Interface ApiAuthInterface

Describe the methods that every API Auth Component should comply with API auth should be a token based authentication that uses 'access_token' and 'refresh_token'

Direct known implementers

ApiAuthComponent

Located at controllers/components/api_auth_interface.php

Methods summary

`public array\|boolean`	# `identify( )` Identify and return an user starting from an access_token Return false if it's not possible to identify a user Identify and return an user starting from an access_token Return false if it's not possible to identify a user Returns array\|boolean Either array of user information or false
`public boolean`	# `authenticate( string $username, string $password, array $authGroupName = array() )` Authenticate a user based on username and password Authenticate a user based on username and password Parameters `$username` the username `$password` the user password `$authGroupName` an array of groups authorized to access API Returns boolean
`public string\|null`	# `generateToken( )` Generate and return a new access_token If user is not identified/authenticated it returns null Generate and return a new access_token If user is not identified/authenticated it returns null Returns string\|null
`public string\|boolean`	# `renewToken( string $refreshToken )` Renew an access_token using a refresh token If it fails then return false Renew an access_token using a refresh token If it fails then return false Parameters `$refreshToken` the refresh token Returns string\|boolean
`public string\|boolean`	# `generateRefreshToken( )` Generate a refresh token to use for renew an access_token The refresh token should be saved in hash_jobs table If user is not identified/authenticated then return false Generate a refresh token to use for renew an access_token The refresh token should be saved in hash_jobs table If user is not identified/authenticated then return false Returns string\|boolean
`public boolean`	# `revokeRefreshToken( string $refreshToken )` Revoke a refresh token If user is not identified/authenticated then return false Revoke a refresh token If user is not identified/authenticated then return false Parameters `$refreshToken` the refresh token to remove Returns boolean
`public string\|boolean`	# `getToken( )` Return the access_token reading from Authorization header or from query url Return false if no token is found Return the access_token reading from Authorization header or from query url Return false if no token is found Returns string\|boolean
`public integer`	# `expiresIn( )` Return the updated time to access_token expiration (in seconds) Return the updated time to access_token expiration (in seconds) Returns integer
`public string`	# `userid( )` Return the userid It replaces BeAuthComponent::userid() in API context Return the userid It replaces BeAuthComponent::userid() in API context Returns string
`public array`	# `getUserSession( )` Return the user data it replaces BeAuthComponent::getUserSession() in API context Return the user data it replaces BeAuthComponent::getUserSession() in API context Returns array
`public array`	# `getUser( )` Get the current identified/authenticated user It replaces BeAuthComponent::getUser() in API context Get the current identified/authenticated user It replaces BeAuthComponent::getUser() in API context Returns array