/**
* Performs an authentication attempt
*
* @throws Zend_Auth_Adapter_Exception If authentication cannot be performed
* @return Zend_Auth_Result
*/
public function authenticate()
{
// get existing or new session
$session = $this->getSession();
// see if the session object has been implemented as a resource yet,
// if not it is becase the user hasn't logged in yet. To log in, a
// session resource must be created by using a post request to it
require_once 'models/Handler/Session.php';
$sessionHandler = new Default_Model_Handler_Session($session);
if (null === $sessionHandler->get(array('id' => 1))) {
// no session resource yet, create one as an anonymous/default user
$sessionHandler->post(array());
// this gets them in into the system, at which point if the user
// is in fact themselves posting to the session resource with their
// credentials, this created session will be forgotten and they
// will continue on as their proper identity
}
require_once 'Zend/Auth/Result.php';
return new Zend_Auth_Result(Zend_Auth_Result::SUCCESS, $session->identity);
}
public function preDispatch()
{
$this->_startTime = microtime(true);
// use plain text error reporting
ini_set('html_errors', 0);
// login procedure
// can handler digest or basic authentication but won't send
// WWW-Authenticate header challenging clients to use those.
// Instead will have the client as a anonymous user ('default') unless
// they authenticate with basic, digest or create a session
// get the Authorization header for checking header based authentication
// methods such as basic and digest
$headerAuthType = strtolower(strstr(strstr($this->getRequest()->getHeader('Authorization'), 'Authorization: '), ' ', true));
// set up auth adapter, check if basic, or digest are appropriate, if
// not use session based
if ('basic' == $headerAuthType) {
// start up basic auth if requested
$config = array(
'accept_schemes' => 'basic',
'realm' => 'App',
'digest_domains' => '/',
'nonce_timeout' => 3600,
);
$authAdapter = new Zend_Auth_Adapter_Http($config);
$basicResolver = new Rest_Auth_Adapter_Http_Resolver_RestDb('basic');
$authAdapter->setBasicResolver($basicResolver);
$authAdapter->setRequest($this->getRequest());
$authAdapter->setResponse($this->getResponse());
} elseif ('digest' == $headerAuthType) {
// start up digest auth if requested
$config = array(
'accept_schemes' => 'digest',
'realm' => 'App',
'digest_domains' => '/',
'nonce_timeout' => 3600,
);
$authAdapter = new Zend_Auth_Adapter_Http($config);
$digestResolver = new Rest_Auth_Adapter_Http_Resolver_RestDb('digest');
$authAdapter->setDigestResolver($digestResolver);
$authAdapter->setRequest($this->getRequest());
$authAdapter->setResponse($this->getResponse());
} else {
// use session authentication, note that session authentication will
// never result in inValid because if a session doesn't exist, a
// session for a default user will be created
// note: session credentials are set up by posting to a session
// resource
$authAdapter = new Rest_Auth_Adapter_RestSessionDb();
}
require_once 'Zend/Auth.php';
$result = Zend_Auth::getInstance()->authenticate($authAdapter);
// if a client has invalid credentials with a basic or digest
// authentication, the Zend_Auth_Adapter_Http will challenge them on it
if (!$result->isValid()) {
// Bad userame/password, or canceled password prompt
// Authentication failed; print the reasons why
$this->getResponse()->setHttpResponseCode(401);
$this->view->data = $result->getMessages();
// cancel the action but post dispatch will be executed
$this->setCancelAction(true);
return;
}
if ('Basic' == $headerAuthType || 'Digest' == $headerAuthType) {
require_once 'models/Handler/Session.php';
$handler = new Default_Model_Handler_Session();
$handler->post(array('user_id' => $result->getIdentity()->id));
}
}
