/** * Change environment for user role/status * * @param string $realm * @param string $login * @param string $password * @return void */ protected function _doLogin($realm, $login, $password) { $authAdapter = new Zend_Auth_Adapter_Digest(APPLICATION_PATH . '/configs/auth', $realm, $login, $password); $result = $authAdapter->authenticate(); if ($result->isValid()) { // success: store database row to auth's storage system Zend_Auth::getInstance()->getStorage()->write($authAdapter->getRealm()); } }
protected function _authenticate($realm, $login, $password) { $authAdapter = new Zend_Auth_Adapter_Digest(APPLICATION_PATH . '/configs/auth', $realm, $login, $password); $result = $authAdapter->authenticate(); if ($result->isValid()) { // success: сохран¤ем роль пользовател¤ в Zend_Auth Zend_Auth::getInstance()->getStorage()->write($authAdapter->getRealm()); } return $result; }
/** * Ensures that successful authentication works as expected * * @return void */ public function testAuthenticationSuccess() { $filename = "{$this->_filesPath}/.htdigest.1"; $realm = 'Some Realm'; $username = '******'; $password = '******'; $adapter = new Zend_Auth_Adapter_Digest($filename, $realm, $username, $password); $result = $adapter->authenticate(); $this->assertTrue($result->isValid()); $this->assertEquals($result->getCode(), Zend_Auth_Result::SUCCESS); $this->assertEquals(array(), $result->getMessages()); $identity = $result->getIdentity(); $this->assertEquals($identity['realm'], $realm); $this->assertEquals($identity['username'], $username); }
/** * The default action is "indexAction", unless explcitly set to something else. */ public function indexAction() { // STAGE 4: Apply business logic to create a presentation model for the view. $origRequest = $this->getInvokeArg('origRequest'); $this->view->rerouteToReason = $this->getInvokeArg('rerouteToReason'); $this->view->origRequestUri = $origRequest->REQUEST_URI; // if no credentials if (empty($_REQUEST['username'])) { // should be _POST, but this makes demo easier to tweak // STAGE 5: Choose view template and submit presentation model to view template for rendering. // if an admin area was requested, and authentication has been enabled in config.ini if (isset($this->authSpace->authenticationId)) { ZFDemo_Log::log(_('already have authentication id, showing logout form')); $this->_forward('logoutDecision'); // show logout form } else { ZFDemo_Log::log(_('no authentication id, showing login form')); $this->renderToSegment('body'); // show login form } return; } // prepare to authenticate credentials received from a form require_once 'Zend/Auth/Result.php'; require_once 'Zend/Auth/Adapter/Digest.php'; $config = Zend_Registry::get('config'); $username = trim($_REQUEST['username']); // ought to be _POST, but this simplifies experimentation $password = trim($_REQUEST['password']); // by the reader of the tutorial // filtering will be added in a later section ///////////////////////////// // ==> SECTION: filter <== require_once 'Zend/Validate/Alnum.php'; require_once 'Zend/Validate/Regex.php'; // input filtering is enabled, so .. $validator_name = new Zend_Validate_Alnum(); // alphabetic and numeric characters are permitted if (!$validator_name->isValid($username)) { $this->renderToSegment('body', 'invalidUsername'); return; } // this application has "special" requirements, so we show how to use custom regex: $validator_password = new Zend_Validate_Regex('/^[a-z0-9_]{5,16}$/'); if (!$validator_password->isValid($password)) { $this->renderToSegment('body', 'invalidPassword'); return; } ///////////////////////////// // ==> SECTION: auth <== $result = false; try { // try to authenticate using the md5 "digest" adapter $filename = $config->authenticate->filename; // file containing username:realm:password digests if ($filename[0] !== DIRECTORY_SEPARATOR) { $filename = Zend_Registry::get('dataDir') . $filename; // prepend path, if filename not absolute } $adapter = new Zend_Auth_Adapter_Digest($filename, $config->authenticate->realm, $username, $password); $result = $adapter->authenticate(); // result of trying to authenticate credentials $this->view->resultCode = $result->getCode(); // allow view to see result status (reason) } catch (Exception $exception) { $this->view->exception = ZFDemo::filterException($exception); // record exception description $this->view->resultCode = false; } if ($result && $result->isValid()) { // if successful authentication, save the authentication identity ( http://framework.zend.com/wiki/x/fUw ) $id = $result->getIdentity(); Zend_Registry::set('authenticationId', $id); // publish the identity (really need Observer pattern) $this->authSpace->authenticationId = $id; $this->authSpace->date = time(); // save the timestamp when authenticated successfully $this->authSpace->attempts = 0; // success, so forget the number of previous login failures // @TODO: filter this ... $this->_redirect($_REQUEST['origPathInfo']); // now return to wherever user came from } else { $this->authSpace->attempts++; // record the authentication failure if ($this->authSpace->attempts > $config->authenticate->maxAttempts) { // Overly simplistic account "lockout" lasts for at least 10 seconds, // but increases with repeated failures. $this->view->lockout = 5 * $this->authSpace->attempts; // Lockout time will be "forgotten" later, and expired from session, allowing logins. $this->authSpace->setExpirationSeconds($this->view->lockout); $this->blockHacker(); // show a view indicating account lockout return; } } // STAGE 5: Choose view template and submit presentation model to view template for rendering. $this->renderToSegment('body'); }