docs/_user_2_authenticator_2_http_8php_source.html

 <?php

 namespace Rsi\Fred\User\Authenticator;

 class Http extends \Rsi\Fred\User\Authenticator{

   const EVENT_PASSWORD = 'user:authenticator:http:password';

   public $realm = 'FRED™';

   public function check(){
     if(!$this->controllerName){
       if(
         ($data = $this->digest()) &&
         $this->verify($data,$this->component('event')->trigger(self::EVENT_PASSWORD,$this,$data['username']))
       ) return true;
       $this->prompt();
       $this->_fred->halt();
     }
     return null;
   }

   public function invalidate(){
     if($this->checked && !headers_sent()) http_response_code(401); //Unauthorized
     parent::invalidate();
   }
   /**
    * Send headers for the digest prompt.
    */
   public function prompt(){
     http_response_code(401); //Unauthorized
     header('WWW-Authenticate: Digest realm="' . $this->realm . '",qop="auth",nonce="' . uniqid() . '",opaque="' . $this->hash([$this->realm]) . '"');
   }
   /**
    * Retrieve data from authentication digest.
    * @return array  Empty when digest not present not, false when incomplete.
    */
   public function digest(){
     $data = [];
     if(array_key_exists('PHP_AUTH_DIGEST',$_SERVER)) foreach(['nonce','nc','cnonce','qop','username','uri','response'] as $key)
       if(preg_match('/' . $key . '=(?:([\'"])([^\\1]+?)\\1|([^\\s,]+))/',$_SERVER['PHP_AUTH_DIGEST'],$match)) $data[$key] = $match[2] ?: $match[3];
       else return false;
     return $data;
   }

   protected function hash($data){
     return md5(implode(':',$data));
   }
   /**
    * Verify a password.
    * @param array $data  Data from digest().
    * @param string $password  Correct password for $data['username'].
    * @return bool  True when correct.
    */
   public function verify($data,$password){
     $this->verified(($data['response'] == $this->hash([
       $this->hash([$data['username'],$this->realm,$password]),
       $data['nonce'],$data['nc'],$data['cnonce'],$data['qop'],
       $this->hash([$_SERVER['REQUEST_METHOD'],$data['uri']])
     ])) ?: null);
     if(!$this->checked && !headers_sent()) http_response_code(401); //Unauthorized
     return $this->checked;
   }

 }
Rsi\Fred\User\Authenticator\Http\verify
verify($data, $password)
Verify a password.
Definition: Http.php:55

Rsi\Fred\User\Authenticator\Http\digest
digest()
Retrieve data from authentication digest.
Definition: Http.php:38

Rsi\Fred\User\Authenticator\Http\$realm
$realm
Definition: Http.php:9

Rsi\Fred\User\Authenticator\Http\hash
hash($data)
Definition: Http.php:46

Rsi\Fred\User\Authenticator\Http\invalidate
invalidate()
Definition: Http.php:23

Rsi\Fred\User\Authenticator\Http\prompt
prompt()
Send headers for the digest prompt.
Definition: Http.php:30

Rsi\Fred\User\Authenticator\Http
Definition: Http.php:5

Rsi\Fred\User\Authenticator\Http\EVENT_PASSWORD
const EVENT_PASSWORD
Definition: Http.php:7

Rsi\Fred\User\Authenticator
Definition: GeoIp.php:3

Rsi\Fred\User\Authenticator\verified
verified($result)
Process the result of a verification.
Definition: Authenticator.php:23

Rsi\Fred\User\Authenticator\Http\check
check()
Definition: Http.php:11

Rsi\Fred\Component\component
component($name)
Get a component (local or default).
Definition: Component.php:80