简介:
Authlite基于Kohana 2.3版本内置Auth模块开发。Authlite仅支持Kohana 2.3版本。
相比较Auth而言,Authlite的特性为——
- 去除了Role(适合用于无需用户等级的登录系统)。
- 去除了salt安全机制(绝大部分情况下用sha1就足够了),从而使得直接批量导入用户成为可能。
- 可自定义用户模型、用户名列名和密码列名。
- 登陆成功后直接返回用户对象,从而可直接对用户对象做更多的操作(例如:设定last_login时间)。
Authlite为Layerful框架中的功能模块。Layerful框架正在持续开发中。
代码:
http://gist.github.com/26063
PHP复制代码
<?php
/**
* Authlite library
*
* Based on Kohana's Auth library.
*
* @package Layerful
* @subpackage Modules
* @author Layerful Team <http://layerful.org/>
* @author Fred Wu <fred@beyondcoding.com>
* @copyright BeyondCoding
* @license http://layerful.org/license MIT
* @since 0.3.0
*/
class Authlite_Core {
protected $session;
protected $config;
protected $username_column;
protected $password_column;
/**
* Create an instance of Auth.
*
* @return object
*/
public static function factory ()
{
return new Authlite ();
}
/**
* Return a static instance of Auth.
*
* @return object
*/
public static function instance ()
{
static $instance;
// Load the Authlite instance
empty($instance) and $instance = new Authlite ();
return $instance;
}
public function __construct ()
{
$this->session = Session ::instance();
$this->config = Kohana ::config('authlite');
$this->username_column = $this->config['username'];
$this->password_column = $this->config['password'];
Kohana ::log('debug', 'Authlite Library loaded');
}
/**
* Check if there is an active session.
*
* @return boolean
*/
public function logged_in ()
{
// Get the user from the session
$user = $this->session->get($this->config['session_key']);
$status = is_object($user) ? true : false;
// Get the user from the cookie
if ($status == false)
{
$token = cookie ::get('authautologin');
if (is_string($token) && $token === $this->hash($user->{$this->username_column}.$user->{$this->password_column}))
{
$status = true;
$this->login($user->{$this->username_column}, $user->{$this->password_column});
}
}
return $status;
}
/**
* Returns the currently logged in user, or FALSE.
*
* @return object|false
*/
public function get_user ()
{
if ($this->logged_in())
{
return $_SESSION[$this->config['session_key']];
}
return false;
}
/**
* Attempt to log in a user by using an ORM object and plain-text password.
*
* @param string username to log in
* @param string password to check against
* @param boolean enable auto-login
* @return object|false
*/
public function login ($username, $password, $remember = false)
{
if (empty($password))
{
return false;
}
$user = ORM ::factory($this->config['user_model'])->where($this->username_column, $username)->find();
if ($user->{$this->password_column} === $this->hash($password))
{
$this->session->set($this->config['session_key'], $user);
if ($remember == true)
{
$token = $this->hash($user->{$this->username_column}.$user->{$this->password_column});
cookie ::set('authlite_autologin', $token, $this->config['lifetime']);
}
return $user;
}
else
{
return false;
}
}
/**
* Log out a user by removing the related session variables.
*
* @param boolean $destroy completely destroy the session
* @return boolean
*/
public function logout ($destroy = false)
{
if (cookie ::get('authlite_autologin'))
{
cookie ::delete('authlite_autologin');
}
if ($destroy === true)
{
// Destroy the session completely
Session ::instance()->destroy();
}
else
{
// Remove the user from the session
$this->session->delete($this->config['session_key']);
// Regenerate session_id
$this->session->regenerate();
}
return ! $this->logged_in();
}
protected function hash($str)
{
return hash($this->config['hash_method'], $str);
}
} // End Authlite
PHP复制代码
<?php
/**
* User model
*/
$config['user_model'] = 'user';
/**
* Username column
*/
$config['username'] = 'username';
/**
* Password column
*/
$config['password'] = 'password';
/**
* Type of hash to use for passwords. Any algorithm supported by the hash function
* can be used here.
* @see http://php.net/hash
* @see http://php.net/hash_algos
*/
$config['hash_method'] = 'sha1';
/**
* Set the auto-login (remember me) cookie lifetime, in seconds. The default
* lifetime is two weeks.
*/
$config['lifetime'] = 1209600;
/**
* Set the session key that will be used to store the current user.
*/
$config['session_key'] = 'authlite_user';
|
IP卡
狗仔卡
发表于 2008-11-18 13:58:01
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
千斤顶
显身卡
发表于 2008-11-20 09:00:58
楼主
