UserHelper
Authorisation helper class, provides static methods to perform various tasks relevant to the Joomla user and authorisation classes
This class has influences and some method logic from the Horde Auth package
since |
1.7.0 |
---|---|
package |
Joomla CMS |
Methods
activateUser
Method to activate a user
activateUser( activation) :
since |
1.7.0 |
---|
Arguments
- activation
string
Activation string
Response
bool
True on success
addUserToGroup
Method to add a user to a group.
addUserToGroup( userId, groupId) :
since |
1.7.0 |
---|---|
throws |
|
Arguments
- userId
int
The id of the user.- groupId
int
The id of the group.
Response
bool
True on success
checkSuperUserInUsers
Check if there is a super user in the user ids.
checkSuperUserInUsers(mixed||string|int userIds) :
since |
3.6.5 |
---|
Arguments
- userIds
array<string|int, mixed>
An array of user IDs on which to operate
Response
bool
True on success, false on failure
destroyUserSessions
Destroy all active session for a given user id
destroyUserSessions( userId, keepCurrent = false, clientId = null) :
since |
3.9.28 |
---|
Arguments
- userId
int
Id of user- keepCurrent
bool
Keep the session of the currently acting user- clientId
int
Application client id
Response
bool
genRandomPassword
Generate a random password
genRandomPassword( length = 8) :
since |
1.7.0 |
---|
Arguments
- length
int
Length of the password to generate
Response
string
Random Password
getProfile
Gets the user profile information
getProfile( userId) :
since |
1.7.0 |
---|
Arguments
- userId
int
The id of the user.
Response
object
getShortHashedUserAgent
Method to get a hashed user agent string that does not include browser version.
getShortHashedUserAgent() :
Used when frequent version changes cause problems.
since |
3.2 |
---|
Response
string
A hashed user agent string with version replaced by 'abcd'
getUserGroups
Method to get a list of groups a user is in.
getUserGroups( userId) : mixed||string|int
since |
1.7.0 |
---|
Arguments
- userId
int
The id of the user.
Response
array<string|int, mixed>
List of groups
getUserId
Returns userid if a user exists
getUserId( username) :
since |
1.7.0 |
---|
Arguments
- username
string
The username to search on.
Response
int
The user id or 0 if not found.
hashPassword
Hashes a password using the current encryption.
hashPassword( password, string|int algorithm = self::HASH_BCRYPT, mixed||string|int options = []) :
since |
3.2.1 |
---|---|
throws |
|
Arguments
- password
string
The plaintext password to encrypt.- algorithm
string|int
The hashing algorithm to use, represented byHASH_*
class constants, or a container service ID.- options
array<string|int, mixed>
The options for the algorithm to use.
Response
string
The encrypted password.
removeUserFromGroup
Method to remove a user from a group.
removeUserFromGroup( userId, groupId) :
since |
1.7.0 |
---|
Arguments
- userId
int
The id of the user.- groupId
int
The id of the group.
Response
bool
True on success
setUserGroups
Method to set the groups for a user.
setUserGroups( userId, mixed||string|int groups) :
since |
1.7.0 |
---|
Arguments
- userId
int
The id of the user.- groups
array<string|int, mixed>
An array of group ids to put the user in.
Response
bool
True on success
verifyPassword
Formats a password using the current encryption. If the user ID is given and the hash does not fit the current hashing algorithm, it automatically updates the hash.
verifyPassword( password, hash, userId) :
since |
3.2.1 |
---|
Arguments
- password
string
The plaintext password to check.- hash
string
The hash to verify against.- userId
int
ID of the user if the password hash should be updated
Response
bool
True if the password and hash match, false otherwise
Constants
HASH_ARGON2I
Constant defining the Argon2i password algorithm for use with password hashes
Note: PHP's native PASSWORD_ARGON2I
constant is not used as PHP may be compiled without this constant
Value | 'argon2i' |
---|---|
since |
4.0.0 |
Type(s)
string
HASH_ARGON2I_BC
B/C constant PASSWORD_ARGON2I
for PHP < 7.4 (using integer)
Note: PHP's native PASSWORD_ARGON2I
constant is not used as PHP may be compiled without this constant
Value | 2 |
---|---|
since |
4.0.0 |
deprecated |
4.0 will be removed in 6.0 Use UserHelper::HASH_ARGON2I instead |
Type(s)
int
HASH_ARGON2ID
Constant defining the Argon2id password algorithm for use with password hashes
Note: PHP's native PASSWORD_ARGON2ID
constant is not used as PHP may be compiled without this constant
Value | 'argon2id' |
---|---|
since |
4.0.0 |
Type(s)
string
HASH_ARGON2ID_BC
B/C constant PASSWORD_ARGON2ID
for PHP < 7.4 (using integer)
Note: PHP's native PASSWORD_ARGON2ID
constant is not used as PHP may be compiled without this constant
Value | 3 |
---|---|
since |
4.0.0 |
deprecated |
4.0 will be removed in 6.0 Use UserHelper::HASH_ARGON2ID instead |
Type(s)
int
HASH_BCRYPT
Constant defining the BCrypt password algorithm for use with password hashes
Value | '2y' |
---|---|
since |
4.0.0 |
Type(s)
string
HASH_BCRYPT_BC
B/C constant PASSWORD_BCRYPT
for PHP < 7.4 (using integer)
Value | 1 |
---|---|
since |
4.0.0 |
deprecated |
4.0 will be removed in 6.0 Use UserHelper::HASH_BCRYPT instead |
Type(s)
int
HASH_MD5
Constant defining the MD5 password algorithm for use with password hashes
Value | 'md5' |
---|---|
since |
4.0.0 |
deprecated |
4.0 will be removed in 6.0 Support for MD5 hashed passwords will be removed use any of the other hashing methods |
Type(s)
string
HASH_PHPASS
Constant defining the PHPass password algorithm for use with password hashes
Value | 'phpass' |
---|---|
since |
4.0.0 |
deprecated |
4.0 will be removed in 6.0 Support for PHPass hashed passwords will be removed use any of the other hashing methods |
Type(s)
string
HASH_ALGORITHMS
Mapping array for the algorithm handler
Value | [self::HASH_ARGON2I => \Joomla\Authentication\Password\Argon2iHandler::class, self::HASH_ARGON2I_BC => \Joomla\Authentication\Password\Argon2iHandler::class, self::HASH_ARGON2ID => \Joomla\Authentication\Password\Argon2idHandler::class, self::HASH_ARGON2ID_BC => \Joomla\Authentication\Password\Argon2idHandler::class, self::HASH_BCRYPT => \Joomla\Authentication\Password\BCryptHandler::class, self::HASH_BCRYPT_BC => \Joomla\Authentication\Password\BCryptHandler::class, self::HASH_MD5 => \Joomla\CMS\Authentication\Password\MD5Handler::class, self::HASH_PHPASS => \Joomla\CMS\Authentication\Password\PHPassHandler::class] |
---|---|
since |
4.0.0 |
Type(s)
array<string|int, mixed>