SilverStripe\Security\BasicAuth

SilverStripe

class BasicAuth

Provides an interface to HTTP basic authentication.

This utility class can be used to secure any request with basic authentication. To do so, {@link BasicAuth::requireLogin()} from your Controller's init() method or action handler method.

It also has a function to protect your entire site. See {@link BasicAuth::protect_entire_site()} for more information. You can control this setting on controller-level by using {@link Controller->basicAuthEnabled}.

Traits

Configurable

Provides extensions to this object to integrate it with standard config API methods.

Constants

USE_BASIC_AUTH

Env var to set to enable basic auth

AUTH_PERMISSION

Default permission code

Config options

entire_site_protected	Boolean
entire_site_protected_code	String\|array
entire_site_protected_message	String

Methods

static Config_ForClass

config()

Get a configuration accessor for this class. Short hand for Config::inst()->get($this->class, .

from Configurable

mixed

stat(string $name) ^deprecated

Get inherited config value

from Configurable

mixed

uninherited(string $name)

Gets the uninherited value for the given config option

from Configurable

$this

set_stat(string $name, mixed $value) ^deprecated

Update the config value for a given property

from Configurable

static bool|Member

requireLogin(HTTPRequest $request, string $realm, string|array $permissionCode = null, boolean $tryUsingSessionLogin = true)

Require basic authentication. Will request a username and password if none is given.

static

protect_entire_site(boolean $protect = true, string $code = self::AUTH_PERMISSION, string $message = null)

Enable protection of the entire site with basic authentication.

static

protect_site_if_necessary(HTTPRequest $request = null)

Call {@link BasicAuth::requireLogin()} if {@link BasicAuth::protect_entire_site()} has been called.

Details

in Configurable at line 20
`static Config_ForClass config()`

Get a configuration accessor for this class. Short hand for Config::inst()->get($this->class, .

....).

Return Value

Config_ForClass

in Configurable at line 32
`mixed stat(string $name) ^deprecated`

^deprecated 5.0 Use ->config()->get() instead

Get inherited config value

Parameters

string

$name

Return Value

mixed

in Configurable at line 44
`mixed uninherited(string $name)`

Gets the uninherited value for the given config option

Parameters

string

$name

Return Value

mixed

in Configurable at line 57
`$this set_stat(string $name, mixed $value) ^deprecated`

^deprecated 5.0 Use ->config()->set() instead

Update the config value for a given property

Parameters

string	$name
mixed	$value

Return Value

$this

at line 81
`static bool|Member requireLogin(HTTPRequest $request, string $realm, string|array $permissionCode = null, boolean $tryUsingSessionLogin = true)`

Require basic authentication. Will request a username and password if none is given.

Used by {@link Controller::init()}.

Parameters

HTTPRequest	$request
string	$realm
string\|array	$permissionCode	Optional
boolean	$tryUsingSessionLogin	If true, then the method with authenticate against the session log-in if those credentials are disabled.

Return Value

bool|Member

Exceptions

HTTPResponse_Exception

at line 184
`static protect_entire_site(boolean $protect = true, string $code = self::AUTH_PERMISSION, string $message = null)`

Enable protection of the entire site with basic authentication.

This log-in uses the Member database for authentication, but doesn't interfere with the regular log-in form. This can be useful for test sites, where you want to hide the site away from prying eyes, but still be able to test the regular log-in features of the site.

You can also enable this feature by adding this line to your .env. Set this to a permission code you wish to require.

SS_USE_BASIC_AUTH=ADMIN

Parameters

boolean	$protect	Set this to false to disable protection.
string	$code	{@link Permission} code that is required from the user. Defaults to "ADMIN". Set to NULL to just require a valid login, regardless of the permission codes a user has.
string	$message

at line 204
`static protect_site_if_necessary(HTTPRequest $request = null)`

Call {@link BasicAuth::requireLogin()} if {@link BasicAuth::protect_entire_site()} has been called.

This is a helper function used by {@link Controller::init()}.

If you want to enabled protection (rather than enforcing it), please use {@link protect_entire_site()}.

Parameters

HTTPRequest

$request

Exceptions

HTTPResponse_Exception

BasicAuth

Traits

Constants

Config options

Methods

Details

in Configurable at line 20 static Config_ForClass config()

Return Value

in Configurable at line 32 mixed stat(string $name) deprecated

Parameters

Return Value

in Configurable at line 44 mixed uninherited(string $name)

Parameters

Return Value

in Configurable at line 57 $this set_stat(string $name, mixed $value) deprecated

Parameters

Return Value

at line 81 static bool|Member requireLogin(HTTPRequest $request, string $realm, string|array $permissionCode = null, boolean $tryUsingSessionLogin = true)

Parameters

Return Value

Exceptions

at line 184 static protect_entire_site(boolean $protect = true, string $code = self::AUTH_PERMISSION, string $message = null)

Parameters

at line 204 static protect_site_if_necessary(HTTPRequest $request = null)

Parameters

Exceptions

in Configurable at line 20
`static Config_ForClass config()`

in Configurable at line 32
`mixed stat(string $name) ^deprecated`

in Configurable at line 44
`mixed uninherited(string $name)`

in Configurable at line 57
`$this set_stat(string $name, mixed $value) ^deprecated`

at line 81
`static bool|Member requireLogin(HTTPRequest $request, string $realm, string|array $permissionCode = null, boolean $tryUsingSessionLogin = true)`

at line 184
`static protect_entire_site(boolean $protect = true, string $code = self::AUTH_PERMISSION, string $message = null)`

at line 204
`static protect_site_if_necessary(HTTPRequest $request = null)`