UserHelper

Authorisation helper class, provides static methods to perform various tasks relevant to the Joomla user and authorisation classes

abstract

This class has influences and some method logic from the Horde Auth package

since

1.7.0

package

Application

Methods

activateUser

Method to activate a user

activateUser(string activation) : bool
static
since

1.7.0

Arguments

activation

stringActivation string

Response

boolTrue on success

addUserToGroup

Method to add a user to a group.

addUserToGroup(int userId, int groupId) : bool
static
since

1.7.0

throws

\RuntimeException

Arguments

userId

intThe id of the user.

groupId

intThe id of the group.

Response

boolTrue on success

checkSuperUserInUsers

Check if there is a super user in the user ids.

checkSuperUserInUsers(array userIds) : bool
static
since

3.6.5

Arguments

userIds

arrayAn array of user IDs on which to operate

Response

boolTrue on success, false on failure

destroyUserSessions

Destroy all active session for a given user id

destroyUserSessions(int userId, bool keepCurrent = false, int clientId = null) : bool
static
since

3.9.28

Arguments

userId

intId of user

keepCurrent

boolKeep the session of the currently acting user

clientId

intApplication client id

Response

bool

genRandomPassword

Generate a random password

genRandomPassword(int length = 8) : string
static
since

1.7.0

Arguments

length

intLength of the password to generate

Response

stringRandom Password

getProfile

Gets the user profile information

getProfile(int userId) : object
static
since

1.7.0

Arguments

userId

intThe id of the user.

Response

object

getShortHashedUserAgent

Method to get a hashed user agent string that does not include browser version.

getShortHashedUserAgent() : string
static

Used when frequent version changes cause problems.

since

3.2

Response

stringA hashed user agent string with version replaced by 'abcd'

getUserGroups

Method to get a list of groups a user is in.

getUserGroups(int userId) : array
static
since

1.7.0

Arguments

userId

intThe id of the user.

Response

arrayList of groups

getUserId

Returns userid if a user exists

getUserId(string username) : int
static
since

1.7.0

Arguments

username

stringThe username to search on.

Response

intThe user id or 0 if not found.

hashPassword

Hashes a password using the current encryption.

hashPassword(string password, string|int algorithm = self::HASH_BCRYPT, array options = array()) : string
static
since

3.2.1

throws

\InvalidArgumentExceptionwhen the algorithm is not supported

Arguments

password

stringThe plaintext password to encrypt.

algorithm

string|intThe hashing algorithm to use, represented by HASH_* class constants, or a container service ID.

options

arrayThe options for the algorithm to use.

Response

stringThe encrypted password.

removeUserFromGroup

Method to remove a user from a group.

removeUserFromGroup(int userId, int groupId) : bool
static
since

1.7.0

Arguments

userId

intThe id of the user.

groupId

intThe id of the group.

Response

boolTrue on success

setUserGroups

Method to set the groups for a user.

setUserGroups(int userId, array groups) : bool
static
since

1.7.0

Arguments

userId

intThe id of the user.

groups

arrayAn array of group ids to put the user in.

Response

boolTrue on success

verifyPassword

Formats a password using the current encryption. If the user ID is given and the hash does not fit the current hashing algorithm, it automatically updates the hash.

verifyPassword(string password, string hash, int userId) : bool
static
since

3.2.1

Arguments

password

stringThe plaintext password to check.

hash

stringThe hash to verify against.

userId

intID of the user if the password hash should be updated

Response

boolTrue if the password and hash match, false otherwise

Constants

HASH_ARGON2I

Constant defining the Argon2i password algorithm for use with password hashes

Note: PHP's native PASSWORD_ARGON2I constant is not used as PHP may be compiled without this constant

Value 'argon2i'
since

4.0.0

Type(s)

string

HASH_ARGON2I_BC

B/C constant PASSWORD_ARGON2I for PHP < 7.4 (using integer)

deprecated

Note: PHP's native PASSWORD_ARGON2I constant is not used as PHP may be compiled without this constant

Value 2
since

4.0.0

deprecated

4.0.0 Use self::HASH_ARGON2I instead

Type(s)

int

HASH_ARGON2ID

Constant defining the Argon2id password algorithm for use with password hashes

Note: PHP's native PASSWORD_ARGON2ID constant is not used as PHP may be compiled without this constant

Value 'argon2id'
since

4.0.0

Type(s)

string

HASH_ARGON2ID_BC

B/C constant PASSWORD_ARGON2ID for PHP < 7.4 (using integer)

deprecated

Note: PHP's native PASSWORD_ARGON2ID constant is not used as PHP may be compiled without this constant

Value 3
since

4.0.0

deprecated

4.0.0 Use self::HASH_ARGON2ID instead

Type(s)

int

HASH_BCRYPT

Constant defining the BCrypt password algorithm for use with password hashes

Value '2y'
since

4.0.0

Type(s)

string

HASH_BCRYPT_BC

B/C constant PASSWORD_BCRYPT for PHP < 7.4 (using integer)

deprecated
Value 1
since

4.0.0

deprecated

4.0.0 Use self::HASH_BCRYPT instead

Type(s)

int

HASH_MD5

Constant defining the MD5 password algorithm for use with password hashes

deprecated
Value 'md5'
since

4.0.0

deprecated

5.0 Support for MD5 hashed passwords will be removed

Type(s)

string

HASH_PHPASS

Constant defining the PHPass password algorithm for use with password hashes

deprecated
Value 'phpass'
since

4.0.0

deprecated

5.0 Support for PHPass hashed passwords will be removed

Type(s)

string

HASH_ALGORITHMS

Mapping array for the algorithm handler

Value [self::HASH_ARGON2I => \Joomla\Authentication\Password\Argon2iHandler::class, self::HASH_ARGON2I_BC => \Joomla\Authentication\Password\Argon2iHandler::class, self::HASH_ARGON2ID => \Joomla\Authentication\Password\Argon2idHandler::class, self::HASH_ARGON2ID_BC => \Joomla\Authentication\Password\Argon2idHandler::class, self::HASH_BCRYPT => \Joomla\Authentication\Password\BCryptHandler::class, self::HASH_BCRYPT_BC => \Joomla\Authentication\Password\BCryptHandler::class, self::HASH_MD5 => \Joomla\CMS\Authentication\Password\MD5Handler::class, self::HASH_PHPASS => \Joomla\CMS\Authentication\Password\PHPassHandler::class]
since

4.0.0

Type(s)

array