Main Page | Class Hierarchy | Alphabetical List | Class List | File List | Class Members | File Members | Related Pages

fbHMAC_Login Class Reference

Inheritance diagram for fbHMAC_Login:

Inheritance graph
[legend]
List of all members.

Detailed Description

Secure login via HMAC authentication.

Todo:
add support for sha1

Definition at line 116 of file HMAC_Login.php.

Public Member Functions

 getLastErrno ()
 getLastError ()
 setMaxAttempts ($max_attempts)
 setChallengeTable ($challenge_table)
 setLoginTable ($login_table)
 setLoginField ($login_field)
 setPasswordField ($password_field)
 connect ($host= '', $user= '', $password= '', $database= '', $driver= '')
 close ()
 getChallenge ()
 _getChallenge ($max_id, $attempts)
 validate ($challenge, $response, $login, $password)
 getPassword ($login)
 deleteUnused ($days=null)
 deleteUsed ($days)
 deletePercentage ($percent)
 checkAddress ($check_address)
 checkReferer ($check_referer)
 checkUserAgent ($check_user_agent)

Private Member Functions

 _setDbError ()
 _setError ($errno)
 setTimeout ($seconds)

Private Attributes

 $_dbh
 $_last_errno
 $_last_error
 $_timeout = FB_HMAC_LOGIN_TIMEOUT_SECONDS
 $_max_attempts = FB_HMAC_LOGIN_MAX_ATTEMPTS
 $_challenge_table = 'challenges'
 $_login_table = 'logins'
 $_login_field = 'login'
 $_password_field = 'password'


Member Function Documentation

fbHMAC_Login::_getChallenge max_id,
attempts
 

Get the next random challenge.

Returns:
string A 22 character challenge, or false if unsuccessful.

Definition at line 351 of file HMAC_Login.php.

References fbRandom::getInstance().

Referenced by fbHMAC_Login_MySQL::getChallenge(), and fbHMAC_Login_ADOdb::getChallenge().

fbHMAC_Login::_setDbError  )  [private]
 

Set the last error/errno to the last database error.

Reimplemented in fbHMAC_Login_ADOdb, and fbHMAC_Login_MySQL.

Definition at line 182 of file HMAC_Login.php.

fbHMAC_Login::_setError errno  )  [private]
 

Set the last error/errno to $errno.

Definition at line 191 of file HMAC_Login.php.

References FB_HMAC_LOGIN_ERROR_BAD_CHALLENGE, FB_HMAC_LOGIN_ERROR_BAD_PASSWORD, FB_HMAC_LOGIN_ERROR_INVALID_CHALLENGE, FB_HMAC_LOGIN_ERROR_INVALID_LOGIN, FB_HMAC_LOGIN_ERROR_INVALID_PASSWORD, FB_HMAC_LOGIN_ERROR_LOGIN_EXPIRED, FB_HMAC_LOGIN_ERROR_NO_CHALLENGE, FB_HMAC_LOGIN_ERROR_NOT_CONNECTED, FB_HMAC_LOGIN_ERROR_UNSAFE_BAD_PASSWORD, and FB_HMAC_LOGIN_ERROR_UNSAFE_PASSWORD.

Referenced by fbHMAC_Login_MySQL::deletePercentage(), fbHMAC_Login_ADOdb::deletePercentage(), fbHMAC_Login_MySQL::deleteUnused(), fbHMAC_Login_ADOdb::deleteUnused(), fbHMAC_Login_MySQL::deleteUsed(), fbHMAC_Login_ADOdb::deleteUsed(), fbHMAC_Login_MySQL::getChallenge(), fbHMAC_Login_ADOdb::getChallenge(), fbHMAC_Login_MySQL::getPassword(), fbHMAC_Login_ADOdb::getPassword(), fbHMAC_Login_MySQL::validate(), and fbHMAC_Login_ADOdb::validate().

fbHMAC_Login::checkAddress check_address  ) 
 

Todo:
Implement checkAddress() ?
Parameters:
$check_address string
Returns:
bool

Definition at line 452 of file HMAC_Login.php.

fbHMAC_Login::checkReferer check_referer  ) 
 

Todo:
Implement checkReferer() ?
Parameters:
$check_referer string
Returns:
bool

Definition at line 461 of file HMAC_Login.php.

fbHMAC_Login::checkUserAgent check_user_agent  ) 
 

Todo:
Implement checkUserAgent() ?
Parameters:
$check_user_agent string
Returns:
bool

Definition at line 470 of file HMAC_Login.php.

fbHMAC_Login::close  ) 
 

Disconnect from the database.

Can be safely called if we're already disconnected.

Returns:
true if successful, otherwise false.

Reimplemented in fbHMAC_Login_ADOdb, and fbHMAC_Login_MySQL.

Definition at line 331 of file HMAC_Login.php.

fbHMAC_Login::connect host = '',
user = '',
password = '',
database = '',
driver = ''
 

Connect to the database.

Parameters:
$host string
$user string
$password string
$database string
$driver string
Returns:
true if successful, otherwise false.

Reimplemented in fbHMAC_Login_ADOdb.

Definition at line 318 of file HMAC_Login.php.

fbHMAC_Login::deletePercentage percent  ) 
 

Delete a percentage of the oldest records in the challenges table.

Deletes the oldest records first.

Parameters:
$percent int The percentage of records to delete, 0 for none, 100 for all.
Returns:
bool true if successful, otherwise false.

Reimplemented in fbHMAC_Login_ADOdb, and fbHMAC_Login_MySQL.

Definition at line 441 of file HMAC_Login.php.

fbHMAC_Login::deleteUnused days = null  ) 
 

Delete unused records that were never used and have expired in the challenges table.

These records were created when the user displayed the login page, but the user never subsequently logged in, leaving an used record in the challenges table.

Parameters:
$days int The number of days old a record has to be in order to be deleted. If 0, or unspecified, all records older than the timeout (default is 15 minutes) will be deleted.
Returns:
bool true if successful, otherwise false.

Reimplemented in fbHMAC_Login_ADOdb, and fbHMAC_Login_MySQL.

Definition at line 414 of file HMAC_Login.php.

fbHMAC_Login::deleteUsed days  ) 
 

Delete used records in the challenges table.

Parameters:
$days int The number of days old a record has to be in order to be deleted. If 0, or unspecified, all records older than the timeout (default is 15 minutes) will be deleted.
Returns:
bool true if successful, otherwise false.

Reimplemented in fbHMAC_Login_ADOdb, and fbHMAC_Login_MySQL.

Definition at line 427 of file HMAC_Login.php.

fbHMAC_Login::getChallenge  ) 
 

Get the next random challenge.

Returns:
string A 22 character challenge, or false if unsuccessful.

Reimplemented in fbHMAC_Login_ADOdb, and fbHMAC_Login_MySQL.

Definition at line 341 of file HMAC_Login.php.

fbHMAC_Login::getLastErrno  ) 
 

Get last error number, or 0 if no error has yet occured.

Returns:
int The last error number.

Definition at line 220 of file HMAC_Login.php.

fbHMAC_Login::getLastError  ) 
 

Get last error message, or '' of no error has yet occured.

Returns:
string The last error message.

Definition at line 229 of file HMAC_Login.php.

fbHMAC_Login::getPassword login  ) 
 

Get the password associated with the login $login.

Parameters:
$login string Login name to retrieve password for.
Returns:
bool true if successful, otherwise false.

Reimplemented in fbHMAC_Login_ADOdb, and fbHMAC_Login_MySQL.

Definition at line 395 of file HMAC_Login.php.

fbHMAC_Login::setChallengeTable challenge_table  ) 
 

Set the name for SQL table containing challenges, default is 'challenges'

Parameters:
$challenge_table string Name for SQL table containing challenges.
Returns:
void

Definition at line 254 of file HMAC_Login.php.

fbHMAC_Login::setLoginField login_field  ) 
 

Set name for SQL field containing login name in login table, default is 'login'.

Parameters:
$login_field string name for SQL field containing login name in login table.
Returns:
void

Definition at line 280 of file HMAC_Login.php.

fbHMAC_Login::setLoginTable login_table  ) 
 

Set name for SQL table containing login/password, default is 'logins'.

Parameters:
$login_table string name for SQL table containing login/password.
Returns:
void

Definition at line 267 of file HMAC_Login.php.

fbHMAC_Login::setMaxAttempts max_attempts  ) 
 

Set the maximum attempts to generate a new challenge to $max_attempts.

Parameters:
$max_attempts int the the maximum attempts to generate a new challenge.
Returns:
void

Definition at line 241 of file HMAC_Login.php.

fbHMAC_Login::setPasswordField password_field  ) 
 

Set name for SQL field containing password in login table, default is 'password'.

Parameters:
$password_field string name for SQL field containing password in login table.
Returns:
void

Definition at line 293 of file HMAC_Login.php.

fbHMAC_Login::setTimeout seconds  )  [private]
 

Set the number of seconds to login before timing out, default is 15 minutes

Parameters:
$seconds int The number of seconds to login before timing out

Definition at line 303 of file HMAC_Login.php.

fbHMAC_Login::validate challenge,
response,
login,
password
 

Validate the $response.

Will work if JavaScript is turned off on the client, but the password we be sent as clear text.

Parameters:
$challenge string 22 character challenge generated via getChallenge().
$response string 32 character response generated on the client.
$login string Login name entered by user.
$password string Password entered by user.
Returns:
bool true if successful, otherwise false.

Reimplemented in fbHMAC_Login_ADOdb, and fbHMAC_Login_MySQL.

Definition at line 384 of file HMAC_Login.php.


Member Data Documentation

fbHMAC_Login::$_challenge_table = 'challenges' [private]
 

string name for SQL table containing challenges, default is 'challenges'.

Definition at line 154 of file HMAC_Login.php.

fbHMAC_Login::$_dbh [private]
 

resource Database handle.

Definition at line 121 of file HMAC_Login.php.

fbHMAC_Login::$_last_errno [private]
 

int Last error number.

Definition at line 127 of file HMAC_Login.php.

fbHMAC_Login::$_last_error [private]
 

string Last error message.

Definition at line 133 of file HMAC_Login.php.

fbHMAC_Login::$_login_field = 'login' [private]
 

string name for SQL field containing login name in logins table, default is 'login'.

Definition at line 168 of file HMAC_Login.php.

fbHMAC_Login::$_login_table = 'logins' [private]
 

string name for SQL table containing login/password, default is 'logins'.

Definition at line 161 of file HMAC_Login.php.

fbHMAC_Login::$_max_attempts = FB_HMAC_LOGIN_MAX_ATTEMPTS [private]
 

int Maximum number of attempts to generate a challenge before giving. up, default is 5

Definition at line 147 of file HMAC_Login.php.

fbHMAC_Login::$_password_field = 'password' [private]
 

string name for SQL field containing password in logins table, default is 'password'.

Definition at line 175 of file HMAC_Login.php.

fbHMAC_Login::$_timeout = FB_HMAC_LOGIN_TIMEOUT_SECONDS [private]
 

int Number of seconds to login before timing out, default is 15 minutes.

Definition at line 140 of file HMAC_Login.php.


The documentation for this class was generated from the following file:
Generated on Fri Mar 19 12:52:31 2004 for Freebeer by doxygen 1.3.6-20040222