143 lines
3.2 KiB
PHP
143 lines
3.2 KiB
PHP
<?php namespace Laravel\Security;
|
|
|
|
use Laravel\IoC;
|
|
use Laravel\Config;
|
|
use Laravel\Session\Payload;
|
|
|
|
class Auth {
|
|
|
|
/**
|
|
* The current user of the application.
|
|
*
|
|
* @var object
|
|
*/
|
|
protected static $user;
|
|
|
|
/**
|
|
* The key used when storing the user ID in the session.
|
|
*
|
|
* @var string
|
|
*/
|
|
const user_key = 'laravel_user_id';
|
|
|
|
/**
|
|
* Determine if the current user of the application is authenticated.
|
|
*
|
|
* @return bool
|
|
*/
|
|
public static function check()
|
|
{
|
|
return ! is_null(static::user());
|
|
}
|
|
|
|
/**
|
|
* Get the current user of the application.
|
|
*
|
|
* If the current user is not authenticated, null will be returned. This method
|
|
* will call the "user" closure in the authentication configuration file.
|
|
*
|
|
* <code>
|
|
* // Get the current user of the application
|
|
* $user = Auth::user();
|
|
*
|
|
* // Access a property on the current user of the application
|
|
* $email = Auth::user()->email;
|
|
* </code>
|
|
*
|
|
* @return object
|
|
*/
|
|
public static function user()
|
|
{
|
|
if ( ! is_null(static::$user)) return static::$user;
|
|
|
|
$id = IoC::container()->core('session')->get(Auth::user_key);
|
|
|
|
if (is_null($id) AND ! is_null($cookie = Crypter::decrypt(\Cookie::get('remember'))))
|
|
{
|
|
$cookie = explode('|', $cookie);
|
|
if ($cookie[2] == md5(\Request::server('HTTP_USER_AGENT')))
|
|
{
|
|
$id = $cookie[0];
|
|
}
|
|
|
|
if ( ! is_null(static::$user = call_user_func(Config::get('auth.user'), $id)))
|
|
{
|
|
static::login($user);
|
|
return static::$user;
|
|
}
|
|
}
|
|
|
|
return static::$user = call_user_func(Config::get('auth.user'), $id);
|
|
}
|
|
|
|
/**
|
|
* Attempt to log a user into the application.
|
|
*
|
|
* If the given credentials are valid, the user will be considered logged into
|
|
* the application and their user ID will be stored in the session data.
|
|
*
|
|
* @param string $username
|
|
* @param string $password
|
|
* @param bool $remember
|
|
* @param int $ttl - Default is one week.
|
|
* @return bool
|
|
*/
|
|
public static function attempt($username, $password = null, $remember = false, $ttl = 10080)
|
|
{
|
|
if ( ! is_null($user = call_user_func(Config::get('auth.attempt'), $username, $password)))
|
|
{
|
|
static::login($user);
|
|
|
|
if ($remember) static::remember($user);
|
|
|
|
return true;
|
|
}
|
|
|
|
return false;
|
|
}
|
|
|
|
/**
|
|
* Log a user into the application.
|
|
*
|
|
* The user ID will be stored in the session so it is available on subsequent requests.
|
|
*
|
|
* @param object $user
|
|
* @return void
|
|
*/
|
|
public static function login($user)
|
|
{
|
|
static::$user = $user;
|
|
|
|
IoC::container()->core('session')->put(Auth::user_key, $user->id);
|
|
}
|
|
|
|
/**
|
|
* Log the current user out of the application.
|
|
*
|
|
* The "logout" closure in the authenciation configuration file will be called.
|
|
*
|
|
* @return void
|
|
*/
|
|
public static function logout()
|
|
{
|
|
call_user_func(Config::get('auth.logout'), static::user());
|
|
|
|
static::$user = null;
|
|
|
|
IoC::container()->core('session')->forget(Auth::user_key);
|
|
}
|
|
|
|
/**
|
|
* Set a cookie so that users are remembered.
|
|
*
|
|
* @param object $user
|
|
* @param int $ttl - Default is one week.
|
|
* @return bool
|
|
*/
|
|
public static function remember($user, $ttl = 10080)
|
|
{
|
|
static::$user = $user;
|
|
$cookie = Crypter::encrypt($user->id.'|'.\Request::ip().'|'.md5(\Request::server('HTTP_USER_AGENT')).'|'.time());
|
|
\Cookie::put('remember', $cookie, $ttl);
|
|
}
|
|
} |