public
|
#
__construct( )
Initialize Users
Overrides
|
public
integer
|
#
login( Session $session, array $vars )
Attempts to authenticate the given user and initialize a session with that
user's ID.
Attempts to authenticate the given user and initialize a session with that
user's ID.
Parameters
- $session
Session
The session to initialize- $vars
array
$vars An array of login information including: - username The username of the
user attempting to log in - password The password of the user attempting to log
in - remember_me If "true" will set a cookie to remember the user's session on a
subsequent visit - otp The one-time password required to authenticate this user
(required only if enabled for this user) - ip_address The IP address of the user
attempting to log in Returns
integer
The ID of the user authenticated, false on failure
|
public
|
#
logout( Session $session )
Logs the user out by terminating the session
Logs the user out by terminating the session
Parameters
- $session
Session
The session to terminate
|
public
boolean
|
#
auth( string $username, array $vars, string $type = "any" )
Checks to ensure that the user specified can be authenticated
Checks to ensure that the user specified can be authenticated
Deprecated
since 3.5.0 Authentication via user id (users.id)
given as $username is deprecated.
Parameters
- $username
string
$username The ID or username of the user to authenticate- $vars
array
$vars an array of authentication info including: - username The username of the
user attempting to log in - password The password of the user attempting to log
in- $type
string
$type The type of user to authenticate: - any Will check any type - staff Check
staff type only - client Check client type only - contact Check contact type
only Returns
boolean
True if the user can be authenticated, false otherwise
|
public
boolean
|
#
validateOtp( string $otp, stdClass $user )
Validates the given OTP against the given user
Validates the given OTP against the given user
Parameters
- $otp
string
$otp The one-time password required to authenticate this user (required only if
enabled for this user)- $user
stdClass
$user The stdClass object representation of the user to validate the OTP against Returns
boolean
True if the OTP validates, false otherwise
|
public
integer
|
#
add( array $vars )
Adds the user record to the system
Adds the user record to the system
Parameters
- $vars
array
$vars An array of user info including: - username The username for this user.
Must be unique across all companies for this installation. - new_password The
password for this user - confirm_password The password for this user -
two_factor_mode The two factor authentication mode 'none', 'motp', 'totp'
(optional, default 'none') - two_factor_key The two factor authentication key
(optional, default null) - two_factor_pin The two factor authentication pin
(optional, default null) Returns
integer
The ID of the user created, void on error
|
public
|
#
edit( integer $user_id, array $vars, boolean $validate_pass = false )
Edits the user record in the system
Edits the user record in the system
Parameters
- $user_id
integer
$user_id The ID of the user to edit- $vars
array
$vars An array of user info including: - username The username for this user
(optional) - current_password The current password for this user (optional,
required if $validate_pass is true) - new_password The new password for this
user (optional) - confirm_password The new password for this user (optional,
required if 'new_password' is given) - two_factor_mode The two factor
authentication mode 'none', 'motp', 'totp' (optional) - two_factor_key The two
factor authentication key (optional) - two_factor_pin The two factor
authentication pin (optional) - otp The one-time-password to validate, required
if two_factor_mode is something other than 'none' and $validate_pass is set to
true- $validate_pass
boolean
$validate_pass Whether or not to validate the current_password before updating
this user (optional, default false). If set will also attempt to validate the
one-time-password.
|
public
|
#
delete( integer $user_id )
Permanently deletes a user record from the system. USE WITH EXTREME
CAUTION
Permanently deletes a user record from the system. USE WITH EXTREME
CAUTION
Parameters
- $user_id
integer
$user_id The ID of the user to delete
|
public
mixed
|
#
get( integer $user_id )
Fetches a user
Parameters
- $user_id
integer
$user_id The user ID to fetch Returns
mixed
An stdClass object representing the user, or false if it does not exist
See
|
public
mixed
|
#
getByUsername( string $username )
Fetches a user
Parameters
- $username
string
$username The username to fetch Returns
mixed
An stdClass object representing the user, or false if it does not exist
See
|
public
|
#
getOtp( integer $user_id, string $otp )
Returns the one-time password record if it exists
Returns the one-time password record if it exists
Parameters
- $user_id
integer
$user_id The ID of the user to fetch on- $otp
string
$otp The one-time password to search for Reutrn
mixed An stdClass object representing this record, or false if it does not exist
|
public
array
|
#
getOtpModes( )
Return all One-time-password modes supported by the system
Return all One-time-password modes supported by the system
Returns
array
An array of key/value pairs consisting of the OTP mode (the key) and it's
friendly name (the value)
|
public
|
#
addOtp( integer $user_id, string $otp )
Adds the one-time password record to the system so we can ensure it is not
used again.
Adds the one-time password record to the system so we can ensure it is not
used again.
Parameters
- $user_id
integer
$user_id The ID of the user to record the one-time password for- $otp
string
$otp The one-time password to record
|
public
mixed
|
#
requiredOtpMode( string $user )
Fetches the one-time password mode required to authenticate this user
Fetches the one-time password mode required to authenticate this user
Parameters
- $user
string
The ID or username of the user to fetch the required OTP mode Returns
mixed
A string containing the type of OTP mode, false if the user does not exist or no
mode is set
|
public
boolean
|
#
validateTwoFactorMode( string $mode )
Validates the user's 'two_factor_mode' field
Validates the user's 'two_factor_mode' field
Parameters
- $mode
string
$mode The two factor mode to check Returns
boolean
True if validated, false otherwise
|
public
|
#
validateTwoFactorKey( string $key, string $mode )
Validates the user's 'two_factor_key'
Validates the user's 'two_factor_key'
Parameters
- $key
string
$key The two factor key- $mode
string
$mode The two factor mode Retrun
boolean True if valid, false otherwise
|
public
boolean
|
#
validatePasswordEquals( string $password, integer $user_id )
Validates the given password matches the one on record
Validates the given password matches the one on record
Parameters
- $password
string
$password The encrypted password to check- $user_id
integer
$user_id The user ID of the user to check against Returns
boolean
True if the passwords are equivalent, false otherwise
|
public
boolean
|
#
validateUniqueUser( string $username, integer $user_id )
Validates the given username is unique across all users, besides $user_id
Validates the given username is unique across all users, besides $user_id
Parameters
- $username
string
$username The username to be validated against the user ID- $user_id
integer
$user_id A user ID Returns
boolean
True if the username is unique for all users (besides this $user_id), false
otherwise
|
public
string
|
#
hashPassword( string $password )
Computes an HMAC sha-256 hash of the given password, then hashes that using
the best hashing algorithm available on the system
Computes an HMAC sha-256 hash of the given password, then hashes that using
the best hashing algorithm available on the system
Parameters
- $password
string
$password The password to hash Returns
string
The hashed password
|
public
boolean
|
#
checkPassword( string $password, string $stored_hash, string $algorithm = null )
Verifies whether or not the given plain-text password produces the supplied
hash.
Verifies whether or not the given plain-text password produces the supplied
hash.
Parameters
- $password
string
$password The password to validate- $stored_hash
string
$stored_hash The hash to verify the password against- $algorithm
string
$algorithm The algorithm to use for validating the password Returns
boolean
True if the password is good, false otherwise
|
public
boolean
|
#
validateClientsExist( integer $user_id )
Validates that at least one client is assigned to this user
Validates that at least one client is assigned to this user
Parameters
- $user_id
integer
$user_id The ID of the user Returns
boolean
True if at least one client is assigned to this user, false otherwise
|
public
boolean
|
#
validateLoginAttempts( string $username, string $ip_address )
Validates whether the user has made too many failed attempts to login
Validates whether the user has made too many failed attempts to login
Parameters
- $username
string
$username The username- $ip_address
string
$ip_address The IP address from which the login took place Returns
boolean
False if there has been too many failed login attempts, true otherwise
|
