tyler.durden
/
icingaweb2
mirror of https://github.com/Icinga/icingaweb2.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
icingaweb2/library/Icinga/Authentication/Manager.php

109 lines
3.0 KiB
PHP
Raw Normal View History

Add Auth/Manager.php, currently without tests The Auth Manager class incorporates the functionality of the Backend.php and Auth.php class and handles authentication. The authorization parts from the Auth.php (hasPermission(), etc.) have been removed and will be added to the user class refs #4265
2013-06-07 17:30:18 +02:00
<?php
namespace Icinga\Authentication;
use Icinga\Application\Logger as Logger;
class Manager
{
const BACKEND_TYPE_USER = "User";
const BACKEND_TYPE_GROUP = "Group";
private $user = null;
private $groups = array();
private $userBackend = null;
private $groupBackend = null;
private $session = null;
private function __construct($config = null, array $options = array())
{
if ($config === null) {
$config = Config::getInstance()->authentication;
}
if (isset($options["userBackendClass"])) {
$this->userBackend = $options["userBackendClass"];
} elseif ($config->users !== null) {
$this->userBackend = initBackend(BACKEND_TYPE_USER, $config->users);
}
if (isset($options["groupBackendClass"])) {
$this->userBackend = $options["groupBackendClass"];
} elseif ($config->groups != null) {
$this->groupBackend = initBackend(BACKEND_TYPE_GROUP, $config->groups);
}
if (!isset($options["sessionClass"])) {
$this->session = new PhpSession($config->session);
} else {
$options["sessionClass"];
}
}
public static function getInstance($config = null, array $options = array())
{
if (self::$instance === null) {
self::$instance = new Auth($config, $options);
}
return self::$instance;
}
private function initBackend($authenticationTarget, $authenticationSource)
{
$userbackend = ucwords(strtolower($authenticationSource->backend));
$class = '\\Icinga\\Authentication\\' . $backend . $authenticationTarget. 'Backend';
return new $class($authenticationSource);
}
public function authenticate(Credentials $credentials)
{
if (!$this->userBackend->hasUsername($credentials)) {
Logger::info("Unknown user %s tried to log in", $credentials->getUsername());
return false;
}
$this->user = $this->userBackend->authenticate($credentials);
if ($this->user == null) {
Logger::info("Invalid credentials for user %s provided", $credentials->getUsername());
return false;
}
persistCurrentUser();
return true;
}
public function persistCurrentUser()
{
$this->session->set("user", $this->user->toSession());
}
public function authenticateFromSession()
{
$this->user = User::fromSession($this->session->get("user", null));
}
public function isAuthenticated()
{
if ($this->user === null) {
$this->authenticateFromSession();
}
return is_object($this->user) && !empty($this->user->username);
}
public function removeAuthorization()
{
$this->user = null;
$this->session->delete();
}
public function getUser()
{
return $this->user;
}
public function getGroups()
{
return $this->user->getGroups();
}
}