults to Users.finder The finder method to use to fetch user record. Defaults to 'all'. You can set finder name as string or an array where key is finder name and value is an array passed to Table::find() options. E.g. ['finderName' => ['some_finder_option' => 'some_value']]passwordHasher Password hasher class. Can be a string specifying class name or an array containing className key, any other keys will be passed as config to the class. Defaults to 'Default'.array<string, mixed>Whether the user authenticated by this class requires their password to be rehashed with another algorithm.
boolPassword hasher instance.
Cake\Auth\AbstractPasswordHasher|nullA Component registry, used to get more components.
Cake\Controller\ComponentRegistryTable locator instance
Cake\ORM\Locator\LocatorInterface|nullThis object's default table alias.
string|null
© 2005–present The Cake Software Foundation, Inc.
Licensed under the MIT License.
CakePHP is a registered trademark of Cake Software Foundation, Inc.
We are not endorsed by or affiliated with CakePHP.
https://api.cakephp.org/4.4/class-Cake.Auth.BasicAuthenticate.html