Authentication: ezcAuthenticationSession
[ ]
[ Rfcs ] [ Security ]
[ ]
[ ]
[ ]
[ ]
Class: ezcAuthenticationSession
|
Support for session authentication and saving of authentication information between requests. [
source]
Contains the methods:
- start - starts the session, calling the PHP function session_start()
- load - returns the information stored in the session key ezcAuth_id
- save - saves information in the session key ezcAuth_id and also saves
the current timestamp in the session key ezcAuth_timestamp
- destroy - deletes the information stored in the session keys ezcAuth_id
and ezcAuth_timestamp
- regenerateId - regenerates the PHPSESSID value
Example of use (combined with the Htpasswd filter):
1. // no headers should be sent before calling $session->start()
2. $session = new ezcAuthenticationSession();
3. $session->start();
4.
5. // retrieve the POST request information
6. $user = isset( $_POST['user'] ) ? $_POST['user'] : $session->load();
7. $password = isset( $_POST['password'] ) ? $_POST['password'] : null;
8. $credentials = new ezcAuthenticationPasswordCredentials( $user, $password );
9. $authentication = new ezcAuthentication( $credentials );
10. $authentication->session = $session;
11. $authentication->addFilter( new ezcAuthenticationHtpasswdFilter( '/etc/htpasswd' ) );
12. // add other filters if needed
13. if ( !$authentication->run() )
14. {
15. // authentication did not succeed, so inform the user
16. $status = $authentication->getStatus();
17. $err = array(
18. 'ezcAuthenticationHtpasswdFilter' => array(
19. ezcAuthenticationHtpasswdFilter::STATUS_USERNAME_INCORRECT => 'Incorrect username',
20. ezcAuthenticationHtpasswdFilter::STATUS_PASSWORD_INCORRECT => 'Incorrect password'
21. ),
22. 'ezcAuthenticationSession' => array(
23. ezcAuthenticationSession::STATUS_EMPTY => '',
24. ezcAuthenticationSession::STATUS_EXPIRED => 'Session expired'
25. )
26. );
27. foreach ( $status as $line )
28. {
29. list( $key, $value ) = each( $line );
30. echo $err[$key][$value] . "\n";
31. }
32. }
33. else
34. {
35. // authentication succeeded, so allow the user to see his content
36. }
Constants
STATUS_EMPTY
= 1
|
The session is empty; normal behaviour is to continue with the other filters. |
STATUS_EXPIRED
= 2
|
The session expired; normal behaviour is to regenerate the session ID. |
STATUS_OK
= 0
|
Successful authentication; normal behaviour is to skip the other filters. |
Member Variables
Method Summary
|
public ezcAuthenticationSession |
__construct(
[$options = null] )
Creates a new object of this class. |
|
public void |
destroy(
)
Removes the variables used by this class from the session variables. |
|
public ezcAuthenticationSessionOptions |
getOptions(
)
Returns the options of this class. |
|
public bool |
isValid(
$credentials )
Runs through the session and returns true if the session is correct. |
|
public string |
load(
)
Loads the authenticated username from the session or null if it doesn't exist. |
|
public void |
regenerateId(
)
Regenerates the session ID. |
|
public int |
run(
$credentials )
Runs through the session and returns a status code when finished. |
|
public void |
save(
$data )
Saves the authenticated username and the current timestamp in the session variables. |
|
public void |
setOptions(
$options )
Sets the options of this class to $options. |
|
public void |
start(
)
Starts the session. |
Methods
__construct
Creates a new object of this class.
Parameters
destroy
void destroy(
)
Removes the variables used by this class from the session variables.
getOptions
Returns the options of this class.
isValid
Runs through the session and returns true if the session is correct.
When using the session, it is often desirable to take advantage of the fact that the authenticated state of the user is kept in the session and not create and initialize the other filters (which might slow things down on every request).
The application can be structured like this:
1. $session = new ezcAuthenticationSession();
2. $session->start();
3.
4. $credentials = new ezcAuthenticationPasswordCredentials( $user, $pass );
5.
6. $authenticated = false;
7. if ( !$session->isValid( $credentials ) )
8. {
9. // create the authentication object
10. $authentication = new ezcAuthentication( $credentials );
11. $authentication->session = $session;
12.
13. // create filters and add them to the authentication object
14. $authentication->addFilter( new ezcAuthenticationOpenidFilter() );
15.
16. // run the authentication object
17. if ( !$authentication->run() )
18. {
19. $status = $authentication->getStatus();
20. // build an error message based on $status
21. }
22. else
23. {
24. $authenticated = true;
25. }
26. }
27. else
28. {
29. $authenticated = true;
30. }
31.
32. if ( $authenticated )
33. {
34. // the authentication succeeded and the user can see his content
35. }
36. else
37. {
38. // inform the user that the authentication failed (with the error
39. // message that was created earlier)
40. }
In this way, the creation and initialization of the authentication filters is not performed if the credentials are stored in the session.
Parameters
load
string load(
)
Loads the authenticated username from the session or null if it doesn't exist.
regenerateId
void regenerateId(
)
Regenerates the session ID.
run
Runs through the session and returns a status code when finished.
Parameters
save
void save(
string
$data )
Saves the authenticated username and the current timestamp in the session variables.
Parameters
| Name |
Type |
Description |
$data |
string |
Information to save in the session, usually username |
setOptions
Sets the options of this class to $options.
Parameters
start
void start(
)
Starts the session.
This function must be called before sending any headers to the client.
Last updated: Wed, 28 Nov 2007
