//add your hook here /* $AUTH_TEST = $AUTH_HARNESS->authenticate( 'JCORE\SERVICE\AUTH\LOGIN_SERVICE', array( 'AUTH_TYPE' => 'session' ) ); */ /** * pages not to lock out * login, signup, logout * */ $PAGE_HOOKS = $GLOBALS["CONFIG_MANAGER"]->getSetting('AUTH', 'PAGE_FILTER_ALLOW_PUBLIC'); $PAGE_TEST = $AUTH_HARNESS->authenticate('JCORE\\SERVICE\\AUTH\\PAGE_FILTER', $PAGE_HOOKS); ####################################### #echo ' restrictive mode...pass the white list first, then check credentials<br>'.PHP_EOL; if (true === $PAGE_TEST) { #$passed = true; } else { #echo ' run a secondary auth test<br>'.PHP_EOL; if (false === $AUTH_TEST) { /** echo 'redirect<br>'.PHP_EOL; echo __METHOD__.__LINE__.'$_SESSION<pre>['.var_export($_SESSION, true).']</pre>'.PHP_EOL; exit; */ header('Location: http://' . $_SERVER['HTTP_HOST'] . '/login.php'); exit; }
* or write a custom session handler http://php.net/manual/en/session.customhandler.php * * * */ session_start(); /** * AUTH HOOK * we test for session/cookie/nonce what ever here an do a redirect to our authentication page * we add a condition to ensure we don't have an endless redirect with an unauthenticated user * set some data */ $AUTH_HARNESS = new JCORE\AUTH\AUTH_HARNESS(); if (true !== $AUTH_HARNESS->register('JCORE\\SERVICE\\AUTH\\LOGIN_SERVICE')) { die('failed to load LOGIN_SERVICE'); } /** * call our authentication method/service, we're only looking for a boolean response * for a basic website, for an API we'll do a different hook forcing * authentication at the header level or in the transport request * */ #$AUTH_TEST = true; //add your hook here $AUTH_TEST = $AUTH_HARNESS->authenticate('JCORE\\SERVICE\\AUTH\\LOGIN_SERVICE', array('AUTH_TYPE' => 'SESSION')); if (false === $AUTH_TEST) { header('Location: http://' . $_SERVER['HTTP_HOST'] . '/login.php'); exit; } ?>