Path

ez components / documentation / api reference / 2007.1.1 / authentication

eZ Components 2007.1.1

Authentication: ezcAuthenticationSession

[ Tutorial ] [ Security ] [ Class tree ] [ Element index ] [ ChangeLog ] [ Credits ]

Class: ezcAuthenticationSession

Support for session authentication and saving of authentication information between requests. [source]
Contains the methods:
  • start - starts the session, calling the PHP function session_start()
  • load - returns the information stored in the session key ezcAuth_id
  • save - saves information in the session key ezcAuth_id and also saves the current timestamp in the session key ezcAuth_timestamp
  • destroy - deletes the information stored in the session keys ezcAuth_id and ezcAuth_timestamp
  • regenerateId - regenerates the PHPSESSID value
Example of use (combined with the Htpasswd filter): 
 1.  // no headers should be sent before calling $session->start()
 2.   $session new ezcAuthenticationSession();
 3.  $session->start();
 4.  
 5.  // retrieve the POST request information
 6.   $user = isset$_POST['user'$_POST['user'$session->load();
 7.  $password = isset$_POST['password'$_POST['password'null;
 8.  $credentials new ezcAuthenticationPasswordCredentials$user$password );
 9.  $authentication new ezcAuthentication$credentials );
10.  $authentication->session $session;
11.  $authentication->addFilternew ezcAuthenticationHtpasswdFilter'/etc/htpasswd' ) );
12.  // add other filters if needed
13.   if !$authentication->run() )
14.  {
15.      // authentication did not succeed, so inform the user
16.           $status $authentication->getStatus();
17.      $err array(
18.              'ezcAuthenticationHtpasswdFilter' => array(
19.                  ezcAuthenticationHtpasswdFilter::STATUS_USERNAME_INCORRECT => 'Incorrect username',
20.                  ezcAuthenticationHtpasswdFilter::STATUS_PASSWORD_INCORRECT => 'Incorrect password'
21.                  ),
22.              'ezcAuthenticationSession' => array(
23.                  ezcAuthenticationSession::STATUS_EMPTY => '',
24.                  ezcAuthenticationSession::STATUS_EXPIRED => 'Session expired'
25.                  )
26.              );
27.      foreach $status as $line )
28.      {
29.          list$key$value each$line );
30.          echo $err[$key][$value"\n";
31.      }
32.  }
33.  else
34.  {
35.      // authentication succeeded, so allow the user to see his content
36.   }
See ezcAuthenticationSessionOptions for options you can set to session objects.

Constants

STATUS_EMPTY = 1 The session is empty; normal behaviour is to continue with the other filters.
STATUS_EXPIRED = 2 The session expired; normal behaviour is to regenerate the session ID.
STATUS_OK = 0 Successful authentication; normal behaviour is to skip the other filters.

Member Variables

protected ezcAuthenticationFilterOptions $options
Options for authentication filters.

Method Summary

public ezcAuthenticationSession __construct( [$options = null] )
Creates a new object of this class.
public void destroy( )
Removes the variables used by this class from the session variables.
public ezcAuthenticationSessionOptions getOptions( )
Returns the options of this class.
public string load( )
Loads the authenticated username from the session or null if it doesn't exist.
public void regenerateId( )
Regenerates the session ID.
public int run( $credentials )
Runs through the session and returns a status code when finished.
public void save( $data )
Saves the authenticated username and the current timestamp in the session variables.
public void setOptions( $options )
Sets the options of this class to $options.
public void start( )
Starts the session.

Methods

__construct

ezcAuthenticationSession __construct( [ezcAuthenticationSessionOptions $options = null] )
Creates a new object of this class.

Parameters

Name Type Description
$options ezcAuthenticationSessionOptions Options for this class

destroy

void destroy( )
Removes the variables used by this class from the session variables.

getOptions

ezcAuthenticationSessionOptions getOptions( )
Returns the options of this class.

load

string load( )
Loads the authenticated username from the session or null if it doesn't exist.

regenerateId

void regenerateId( )
Regenerates the session ID.

run

int run( ezcAuthenticationCredentials $credentials )
Runs through the session and returns a status code when finished.

Parameters

Name Type Description
$credentials ezcAuthenticationCredentials Authentication credentials

save

void save( string $data )
Saves the authenticated username and the current timestamp in the session variables.

Parameters

Name Type Description
$data string Information to save in the session, usually username

setOptions

void setOptions( ezcAuthenticationSessionOptions $options )
Sets the options of this class to $options.

Parameters

Name Type Description
$options ezcAuthenticationSessionOptions Options for this class

start

void start( )
Starts the session.
This function must be called before sending any headers to the client.

Last updated: Wed, 28 Nov 2007