\apex\app\sysauth

Authentication Library

Service: apex\utils\auth

Handles all authentication functionality including checking for a valid session and whether or not a user is authenticated, 2FA requests, invalid / expired logins, etc.

This class is available within the services container, meaning its methods can be accessed statically via the service singleton as shown below.

PHP Example

</php

namespace apex;

use apex\app; use apex\services\auth;

// Auto login a user $userid = 582; auth::auto_login($userid);

Summary

Methods
Properties
Constants
__construct()
check_login()
login()
auto_login()
logout()
invalid_login()
check_password()
authenticate_2fa_email()
authenticate_2fa_sms()
get_encpass()
recaptcha()
No public properties found
No constants found
check_security_question()
check_ip_restrictions()
No protected properties found
N/A
check_for_session()
create_session()
add_page_history()
$user_class
$recipient
$users_table
$cookie_name
$user_type
$is_invalid
$expire_secs
$password_retries_allowed
$force_password_reset_time
$require_2fa
N/A

Properties

$user_class

$user_class : 

Type

$recipient

$recipient : 

Type

$users_table

$users_table : 

Type

$cookie_name

$cookie_name : 

Type

$user_type

$user_type : 

Type

$is_invalid

$is_invalid : 

Type

$expire_secs

$expire_secs : 

Type

$password_retries_allowed

$password_retries_allowed : 

Type

$force_password_reset_time

$force_password_reset_time : 

Type

$require_2fa

$require_2fa : 

Type

Methods

__construct()

__construct() 

Constructor. Grab some injected dependencies, and set a few basic variables.

check_login()

check_login(boolean  $require_login = false) 

Check whether or not a user is authenticated.

Parameters

boolean $require_login

Whether or not authentication is required for this request. if true, and not authenticated, the login page will be displayed.

login()

login() 

Login a user.

auto_login()

auto_login(integer  $userid) 

Auto login a user. Generally used by administrator to remotely login to a user account, and for unit tests.

Parameters

integer $userid

The ID# of the user to login as.

logout()

logout() 

Logs out a user

invalid_login()

invalid_login(string  $type = 'none') 

Process invalid login

Processes an invalid login, and outputs the login.tpl template with any necessary user message (eg. invalid user / pass submitted). (

Parameters

string $type

The type / reason for the invalid login (eg. expired, invalid, etc.)

check_password()

check_password(string  $username, string  $password) : boolean

Checks a username / password if it's valid, and nothing more. Used for APIs, such as the /repo/ JSON API.

Parameters

string $username

The username to check.

string $password

The password to check.

Returns

boolean —

Whther or not the username / password is valid.

authenticate_2fa_email()

authenticate_2fa_email(integer  $is_login) 

Conduct 2FA authentication via e-mail.

Parameters

integer $is_login

A 1/0 defining whether or not the 2FA is for a user login.

authenticate_2fa_sms()

authenticate_2fa_sms() 

Conduct 2FA authentication via SMS

get_encpass()

get_encpass() 

Get encryption password frp, the aith sessopm/

recaptcha()

recaptcha() : boolean

Authenticate the Google reCaptcha

Returns

boolean —

Whether or not the authentication was successful

check_security_question()

check_security_question(integer  $userid, string  $chk_sec_hash) 

Check secondary security question

Check Security Question

Checks user for secondary question. If the system can not recognize the user has previously logged in from this browser / computer, will prompt the user to answer a pre-defined security question.

Parameters

integer $userid

The userid of the user being checked.

string $chk_sec_hash

The secondary cookie hash currently in their profile. if exists, the device is recognized, hence no question asked.

check_ip_restrictions()

check_ip_restrictions(integer  $userid) : boolean

Checks the user's IP address against any IP restrictions that have been pre-defined and are are in the database.

Parameters

integer $userid

The ID# of the user to check IP restrictions for

Returns

boolean —

Whther or not the check was successful

check_for_session()

check_for_session() 

Check for a session

create_session()

create_session(integer  $userid, integer  $require_2fa, integer  $require_2fa_phone) 

Create new login session

Parameters

integer $userid

The ID# of the user to login

integer $require_2fa

A 1/0 whether or not 2FA via e-mail is required

integer $require_2fa_phone

A 1/0 whether or not 2FA via phone is required

add_page_history()

add_page_history(integer  $history_id) 

Add page history

Parameters

integer $history_id

The ID# of the history session, logged in the auth session as 'history_id'