4 * HTTP Basic Authentication handler
6 * Use this class for easy http authentication setup
10 * @copyright Copyright (C) 2007-2012 Rooftop Solutions. All rights reserved.
11 * @author Evert Pot (http://www.rooftopsolutions.nl/)
12 * @license http://code.google.com/p/sabredav/wiki/License Modified BSD License
14 class Sabre_HTTP_BasicAuth extends Sabre_HTTP_AbstractAuth {
17 * Returns the supplied username and password.
19 * The returned array has two values:
23 * If nothing was supplied, 'false' will be returned
27 public function getUserPass() {
30 if (($user = $this->httpRequest->getRawServerValue('PHP_AUTH_USER')) && ($pass = $this->httpRequest->getRawServerValue('PHP_AUTH_PW'))) {
32 return array($user,$pass);
36 // Most other webservers
37 $auth = $this->httpRequest->getHeader('Authorization');
39 // Apache could prefix environment variables with REDIRECT_ when urls
40 // are passed through mod_rewrite
42 $auth = $this->httpRequest->getRawServerValue('REDIRECT_HTTP_AUTHORIZATION');
45 if (!$auth) return false;
47 if (strpos(strtolower($auth),'basic')!==0) return false;
49 return explode(':', base64_decode(substr($auth, 6)));
54 * Returns an HTTP 401 header, forcing login
56 * This should be called when username and password are incorrect, or not supplied at all
60 public function requireLogin() {
62 $this->httpResponse->setHeader('WWW-Authenticate','Basic realm="' . $this->realm . '"');
63 $this->httpResponse->sendStatus(401);