PluginProbe ʕ •ᴥ•ʔ
Matomo Analytics – Powerful, Privacy-First Insights for WordPress / 1.3.1
Matomo Analytics – Powerful, Privacy-First Insights for WordPress v1.3.1
5.11.1 5.11.0 5.10.2 5.10.1 trunk 1.0.2 1.0.3 1.0.4 1.0.5 1.0.6 1.1.0 1.1.1 1.1.2 1.1.3 1.2.0 1.3.0 1.3.1 1.3.2 4.0.0 4.0.1 4.0.2 4.0.3 4.0.4 4.1.0 4.1.1 4.1.2 4.1.3 4.10.0 4.11.0 4.12.0 4.13.0 4.13.2 4.13.3 4.13.4 4.13.5 4.14.0 4.14.1 4.14.2 4.15.0 4.15.1 4.15.2 4.15.3 4.2.0 4.3.0 4.3.1 4.4.1 4.4.2 4.5.0 4.6.0 5.0.1 5.0.2 5.0.3 5.0.4 5.0.5 5.0.6 5.0.7 5.0.8 5.1.0 5.1.1 5.1.2 5.1.3 5.1.4 5.1.5 5.1.6 5.1.7 5.10.0 5.2.0 5.2.1 5.2.2 5.3.0 5.3.1 5.3.2 5.3.3 5.6.0 5.6.1 5.7.0 5.7.1 5.8.0 5.8.1 5.8.2
matomo / app / core / Auth.php
matomo / app / core Last commit date
API 6 years ago Access 6 years ago Application 6 years ago Archive 6 years ago ArchiveProcessor 6 years ago Archiver 6 years ago AssetManager 6 years ago Auth 6 years ago Category 6 years ago CliMulti 6 years ago Columns 6 years ago Composer 6 years ago Concurrency 6 years ago Config 6 years ago Container 6 years ago CronArchive 6 years ago DataAccess 5 years ago DataFiles 6 years ago DataTable 6 years ago Db 6 years ago DeviceDetector 5 years ago Email 6 years ago Exception 6 years ago Http 6 years ago Intl 6 years ago Mail 6 years ago Measurable 6 years ago Menu 6 years ago Metrics 6 years ago Notification 6 years ago Period 6 years ago Plugin 6 years ago ProfessionalServices 6 years ago Report 6 years ago ReportRenderer 6 years ago Scheduler 6 years ago Segment 6 years ago Session 6 years ago Settings 6 years ago Tracker 5 years ago Translation 6 years ago UpdateCheck 6 years ago Updater 6 years ago Updates 6 years ago Validators 6 years ago View 6 years ago ViewDataTable 6 years ago Visualization 6 years ago Widget 6 years ago .htaccess 6 years ago Access.php 6 years ago Archive.php 6 years ago ArchiveProcessor.php 6 years ago AssetManager.php 6 years ago Auth.php 6 years ago BaseFactory.php 6 years ago Cache.php 6 years ago CacheId.php 6 years ago CliMulti.php 6 years ago Common.php 6 years ago Config.php 6 years ago Console.php 6 years ago Context.php 6 years ago Cookie.php 5 years ago CronArchive.php 5 years ago DataArray.php 6 years ago DataTable.php 6 years ago Date.php 6 years ago Db.php 6 years ago DbHelper.php 6 years ago Development.php 6 years ago DeviceDetectorFactory.php 6 years ago ErrorHandler.php 6 years ago EventDispatcher.php 6 years ago ExceptionHandler.php 6 years ago FileIntegrity.php 6 years ago Filechecks.php 6 years ago Filesystem.php 6 years ago FrontController.php 6 years ago Http.php 6 years ago IP.php 6 years ago Log.php 6 years ago LogDeleter.php 6 years ago Mail.php 6 years ago Metrics.php 6 years ago MetricsFormatter.php 6 years ago Nonce.php 5 years ago Notification.php 6 years ago NumberFormatter.php 6 years ago Option.php 5 years ago Period.php 6 years ago Piwik.php 6 years ago Plugin.php 6 years ago Profiler.php 6 years ago ProxyHeaders.php 6 years ago ProxyHttp.php 6 years ago QuickForm2.php 6 years ago RankingQuery.php 6 years ago Registry.php 6 years ago ReportRenderer.php 6 years ago ScheduledTask.php 6 years ago Segment.php 6 years ago Sequence.php 6 years ago Session.php 6 years ago SettingsPiwik.php 6 years ago SettingsServer.php 6 years ago Singleton.php 6 years ago Site.php 6 years ago TCPDF.php 6 years ago TaskScheduler.php 6 years ago Theme.php 6 years ago Timer.php 6 years ago Tracker.php 6 years ago Translate.php 6 years ago Twig.php 6 years ago Unzip.php 6 years ago UpdateCheck.php 6 years ago Updater.php 6 years ago Updates.php 6 years ago Url.php 6 years ago UrlHelper.php 6 years ago Version.php 5 years ago View.php 6 years ago bootstrap.php 6 years ago dispatch.php 6 years ago testMinimumPhpVersion.php 6 years ago
Auth.php
222 lines
1 <?php
2 /**
3 * Piwik - free/libre analytics platform
4 *
5 * @link https://matomo.org
6 * @license http://www.gnu.org/licenses/gpl-3.0.html GPL v3 or later
7 *
8 */
9
10 namespace Piwik;
11
12 use Exception;
13
14 /**
15 * Base interface for authentication implementations.
16 *
17 * Plugins that provide Auth implementations must provide a class that implements
18 * this interface. Additionally, an instance of that class must be set in the
19 * container with the 'Piwik\Auth' key during the
20 * [Request.initAuthenticationObject](http://developer.piwik.org/api-reference/events#requestinitauthenticationobject)
21 * event.
22 *
23 * Authentication implementations must support authentication via username and
24 * clear-text password and authentication via username and token auth. They can
25 * additionally support authentication via username and an MD5 hash of a password. If
26 * they don't support it, then [formless authentication](http://piwik.org/faq/how-to/faq_30/) will fail.
27 *
28 * Derived implementations should favor authenticating by password over authenticating
29 * by token auth. That is to say, if a token auth and a password are set, password
30 * authentication should be used.
31 *
32 * ### Examples
33 *
34 * **How an Auth implementation will be used**
35 *
36 * // authenticating by password
37 * $auth = StaticContainer::get('Piwik\Auth');
38 * $auth->setLogin('user');
39 * $auth->setPassword('password');
40 * $result = $auth->authenticate();
41 *
42 * // authenticating by token auth
43 * $auth = StaticContainer::get('Piwik\Auth');
44 * $auth->setLogin('user');
45 * $auth->setTokenAuth('...');
46 * $result = $auth->authenticate();
47 *
48 * @api
49 */
50 interface Auth
51 {
52 /**
53 * Must return the Authentication module's name, e.g., `"Login"`.
54 *
55 * @return string
56 */
57 public function getName();
58
59 /**
60 * Sets the authentication token to authenticate with.
61 *
62 * @param string $token_auth authentication token
63 */
64 public function setTokenAuth($token_auth);
65
66 /**
67 * Returns the login of the user being authenticated.
68 *
69 * @return string
70 */
71 public function getLogin();
72
73 /**
74 * Returns the secret used to calculate a user's token auth.
75 *
76 * A users token auth is generated using the user's login and this secret. The secret
77 * should be specific to the user and not easily guessed. Piwik's default Auth implementation
78 * uses an MD5 hash of a user's password.
79 *
80 * @return string
81 * @throws Exception if the token auth secret does not exist or cannot be obtained.
82 */
83 public function getTokenAuthSecret();
84
85 /**
86 * Sets the login name to authenticate with.
87 *
88 * @param string $login The username.
89 */
90 public function setLogin($login);
91
92 /**
93 * Sets the password to authenticate with.
94 *
95 * @param string $password Password (not hashed).
96 */
97 public function setPassword($password);
98
99 /**
100 * Sets the hash of the password to authenticate with. The hash will be an MD5 hash.
101 *
102 * @param string $passwordHash The hashed password.
103 * @throws Exception if authentication by hashed password is not supported.
104 */
105 public function setPasswordHash($passwordHash);
106
107 /**
108 * Authenticates a user using the login and password set using the setters. Can also authenticate
109 * via token auth if one is set and no password is set.
110 *
111 * Note: this method must successfully authenticate if the token auth supplied is a special hash
112 * of the user's real token auth. This is because the SessionInitializer class stores a
113 * hash of the token auth in the session cookie. You can calculate the token auth hash using the
114 * {@link Piwik\Plugins\Login\SessionInitializer::getHashTokenAuth()} method.
115 *
116 * @return AuthResult
117 * @throws Exception if the Auth implementation has an invalid state (ie, no login
118 * was specified). Note: implementations are not **required** to throw
119 * exceptions for invalid state, but they are allowed to.
120 */
121 public function authenticate();
122 }
123
124 /**
125 * Authentication result. This is what is returned by authentication attempts using {@link Auth}
126 * implementations.
127 *
128 * @api
129 */
130 class AuthResult
131 {
132 const FAILURE = 0;
133 const SUCCESS = 1;
134 const SUCCESS_SUPERUSER_AUTH_CODE = 42;
135
136 /**
137 * token_auth parameter used to authenticate in the API
138 *
139 * @var string
140 */
141 protected $tokenAuth = null;
142
143 /**
144 * The login used to authenticate.
145 *
146 * @var string
147 */
148 protected $login = null;
149
150 /**
151 * The authentication result code. Can be self::FAILURE, self::SUCCESS, or
152 * self::SUCCESS_SUPERUSER_AUTH_CODE.
153 *
154 * @var int
155 */
156 protected $code = null;
157
158 /**
159 * Constructor for AuthResult
160 *
161 * @param int $code
162 * @param string $login identity
163 * @param string $tokenAuth
164 */
165 public function __construct($code, $login, $tokenAuth)
166 {
167 $this->code = (int)$code;
168 $this->login = $login;
169 $this->tokenAuth = $tokenAuth;
170 }
171
172 /**
173 * Returns the login used to authenticate.
174 *
175 * @return string
176 */
177 public function getIdentity()
178 {
179 return $this->login;
180 }
181
182 /**
183 * Returns the token_auth to authenticate the current user in the API
184 *
185 * @return string
186 */
187 public function getTokenAuth()
188 {
189 return $this->tokenAuth;
190 }
191
192 /**
193 * Returns the authentication result code.
194 *
195 * @return int
196 */
197 public function getCode()
198 {
199 return $this->code;
200 }
201
202 /**
203 * Returns true if the user has Super User access, false otherwise.
204 *
205 * @return bool
206 */
207 public function hasSuperUserAccess()
208 {
209 return $this->getCode() == self::SUCCESS_SUPERUSER_AUTH_CODE;
210 }
211
212 /**
213 * Returns true if this result was successfully authentication.
214 *
215 * @return bool
216 */
217 public function wasAuthenticationSuccessful()
218 {
219 return $this->code > self::FAILURE;
220 }
221 }
222