Skip to content

Manager


Methods

get

Retrieves the identity based on the provided user expose parameter.

public get(array|null $userExpose = null): array

Parameters:

Parameter Type Description
$userExpose array|null Optional parameter to specify user-related data exposure.

Return Value:

The resulting identity data array.


getIdentity

Retrieves the identity information based on the provided user expose parameter.

public getIdentity(array|null $userExpose = null): array

Parameters:

Parameter Type Description
$userExpose array|null Optional parameter specifying details for user data exposure.

Return Value:

An associative array containing identity details such as logged-in status, user data, impersonation, roles, and groups.


login

Handles the login process by validating the provided parameters, checking user credentials, and managing session state. Returns the login status along with any validation messages.

public login(array $params = []): array

Parameters:

Parameter Type Description
$params array Parameters for login, typically including 'email' and 'password'.

Return Value:

Contains login status, logged-in user information, and validation messages.


logout

Logs out the current user by removing the session identity and returns the login status.

public logout(): array

Return Value:

An associative array containing the user's login status and identity status after logout.


reset

Resets a user's password or generates a reset token for the user, depending on the input parameters.

public reset(array|null $params = null): array

Parameters:

Parameter Type Description
$params array|null Parameters including email, token,
password, and password confirmation for the reset operation.
- 'email': The user's email address.
- 'token': An optional reset token for password update.
- 'password': The new password to set (relevant with token).
- 'passwordConfirm': The confirmation of the new password.

Return Value:

An array containing the following keys: - 'saved': A boolean indicating whether the save operation was successful. - 'sent': A boolean indicating whether the reset token email was sent successfully. - 'messages': A collection of validation or processing messages.

Throws:


collectList

Collects and returns a list of entities from the specified property of the model, keyed by a method from each entity.

private collectList(\PhalconKit\Mvc\ModelInterface|null $model, string $property, string $keyMethod = 'getKey'): array

Parameters:

Parameter Type Description
$model \PhalconKit\Mvc\ModelInterface|null The model containing the property with the list of entities.
$property string The name of the property in the model that holds the list of entities.
$keyMethod string The name of the method in each entity used to generate the key. Defaults to 'getKey'.

Return Value:

An associative array of entities, keyed by the specified method from each entity.


Inherited methods

getUser

Return the current user or impersonated user object based on the session

public getUser(bool $as = false, bool|null $force = null): \PhalconKit\Models\Interfaces\UserInterface|null

Parameters:

Parameter Type Description
$as bool Flag to indicate whether to get the user as another user
$force bool|null Flag to indicate whether to force the retrieval of the user object

Return Value:

The user object or null if session is not available


setUser

Set the current user or impersonated user instance.

public setUser(\PhalconKit\Models\Interfaces\UserInterface|null $user): void

Parameters:

Parameter Type Description
$user \PhalconKit\Models\Interfaces\UserInterface|null The user instance to set or null to unset the current user.

getUserAs

Retrieve the original user when impersonating

public getUserAs(): \PhalconKit\Models\Interfaces\UserInterface|null

Return Value:

The user instance or null if not available.


setUserAs

Set the original user instance when impersonating

public setUserAs(\PhalconKit\Models\Interfaces\UserInterface|null $user): void

Parameters:

Parameter Type Description
$user \PhalconKit\Models\Interfaces\UserInterface|null The user instance to set, or null to unset.

getUserId

Retrieves the current/impersonated user or the original user ID.

public getUserId(bool $as = false): int|null

Parameters:

Parameter Type Description
$as bool Determines whether to retrieve the original user (true) or the current/impersonated one (false).

Return Value:

Returns the user ID as an integer if available, or null if the user is not set.


getUserAsId

Retrieves the original user ID when impersonating.

public getUserAsId(): int|null

Return Value:

Returns the user ID as an integer if available, or null otherwise.


getRoleList

Retrieves the list of roles associated with the current identity.

public getRoleList(): array

Return Value:

Returns an array of roles. If no roles are set, returns an empty array.


getGroupList

Retrieves the list of groups associated with the current identity.

public getGroupList(): array

Return Value:

Returns an array of group identifiers or an empty array if no groups are found.


getTypeList

Retrieves the list of types associated with the current identity.

public getTypeList(): array

Return Value:

Returns an array of types. If no types are found, returns an empty array.


isLoggedIn

Checks if the user is currently logged in.

public isLoggedIn(bool $as = false, bool $force = false): bool

Parameters:

Parameter Type Description
$as bool Determines whether to check the original user (true) or the current/impersonated one (false).
$force bool Forces a fresh check ignoring cached user session data when set to true.

Return Value:

Returns true if the user is logged in, false otherwise.


isLoggedInAs

Checks if the user is logged in and impersonating another user.

public isLoggedInAs(bool $force = false): bool

Parameters:

Parameter Type Description
$force bool Determines whether to enforce a specific login check.

Return Value:

Returns true if the user is logged in based on the condition, otherwise false.


findUserById

Finds and retrieves a user by their unique identifier.

public findUserById(int $id): \PhalconKit\Models\Interfaces\UserInterface|null

Parameters:

Parameter Type Description
$id int The unique identifier of the user to be retrieved.

Return Value:

Returns the user instance if found, or null if no user exists with the specified identifier.


findUserByEmail

Finds and retrieves a user by their email address.

public findUserByEmail(string $string): \PhalconKit\Models\Interfaces\UserInterface|null

Parameters:

Parameter Type Description
$string string The email address of the user to search for.

Return Value:

Returns a UserInterface instance if a user with the specified email is found, or null if no user matches the email.


getSessionKey

Retrieves the session key, optionally appending a refresh suffix.

public getSessionKey(bool $refresh = false): string

Parameters:

Parameter Type Description
$refresh bool Indicates whether to append the '-refresh' suffix to the session key.

Return Value:

The retrieved session key, with or without the refresh suffix.


removeSessionIdentity

Removes the session identity associated with the current instance, if a valid key exists.

public removeSessionIdentity(): void

setSessionIdentity

Sets the session identity by storing the provided identity data in the session.

public setSessionIdentity(array $identity): void

Parameters:

Parameter Type Description
$identity array An associative array representing the identity data to be stored in the session.

getSessionIdentity

Retrieves the session identity from the session storage.

public getSessionIdentity(): array

Return Value:

An associative array representing the identity data retrieved from the session. Returns an empty array if no data is found.


hasSessionIdentity

Checks if a session identity exists by verifying the presence of a valid key and its association in the session.

public hasSessionIdentity(): bool

Return Value:

Returns true if a session identity exists; otherwise, false.


getKey

Retrieves the 'key' value from the claim array if it exists, or returns null.

public getKey(): string|null

Return Value:

The 'key' value from the claim array, or null if not found.


hasRole

Determines if the current user has the specified roles.

public hasRole(array|null $roles = null, bool $or = false, bool $inherit = true): bool

Parameters:

Parameter Type Description
$roles array|null List of roles to check against.
$or bool If true, checks if the user has at least one of the roles. If false, checks if the user has all roles.
$inherit bool If true, includes inherited roles in the check.

Return Value:

True if the user satisfies the role conditions, false otherwise.


has

Check if the needles meet the haystack using nested arrays Reversing ANDs and ORs within each nested subarray

public has(array|string|null $needles = null, array $haystack = [], bool $or = false): bool

$this->has(['dev', 'admin'], $this->getUser()->getRoles(), true); // 'dev' OR 'admin' $this->has(['dev', 'admin'], $this->getUser()->getRoles(), false); // 'dev' AND 'admin'

$this->has(['dev', 'admin'], $this->getUser()->getRoles()); // 'dev' AND 'admin' $this->has([['dev', 'admin']], $this->getUser()->getRoles()); // 'dev' OR 'admin' $this->has([[['dev', 'admin']]], $this->getUser()->getRoles()); // 'dev' AND 'admin'

Parameters:

Parameter Type Description
$needles array|string|null Needles to match and meet the rules
$haystack array Haystack array to search into
$or bool True to force with "OR" , false to force "AND" condition

Return Value:

Return true or false if the needles rules are being met


getInheritedRoleList

Retrieves a list of inherited roles based on the provided role indices.

public getInheritedRoleList(array $roleIndexList = []): array

The method processes the given role indices, determines their inherited roles recursively, and returns a unique and flattened list of all inherited roles.

Parameters:

Parameter Type Description
$roleIndexList array The list of role indices to process for inheritance. Defaults to an empty array.

Return Value:

An array containing the unique list of all inherited roles.


oauth2

OAuth2 authentication

public oauth2(string $provider, string $providerUuid, string $accessToken, string|null $refreshToken = null, array|null $meta = []): array

Parameters:

Parameter Type Description
$provider string The OAuth2 provider
$providerUuid string The UUID associated with the provider
$accessToken string The access token provided by the provider
$refreshToken string|null The refresh token provided by the provider (optional)
$meta array|null Additional metadata associated with the user (optional)

Return Value:

Returns an array with the following keys: - 'saved': Indicates whether the OAuth2 entity was saved successfully - 'loggedIn': Indicates whether the user is currently logged in - 'loggedInAs': Indicates the user that is currently logged in - 'messages': An array of validation messages

Throws:


getJwt

Generates a new JWT and refresh token based on the specified claim and configuration.

public getJwt(bool $refresh = false): array

If the claim does not have a key or is refreshed, it creates a new key and updates the session if enabled.

Parameters:

Parameter Type Description
$refresh bool Indicates whether to refresh the claim by generating a new key and invalidating previous tokens.

Return Value:

Contains the generated JWT, refresh token, and a flag indicating if the claim was refreshed.

Throws:


getClaim

Retrieves the claim using different authentication methods such as JWT, Authorization Header, or Session.

public getClaim(bool $refresh = false, bool $force = false): array

If the claim is cached and not forced to refresh, it returns the cached claim.

Parameters:

Parameter Type Description
$refresh bool Determines whether to attempt refreshing the claim if available.
$force bool Forces bypassing the cached claim and retrieving a new one.

Return Value:

The claim data or an empty array if no claim is found.


setClaim

Sets the claim information for the current instance.

public setClaim(array $claim): void

Parameters:

Parameter Type Description
$claim array The claim data to set.

getJwtToken

Generates a JWT (JSON Web Token) using the provided identifier, payload data, and additional options.

public getJwtToken(string $id, array $data = [], array $options = []): string

Parameters:

Parameter Type Description
$id string The unique identifier for the JWT, typically representing a specific user or session.
$data array An associative array containing the payload data to be encoded in the JWT.
$options array An associative array of options for the token such as issuer, audience, subject, etc. Defaults will be applied if not provided.

Return Value:

The generated JWT token as a string.

Throws:


getClaimFromToken

Extracts claims from a provided JWT token after validating it.

public getClaimFromToken(string $token, string|null $claim = null): array

Parameters:

Parameter Type Description
$token string The JWT token to parse and validate.
$claim string|null An optional identifier to validate the token against.

Return Value:

The claims extracted from the token, or an empty array if no valid claims are found.


getClaimFromAuthorization

Extracts claim information from the authorization header if it follows the Bearer token format.

public getClaimFromAuthorization(array $authorization): array

Parameters:

Parameter Type Description
$authorization array The authorization header split into an array with the type and token.

Return Value:

The claim information extracted from the token or an empty array if extraction fails.


getJsonRawBody

Retrieves the raw JSON body from the request.

private getJsonRawBody(): \stdClass

If the body is not valid JSON, an empty stdClass object is returned.

Return Value:

The raw JSON body as an object or an empty stdClass object if the input is invalid.


loginAs

Allows an admin or developer to log in as another user based on their user ID.

public loginAs(array $params = []): array

Validates the provided parameters to ensure the presence and numericality of the user ID. Also handles the scenario where the user attempts to return to their original session.

Parameters:

Parameter Type Description
$params array Associative array containing the key 'userId', which represents the ID of the user to log in as.

Return Value:

An array containing the validation messages, login status, and login-as status: - 'messages': Validation messages, if any. - 'loggedIn': Boolean indicating whether the user is logged in under their original session. - 'loggedInAs': Boolean indicating whether the user is logged in as another user.


logoutAs

Logs out from a session where the user was logged in (impersonating) as another user, reverting back to the original session identity.

public logoutAs(): array

If the current session identity includes an 'asUserId', the identity is updated to the corresponding 'userId'.

Return Value:

An array containing the user's login status after reverting: - 'loggedIn': Boolean indicating whether the original user is logged in. - 'loggedInAs': Boolean indicating whether the session is currently logged in as another user.


getAclRoles

Return the list of ACL roles - role ws is automatically added if the bootstrap mode is websocket/ws - role cli is automatically added if the bootstrap mode is console/cli - role everyone is automatically added to everyone at all time - role guest is automatically added only if no role was found - inherited roles are automatically added from the base roles

public getAclRoles(array|null $roleList = null): array

Parameters:

Parameter Type Description
$roleList array|null

__construct

Constructs a new instance of the class.

public __construct(array|null $options = null): mixed

Parameters:

Parameter Type Description
$options array|null An optional array of options to initialize the instance with. Default is null.

initializeOptions

Initializes the options for the object.

public initializeOptions(array|null $options = null): void

Parameters:

Parameter Type Description
$options array|null The options to be initialized. If null, an empty array will be used.

initialize

Initializes the object.

public initialize(): void

This method is responsible for performing any necessary setup or initialization tasks for the object. It does not accept any parameters and does not return a value.


setOptions

Sets the options for the object.

public setOptions(array $options, bool $merge = false): void

Parameters:

Parameter Type Description
$options array The array of options to be set.
$merge bool Whether to merge the existing options with the new options. Defaults to false.

getOptions

Retrieves all options.

public getOptions(): array

Return Value:

An array containing all the options.


setOption

Sets the value of the option specified by the given key.

public setOption(string $key, mixed $value = null, bool $merge = false): void

Parameters:

Parameter Type Description
$key string The key of the option.
$value mixed The value to be set for the option.
$merge bool Whether to merge the new value with an existing value if the option already exists.

getOption

Retrieves the value of the option specified by the given key.

public getOption(string $key, mixed $default = null): mixed

Parameters:

Parameter Type Description
$key string The key of the option.
$default mixed The default value to be returned if the option does not exist.

Return Value:

The value of the option specified by the key, or the default value if the option does not exist.


hasOption

Checks if the option specified by the given key exists.

public hasOption(string $key): bool

Parameters:

Parameter Type Description
$key string The key of the option.

Return Value:

Returns true if the option exists, false otherwise.


removeOption

Remove an option by key

public removeOption(string $key): void

Removes the option with the given key from the options array.

Parameters:

Parameter Type Description
$key string The key of the option to be removed

resetOptions

Reset all options to their default values - Uses the defaultOptions property to set the options

public resetOptions(): void

clearOptions

Clear all options

public clearOptions(): void

This method clears all the options stored in the class. After calling this method, the options array will be empty.