public
|
#
__construct( )
Initialize Users
Overrides
|
public
integer
|
#
login( Session $session, array $vars )
Attempts to authenticate the given user and initialize a session with that
user's ID.
Attempts to authenticate the given user and initialize a session with that
user's ID.
Parameters
- $session
Session
The session to initialize
- $vars
array $vars An array of login information including: - username The username of the
user attempting to log in - password The password of the user attempting to log
in - remember_me If "true" will set a cookie to remember the user's session on a
subsequent visit - otp The one-time password required to authenticate this user
(required only if enabled for this user) - ip_address The IP address of the user
attempting to log in
Returns
integer The ID of the user authenticated, false on failure
|
public
|
#
logout( Session $session )
Logs the user out by terminating the session
Logs the user out by terminating the session
Parameters
- $session
Session
The session to terminate
|
public
boolean
|
#
auth( string $username, array $vars )
Checks to ensure that the user specified can be authenticated
Checks to ensure that the user specified can be authenticated
Parameters
- $username
string $username The ID or username of the user to authenticate
- $vars
array $vars an array of authentication info including: - username The username of the
user attempting to log in - password The password of the user attempting to log
in
Returns
boolean True if the user can be authenticated, false otherwise
|
public
boolean
|
#
validateOtp( string $otp, stdClass $user )
Validates the given OTP against the given user
Validates the given OTP against the given user
Parameters
- $otp
string $otp The one-time password required to authenticate this user (required only if
enabled for this user)
- $user
stdClass
$user The stdClass object representation of the user to validate the OTP against
Returns
boolean True if the OTP validates, false otherwise
|
public
integer
|
#
add( array $vars )
Adds the user record to the system
Adds the user record to the system
Parameters
- $vars
array $vars An array of user info including: - username The username for this user.
Must be unique across all companies for this installation. - new_password The
password for this user - confirm_password The password for this user -
two_factor_mode The two factor authentication mode 'none', 'motp', 'totp'
(optional, default 'none') - two_factor_key The two factor authentication key
(optional, default null) - two_factor_pin The two factor authentication pin
(optional, default null)
Returns
integer The ID of the user created, void on error
|
public
|
#
edit( integer $user_id, array $vars, boolean $validate_pass = false )
Edits the user record in the system
Edits the user record in the system
Parameters
- $user_id
integer $user_id The ID of the user to edit
- $vars
array $vars An array of user info including: - username The username for this user
(optional) - current_password The current password for this user (optional,
required if $validate_pass is true) - new_password The new password for this
user (optional) - confirm_password The new password for this user (optional,
required if 'new_password' is given) - two_factor_mode The two factor
authentication mode 'none', 'motp', 'totp' (optional, default 'none') -
two_factor_key The two factor authentication key (optional, default null) -
two_factor_pin The two factor authentication pin (optional, default null)
- $validate_pass
boolean $validate_pass Whether or not to validate the current_password before updating
this user (optional, default false)
|
public
|
#
delete( integer $user_id )
Permanently deletes a user record from the system. USE WITH EXTREME
CAUTION
Permanently deletes a user record from the system. USE WITH EXTREME
CAUTION
Parameters
- $user_id
integer $user_id The ID of the user to delete
|
public
mixed
|
#
get( integer $user_id )
Fetches a user
Parameters
- $user_id
integer $user_id The user ID to fetch
Returns
mixed An array of stdClass objects representing the user, false if it does not exist
See
|
public
mixed
|
#
getByUsername( string $username )
Fetches a user
Parameters
- $username
string $username The username to fetch
Returns
mixed An array of stdClass objects representing the user, false if it does not exist
See
|
public
|
#
getOtp( integer $user_id, string $otp )
Returns the one-time password record if it exists
Returns the one-time password record if it exists
Parameters
- $user_id
integer $user_id The ID of the user to fetch on
- $otp
string $otp The one-time password to search for
Reutrn
mixed A stdClass object representing this record, false if it does not exist
|
public
array
|
#
getOtpModes( )
Return all One-time-password modes supported by the system
Return all One-time-password modes supported by the system
Returns
array An array of key/value pairs consisting of the OTP mode (the key) and it's
friendly name (the value)
|
public
|
#
addOtp( integer $user_id, string $otp )
Adds the one-time password record to the system so we can ensure it is not
used again.
Adds the one-time password record to the system so we can ensure it is not
used again.
Parameters
- $user_id
integer $user_id The ID of the user to record the one-time password for
- $otp
string $otp The one-time password to record
|
public
mixed
|
#
requiredOtpMode( string $user )
Fetches the one-time password mode required to authenticate this user
Fetches the one-time password mode required to authenticate this user
Parameters
- $user
string The ID or username of the user to fetch the required OTP mode
Returns
mixed A string containing the type of OTP mode, false if the user does not exist or no
mode is set
|
public
boolean
|
#
validateTwoFactorMode( string $mode )
Validates the user's 'two_factor_mode' field
Validates the user's 'two_factor_mode' field
Parameters
- $mode
string $mode The two factor mode to check
Returns
boolean True if validated, false otherwise
|
public
boolean
|
#
validatePasswordEquals( string $password, integer $user_id )
Validates the given password matches the one on record
Validates the given password matches the one on record
Parameters
- $password
string $password The encrypted password to check
- $user_id
integer $user_id The user ID of the user to check against
Returns
boolean True if the passwords are equivalent, false otherwise
|
public
boolean
|
#
validateUniqueUser( string $username, integer $user_id )
Validates the given username is unique across all users, besides $user_id
Validates the given username is unique across all users, besides $user_id
Parameters
- $username
string $username The username to be validated against the user ID
- $user_id
integer $user_id A user ID
Returns
boolean True if the username is unique for all users (besides this $user_id), false
otherwise
|
public
string
|
#
hashPassword( string $password )
Computes an HMAC sha-256 hash of the given password, then hashes that using
the best hashing algorithm available on the system
Computes an HMAC sha-256 hash of the given password, then hashes that using
the best hashing algorithm available on the system
Parameters
- $password
string $password The password to hash
Returns
string The hashed password
|
public
boolean
|
#
checkPassword( string $password, string $stored_hash )
Verifies whether or not the given plain-text password produces the supplied
hash.
Verifies whether or not the given plain-text password produces the supplied
hash.
Parameters
- $password
string $password The password to validate
- $stored_hash
string $stored_hash The hash to verify the password against
Returns
boolean True if the password is good, false otherwise
|
public
boolean
|
#
validateLoginAttempts( string $username, string $ip_address )
Validates whether the user has made too many failed attempts to login
Validates whether the user has made too many failed attempts to login
Parameters
- $username
string $username The username
- $ip_address
string $ip_address The IP address from which the login took place
Returns
boolean False if there has been too many failed login attempts, true otherwise
|
private
array
|
#
getRules( array $vars, boolean $edit = false )
Returns the rule set for adding/editing users
Returns the rule set for adding/editing users
Parameters
- $vars
array $vars An array of fields
- $edit
boolean $edit True to get the rules pertaining to editing a user
Returns
array An array of user rules
|