class SessionGuard implements StatefulGuard, SupportsBasicAuth (View source)

Traits

These methods are typically the same across all guards.

Properties

protected Authenticatable|null $user

The currently authenticated user.

from  GuardHelpers
protected UserProvider $provider

The user provider implementation.

from  GuardHelpers
static protected array $macros

The registered string macros.

from  Macroable
string $name

The name of the guard. Typically "web".

protected Authenticatable $lastAttempted

The user we last attempted to retrieve.

protected bool $viaRemember

Indicates if the user was authenticated via a recaller cookie.

protected int $rememberDuration

The number of minutes that the "remember me" cookie should be valid for.

protected Session $session

The session used by the guard.

$cookie

The Illuminate cookie creator service.

protected Request $request

The request instance.

protected Dispatcher $events

The event dispatcher instance.

protected Timebox $timebox

The timebox instance.

protected bool $rehashOnLogin

Indicates if passwords should be rehashed on login if needed.

protected bool $loggedOut

Indicates if the logout method has been called.

protected bool $recallAttempted

Indicates if a token user retrieval has been attempted.

Methods

authenticate()

Determine if the current user is authenticated. If not, throw an exception.

bool
hasUser()

Determine if the guard has a user instance.

bool
check()

Determine if the current user is authenticated.

bool
guest()

Determine if the current user is a guest.

int|string|null
id()

Get the ID for the currently authenticated user.

$this
setUser(Authenticatable $user)

Set the current user.

$this
forgetUser()

Forget the current user.

getProvider()

Get the user provider used by the guard.

void
setProvider(UserProvider $provider)

Set the user provider used by the guard.

static void
macro(string $name, object|callable $macro)

Register a custom macro.

static void
mixin(object $mixin, bool $replace = true)

Mix another object into the class.

static bool
hasMacro(string $name)

Checks if macro is registered.

static void
flushMacros()

Flush the existing macros.

static mixed
__callStatic(string $method, array $parameters)

Dynamically handle calls to the class.

mixed
__call(string $method, array $parameters)

Dynamically handle calls to the class.

void
__construct(string $name, UserProvider $provider, Session $session, Request|null $request = null, Timebox|null $timebox = null, bool $rehashOnLogin = true)

Create a new authentication guard.

user()

Get the currently authenticated user.

mixed
userFromRecaller(Recaller $recaller)

Pull a user from the repository by its "remember me" cookie token.

Recaller|null
recaller()

Get the decrypted recaller cookie for the request.

bool
once(array $credentials = [])

Log a user into the application without sessions or cookies.

onceUsingId(mixed $id)

Log the given user ID into the application without sessions or cookies.

bool
validate(array $credentials = [])

Validate a user's credentials.

Response|null
basic(string $field = 'email', array $extraConditions = [])

Attempt to authenticate using HTTP Basic Auth.

Response|null
onceBasic(string $field = 'email', array $extraConditions = [])

Perform a stateless HTTP Basic login attempt.

bool
attemptBasic(Request $request, string $field, array $extraConditions = [])

Attempt to authenticate using basic authentication.

array
basicCredentials(Request $request, string $field)

Get the credential array for an HTTP Basic request.

void
failedBasicResponse()

Get the response for basic authentication.

bool
attempt(array $credentials = [], bool $remember = false)

Attempt to authenticate a user using the given credentials.

bool
attemptWhen(array $credentials = [], array|callable|null $callbacks = null, bool $remember = false)

Attempt to authenticate a user with credentials and additional callbacks.

bool
hasValidCredentials(mixed $user, array $credentials)

Determine if the user matches the credentials.

bool
shouldLogin(array|callable|null $callbacks, Authenticatable $user)

Determine if the user should login by executing the given callbacks.

void
rehashPasswordIfRequired(Authenticatable $user, array $credentials)

Rehash the user's password if enabled and required.

loginUsingId(mixed $id, bool $remember = false)

Log the given user ID into the application.

void
login(Authenticatable $user, bool $remember = false)

Log a user into the application.

void
updateSession(string $id)

Update the session with the given ID.

void
ensureRememberTokenIsSet(Authenticatable $user)

Create a new "remember me" token for the user if one doesn't already exist.

void
queueRecallerCookie(Authenticatable $user)

Queue the recaller cookie into the cookie jar.

Cookie
createRecaller(string $value)

Create a "remember me" cookie for a given ID.

void
logout()

Log the user out of the application.

void
logoutCurrentDevice()

Log the user out of the application on their current device only.

void
clearUserDataFromStorage()

Remove the user data from the session and cookies.

void
cycleRememberToken(Authenticatable $user)

Refresh the "remember me" token for the user.

logoutOtherDevices(string $password)

Invalidate other sessions for the current user.

rehashUserPasswordForDeviceLogout(string $password)

Rehash the current user's password for logging out other devices via AuthenticateSession.

void
attempting(mixed $callback)

Register an authentication attempt event listener.

void
fireAttemptEvent(array $credentials, bool $remember = false)

Fire the attempt event with the arguments.

void
fireValidatedEvent(Authenticatable $user)

Fires the validated event if the dispatcher is set.

void
fireLoginEvent(Authenticatable $user, bool $remember = false)

Fire the login event if the dispatcher is set.

void
fireAuthenticatedEvent(Authenticatable $user)

Fire the authenticated event if the dispatcher is set.

void
fireOtherDeviceLogoutEvent(Authenticatable $user)

Fire the other device logout event if the dispatcher is set.

void
fireFailedEvent(Authenticatable|null $user, array $credentials)

Fire the failed authentication attempt event with the given arguments.

getLastAttempted()

Get the last user we attempted to authenticate.

string
getName()

Get a unique identifier for the auth session value.

string
getRecallerName()

Get the name of the cookie used to store the "recaller".

bool
viaRemember()

Determine if the user was authenticated via "remember me" cookie.

int
getRememberDuration()

Get the number of minutes the remember me cookie should be valid for.

$this
setRememberDuration(int $minutes)

Set the number of minutes the remember me cookie should be valid for.

getCookieJar()

Get the cookie creator instance used by the guard.

void
setCookieJar(QueueingFactory $cookie)

Set the cookie creator instance used by the guard.

getDispatcher()

Get the event dispatcher instance.

void
setDispatcher(Dispatcher $events)

Set the event dispatcher instance.

getSession()

Get the session store used by the guard.

getUser()

Return the currently cached user.

Request
getRequest()

Get the current request instance.

$this
setRequest(Request $request)

Set the current request instance.

getTimebox()

Get the timebox instance used by the guard.

Details

Authenticatable authenticate()

Determine if the current user is authenticated. If not, throw an exception.

Return Value

Authenticatable

Exceptions

AuthenticationException

bool hasUser()

Determine if the guard has a user instance.

Return Value

bool

bool check()

Determine if the current user is authenticated.

Return Value

bool

bool guest()

Determine if the current user is a guest.

Return Value

bool

int|string|null id()

Get the ID for the currently authenticated user.

Return Value

int|string|null

$this setUser(Authenticatable $user)

Set the current user.

Parameters

Authenticatable $user

Return Value

$this

$this forgetUser()

Forget the current user.

Return Value

$this

UserProvider getProvider()

Get the user provider used by the guard.

Return Value

UserProvider

void setProvider(UserProvider $provider)

Set the user provider used by the guard.

Parameters

UserProvider $provider

Return Value

void

static void macro(string $name, object|callable $macro)

Register a custom macro.

Parameters

string $name
object|callable $macro

Return Value

void

static void mixin(object $mixin, bool $replace = true)

Mix another object into the class.

Parameters

object $mixin
bool $replace

Return Value

void

Exceptions

ReflectionException

static bool hasMacro(string $name)

Checks if macro is registered.

Parameters

string $name

Return Value

bool

static void flushMacros()

Flush the existing macros.

Return Value

void

static mixed __callStatic(string $method, array $parameters)

Dynamically handle calls to the class.

Parameters

string $method
array $parameters

Return Value

mixed

Exceptions

BadMethodCallException

mixed __call(string $method, array $parameters)

Dynamically handle calls to the class.

Parameters

string $method
array $parameters

Return Value

mixed

Exceptions

BadMethodCallException

void __construct(string $name, UserProvider $provider, Session $session, Request|null $request = null, Timebox|null $timebox = null, bool $rehashOnLogin = true)

Create a new authentication guard.

Parameters

string $name
UserProvider $provider
Session $session
Request|null $request
Timebox|null $timebox
bool $rehashOnLogin

Return Value

void

Authenticatable|null user()

Get the currently authenticated user.

Return Value

Authenticatable|null

protected mixed userFromRecaller(Recaller $recaller)

Pull a user from the repository by its "remember me" cookie token.

Parameters

Recaller $recaller

Return Value

mixed

protected Recaller|null recaller()

Get the decrypted recaller cookie for the request.

Return Value

Recaller|null

bool once(array $credentials = [])

Log a user into the application without sessions or cookies.

Parameters

array $credentials

Return Value

bool

Authenticatable|false onceUsingId(mixed $id)

Log the given user ID into the application without sessions or cookies.

Parameters

mixed $id

Return Value

Authenticatable|false

bool validate(array $credentials = [])

Validate a user's credentials.

Parameters

array $credentials

Return Value

bool

Response|null basic(string $field = 'email', array $extraConditions = [])

Attempt to authenticate using HTTP Basic Auth.

Parameters

string $field
array $extraConditions

Return Value

Response|null

Exceptions

UnauthorizedHttpException

Response|null onceBasic(string $field = 'email', array $extraConditions = [])

Perform a stateless HTTP Basic login attempt.

Parameters

string $field
array $extraConditions

Return Value

Response|null

Exceptions

UnauthorizedHttpException

protected bool attemptBasic(Request $request, string $field, array $extraConditions = [])

Attempt to authenticate using basic authentication.

Parameters

Request $request
string $field
array $extraConditions

Return Value

bool

protected array basicCredentials(Request $request, string $field)

Get the credential array for an HTTP Basic request.

Parameters

Request $request
string $field

Return Value

array

protected void failedBasicResponse()

Get the response for basic authentication.

Return Value

void

Exceptions

UnauthorizedHttpException

bool attempt(array $credentials = [], bool $remember = false)

Attempt to authenticate a user using the given credentials.

Parameters

array $credentials
bool $remember

Return Value

bool

bool attemptWhen(array $credentials = [], array|callable|null $callbacks = null, bool $remember = false)

Attempt to authenticate a user with credentials and additional callbacks.

Parameters

array $credentials
array|callable|null $callbacks
bool $remember

Return Value

bool

protected bool hasValidCredentials(mixed $user, array $credentials)

Determine if the user matches the credentials.

Parameters

mixed $user
array $credentials

Return Value

bool

protected bool shouldLogin(array|callable|null $callbacks, Authenticatable $user)

Determine if the user should login by executing the given callbacks.

Parameters

array|callable|null $callbacks
Authenticatable $user

Return Value

bool

protected void rehashPasswordIfRequired(Authenticatable $user, array $credentials)

Rehash the user's password if enabled and required.

Parameters

Authenticatable $user
array $credentials

Return Value

void

Authenticatable|false loginUsingId(mixed $id, bool $remember = false)

Log the given user ID into the application.

Parameters

mixed $id
bool $remember

Return Value

Authenticatable|false

void login(Authenticatable $user, bool $remember = false)

Log a user into the application.

Parameters

Authenticatable $user
bool $remember

Return Value

void

protected void updateSession(string $id)

Update the session with the given ID.

Parameters

string $id

Return Value

void

protected void ensureRememberTokenIsSet(Authenticatable $user)

Create a new "remember me" token for the user if one doesn't already exist.

Parameters

Authenticatable $user

Return Value

void

protected void queueRecallerCookie(Authenticatable $user)

Queue the recaller cookie into the cookie jar.

Parameters

Authenticatable $user

Return Value

void

protected Cookie createRecaller(string $value)

Create a "remember me" cookie for a given ID.

Parameters

string $value

Return Value

Cookie

void logout()

Log the user out of the application.

Return Value

void

void logoutCurrentDevice()

Log the user out of the application on their current device only.

This method does not cycle the "remember" token.

Return Value

void

protected void clearUserDataFromStorage()

Remove the user data from the session and cookies.

Return Value

void

protected void cycleRememberToken(Authenticatable $user)

Refresh the "remember me" token for the user.

Parameters

Authenticatable $user

Return Value

void

Authenticatable|null logoutOtherDevices(string $password)

Invalidate other sessions for the current user.

The application must be using the AuthenticateSession middleware.

Parameters

string $password

Return Value

Authenticatable|null

Exceptions

AuthenticationException

protected Authenticatable|null rehashUserPasswordForDeviceLogout(string $password)

Rehash the current user's password for logging out other devices via AuthenticateSession.

Parameters

string $password

Return Value

Authenticatable|null

Exceptions

InvalidArgumentException

void attempting(mixed $callback)

Register an authentication attempt event listener.

Parameters

mixed $callback

Return Value

void

protected void fireAttemptEvent(array $credentials, bool $remember = false)

Fire the attempt event with the arguments.

Parameters

array $credentials
bool $remember

Return Value

void

protected void fireValidatedEvent(Authenticatable $user)

Fires the validated event if the dispatcher is set.

Parameters

Authenticatable $user

Return Value

void

protected void fireLoginEvent(Authenticatable $user, bool $remember = false)

Fire the login event if the dispatcher is set.

Parameters

Authenticatable $user
bool $remember

Return Value

void

protected void fireAuthenticatedEvent(Authenticatable $user)

Fire the authenticated event if the dispatcher is set.

Parameters

Authenticatable $user

Return Value

void

protected void fireOtherDeviceLogoutEvent(Authenticatable $user)

Fire the other device logout event if the dispatcher is set.

Parameters

Authenticatable $user

Return Value

void

protected void fireFailedEvent(Authenticatable|null $user, array $credentials)

Fire the failed authentication attempt event with the given arguments.

Parameters

Authenticatable|null $user
array $credentials

Return Value

void

Authenticatable getLastAttempted()

Get the last user we attempted to authenticate.

Return Value

Authenticatable

string getName()

Get a unique identifier for the auth session value.

Return Value

string

string getRecallerName()

Get the name of the cookie used to store the "recaller".

Return Value

string

bool viaRemember()

Determine if the user was authenticated via "remember me" cookie.

Return Value

bool

protected int getRememberDuration()

Get the number of minutes the remember me cookie should be valid for.

Return Value

int

$this setRememberDuration(int $minutes)

Set the number of minutes the remember me cookie should be valid for.

Parameters

int $minutes

Return Value

$this

QueueingFactory getCookieJar()

Get the cookie creator instance used by the guard.

Return Value

QueueingFactory

Exceptions

RuntimeException

void setCookieJar(QueueingFactory $cookie)

Set the cookie creator instance used by the guard.

Parameters

QueueingFactory $cookie

Return Value

void

Dispatcher getDispatcher()

Get the event dispatcher instance.

Return Value

Dispatcher

void setDispatcher(Dispatcher $events)

Set the event dispatcher instance.

Parameters

Dispatcher $events

Return Value

void

Session getSession()

Get the session store used by the guard.

Return Value

Session

Authenticatable|null getUser()

Return the currently cached user.

Return Value

Authenticatable|null

Request getRequest()

Get the current request instance.

Return Value

Request

$this setRequest(Request $request)

Set the current request instance.

Parameters

Request $request

Return Value

$this

Timebox getTimebox()

Get the timebox instance used by the guard.

Return Value

Timebox