//add your hook here
/*
$AUTH_TEST = $AUTH_HARNESS->authenticate(
'JCORE\SERVICE\AUTH\LOGIN_SERVICE',
array(
'AUTH_TYPE' => 'session'
)
);
*/
/**
* pages not to lock out
* login, signup, logout
*
*/
$PAGE_HOOKS = $GLOBALS["CONFIG_MANAGER"]->getSetting('AUTH', 'PAGE_FILTER_ALLOW_PUBLIC');
$PAGE_TEST = $AUTH_HARNESS->authenticate('JCORE\\SERVICE\\AUTH\\PAGE_FILTER', $PAGE_HOOKS);
#######################################
#echo ' restrictive mode...pass the white list first, then check credentials<br>'.PHP_EOL;
if (true === $PAGE_TEST) {
#$passed = true;
} else {
#echo ' run a secondary auth test<br>'.PHP_EOL;
if (false === $AUTH_TEST) {
/**
echo 'redirect<br>'.PHP_EOL;
echo __METHOD__.__LINE__.'$_SESSION<pre>['.var_export($_SESSION, true).']</pre>'.PHP_EOL;
exit;
*/
header('Location: http://' . $_SERVER['HTTP_HOST'] . '/login.php');
exit;
}
* or write a custom session handler http://php.net/manual/en/session.customhandler.php
*
*
*
*/
session_start();
/**
* AUTH HOOK
* we test for session/cookie/nonce what ever here an do a redirect to our authentication page
* we add a condition to ensure we don't have an endless redirect with an unauthenticated user
* set some data
*/
$AUTH_HARNESS = new JCORE\AUTH\AUTH_HARNESS();
if (true !== $AUTH_HARNESS->register('JCORE\\SERVICE\\AUTH\\LOGIN_SERVICE')) {
die('failed to load LOGIN_SERVICE');
}
/**
* call our authentication method/service, we're only looking for a boolean response
* for a basic website, for an API we'll do a different hook forcing
* authentication at the header level or in the transport request
*
*/
#$AUTH_TEST = true; //add your hook here
$AUTH_TEST = $AUTH_HARNESS->authenticate('JCORE\\SERVICE\\AUTH\\LOGIN_SERVICE', array('AUTH_TYPE' => 'SESSION'));
if (false === $AUTH_TEST) {
header('Location: http://' . $_SERVER['HTTP_HOST'] . '/login.php');
exit;
}
?>
