class vB_Library_Login extends vB_Library

vB_Library_Login

Traits

Properties

static protected $instance from vB_Library

Methods

__sleep()

No description

__wakeup()

No description

__construct()

No description

static vB_PageCache
instance($class)

Returns singleton instance of self.

static 
getLibraryClassNameInternal($controller)

No description

static 
getContentInstance($contenttypeid)

No description

static 
clearCache()

No description

verifyPasswordFromInfo($login, $passwords)

Verify a login value

array
verifyRememberMeFromInfo(array $login, string $remembermetoken)

Verify the remember token.

no
setPassword(int $userid, string $password, array $checkOptions, array $checkOverrides = array())

Change the password for a user

importPasswordSchemes()

Load the scheme files from xml files

getSchemesByPriority($schemeArray)

No description

array
readPasswordSchemes(string $xmldir)

Fetch the scheme files from disk and returned the parsed arrays

processPasswordSchemes($schemeArrays)

No description

verifyMd5(string $md5)

Verify that a string value is an md5 hash

boolean
checkPasswordHistory(integer $userid, string $fe_password, integer $lookback)

Checks to see if a password is in the user's password history

updatePasswordHistory($userid, $data)

Inserts a record into the password history table if the user's password has changed

generateRememberMeToken($passwordtoken, $salt)

No description

resetMfaSecret($userid)

No description

setMfaEnabled($userid, $enabled)

No description

verifyMfa($secretkey, $thistry, $relaxedmode)

Check the Verification Code entered by the user.

Details

in vB_Trait_NoSerialize at line 15
__sleep()

in vB_Trait_NoSerialize at line 20
__wakeup()

in vB_Library at line 25
protected __construct()

in vB_Library at line 35
static vB_PageCache instance($class)

Returns singleton instance of self.

Parameters

$class

Return Value

vB_PageCache
  • Reference to singleton instance of the cache handler

in vB_Library at line 52
static protected getLibraryClassNameInternal($controller)

Parameters

$controller

in vB_Library at line 91
static getContentInstance($contenttypeid)

Parameters

$contenttypeid

in vB_Library at line 99
static clearCache()

at line 57
verifyPasswordFromInfo($login, $passwords)

Verify a login value

In addition to the user's password, we'll verify do a couple of additional things * If the password hash scheme is disabled, we'll reject the login entirely * If the scheme is not current, we will attempt to quietly rehash * If the scheme has been deprecated and we cannot rehash, then we'll expire the password.

Parameters

$login
$passwords

at line 129
array verifyRememberMeFromInfo(array $login, string $remembermetoken)

Verify the remember token.

This verifies if the "rememberme" token returned by the password verification function is valid for the given user

Parameters

array $login login information * token -- the user's password token * scheme -- the user's password scheme
string $remembermetoken -- The token to checka

Return Value

array
  • auth (boolean) -- true if the rememberme token matches, false otherwise
    • remembermetoken (string) -- the "current" rememberme token. This will be the same as the rememberme token passed in unless we validated based on a legacy value. This should be used to update the rememberme value stored with the client. If the auth failed, this will be blank.

at line 173
no setPassword(int $userid, string $password, array $checkOptions, array $checkOverrides = array())

Change the password for a user

Parameters

int $userid -- the id of the user to change the passwordor
string $password -- the passsword to use for the new hash. May be md5 encoded.
array $checkOptions -- values for permission checks. These are all required (though they might be ignored if the specific check is skipped). * passwordhistorylength -- The number of days to look back for duplicate passwords
array $checkOverrides -- checks to skip. This will usually be based on user permissions, but we shouldn't check those in the library. All of these fields are optional. If not set or set to false, the check will be performed. If set to true, then the check will be skipped. * passwordhistory -- skip the check for the password history for this user. Will will still store the password set in the history

Return Value

no return. Will throw an exception if setting the password fails.

Exceptions

vB_Exception_Api with the following possible errors * usernotfound -- The userid does not exist. * invalidpassword -- The password does not meet the configured standards for the site. Currently this only checks that the password is not the same as the username, but the caller should not assume that this is the only reason because this is likely to change in the future

at line 265
importPasswordSchemes()

Load the scheme files from xml files

at line 280
protected getSchemesByPriority($schemeArray)

Parameters

$schemeArray

at line 314
protected array readPasswordSchemes(string $xmldir)

Fetch the scheme files from disk and returned the parsed arrays

Parameters

string $xmldir the directory the xml files are located in

Return Value

array the password scheme data in the form array ('scheme' => array('priority' => $n)) Note that the scheme is an array for potential future expansion.

at line 353
protected processPasswordSchemes($schemeArrays)

Parameters

$schemeArrays

at line 394
protected verifyMd5(string $md5)

Verify that a string value is an md5 hash

Parameters

string $md5 -- string to check for an md5 hash.

at line 439
protected boolean checkPasswordHistory(integer $userid, string $fe_password, integer $lookback)

Checks to see if a password is in the user's password history

Will also delete any expired records in the password history.

Parameters

integer $userid User ID
string $fe_password -- the frontend encoded password
integer $lookback The time period to look back for passwords in seconds

Return Value

boolean Returns true if password is in the history

at line 481
protected updatePasswordHistory($userid, $data)

Inserts a record into the password history table if the user's password has changed

Parameters

$userid
$data

at line 495
protected generateRememberMeToken($passwordtoken, $salt)

Parameters

$passwordtoken
$salt

at line 505
resetMfaSecret($userid)

Parameters

$userid

at line 540
setMfaEnabled($userid, $enabled)

Parameters

$userid
$enabled

at line 553
verifyMfa($secretkey, $thistry, $relaxedmode)

Check the Verification Code entered by the user.

Parameters

$secretkey
$thistry
$relaxedmode