interface AuthenticationHandler implements IdentityStore (View source)

An AuthenticationHandler is responsible for providing an identity (in the form of a Member object) for a given HTTPRequest.

It should return the authenticated Member if successful. If a Member cannot be found from the current request it should not attempt to redirect the visitor to a log-in from or 3rd party handler, as that is the responsibiltiy of other systems.

Methods

public
logIn(Member $member, bool $persistent = false, HTTPRequest $request = null)

Log the given member into this identity store.

public
logOut(HTTPRequest $request = null)

Log any logged-in member out of this identity store.

public
Member|null
authenticateRequest(HTTPRequest $request)

Given the current request, authenticate the request for non-session authorization (outside the CMS).

Details

logIn(Member $member, bool $persistent = false, HTTPRequest $request = null)

Log the given member into this identity store.

Parameters

Member $member

The member to log in.

bool $persistent

boolean If set to true, the login may persist beyond the current session.

HTTPRequest $request

The request of the visitor that is logging in, to get, for example, cookies.

logOut(HTTPRequest $request = null)

Log any logged-in member out of this identity store.

Parameters

HTTPRequest $request

The request of the visitor that is logging out, to get, for example, cookies.

Member|null authenticateRequest(HTTPRequest $request)

Given the current request, authenticate the request for non-session authorization (outside the CMS).

The Member returned from this method will be provided to the Manager for use in the OperationResolver context in place of the current CMS member.

Authenticators can be given a priority. In this case, the authenticator with the highest priority will be returned first. If not provided, it will default to a low number.

An example for configuring the BasicAuthAuthenticator:

SilverStripe\Security\Security:
  authentication_handlers:
    - SilverStripe\Security\BasicAuthentionHandler

Parameters

HTTPRequest $request

The current HTTP request

Return Value

Member|null

The authenticated Member, or null if this auth mechanism isn't used.

Exceptions

ValidationException