private function runAuthRequiredFilter($request) { $database = new ezcAuthenticationDatabaseInfo(ezcDbInstance::get(), 'user', array('id', 'password')); $databaseFilter = new ezcAuthenticationDatabaseFilter($database); // use the options object when creating a new Session object $options = new ezcAuthenticationSessionOptions(); $options->validity = 86400; $session = new ezcAuthenticationSession($options); $session->start(); $user = $session->load(); $password = null; $loginWithForm = true; $credentials = new ezcAuthenticationPasswordCredentials($user, md5($password)); $authentication = new ezcAuthentication($credentials); $authentication->session = $session; $authentication->addFilter($databaseFilter); if (!$authentication->run()) { $status = $authentication->getStatus(); $request->variables['redirUrl'] = $request->uri; $request->variables['reasons'] = $status; $request->uri = '/login-required'; debugLogger::log(var_export($status, true), ezcLog::DEBUG, array("source" => __METHOD__)); return new ezcMvcInternalRedirect($request); } if (isset($_SESSION['ezcAuth_id'])) { /* $q = ezcDbInstance::get()->createSelectQuery(); $q->select( '*' ) ->from( 'user' ) ->leftJoin( 'user_pref', 'user.id', 'user_pref.user_id' ) ->where( $q->expr->eq( 'id', $q->bindValue( $_SESSION['ezcAuth_id'] ) ) ); $s = $q->prepare(); $s->execute(); $r = $s->fetchAll(); $userName = $r[0]['fullname']; */ $q = ezcDbInstance::get()->createSelectQuery(); $q->select('*')->from('user')->where($q->expr->eq('id', $q->bindValue($_SESSION['ezcAuth_id']))); $s = $q->prepare(); $s->execute(); $r = $s->fetchAll(); $userName = $r[0]['fullname']; date_default_timezone_set($r[0]['timezone']); } $request->variables['user'] = $userName; }
<?php require_once 'tutorial_autoload.php'; // no headers should be sent before calling $session->start() $options = new ezcAuthenticationSessionOptions(); $session = new ezcAuthenticationSession($options); $session->start(); // URL after returning from OpenID authentication $url = isset($_GET['openid_identity']) ? $_GET['openid_identity'] : $session->load(); if ($url === null) { // URL at the start of authentication $url = isset($_GET['openid_identifier']) ? $_GET['openid_identifier'] : $session->load(); } $action = isset($_GET['action']) ? strtolower($_GET['action']) : null; $credentials = new ezcAuthenticationIdCredentials($url); $authentication = new ezcAuthentication($credentials); $authentication->session = $session; if ($action === 'logout') { $session->destroy(); } else { $options = new ezcAuthenticationOpenidOptions(); $options->mode = ezcAuthenticationOpenidFilter::MODE_SMART; $options->openidVersion = ezcAuthenticationOpenidFilter::VERSION_2_0; $options->store = new ezcAuthenticationOpenidFileStore('/tmp/store'); $filter = new ezcAuthenticationOpenidFilter($options); $filter->registerFetchData(array('fullname', 'gender', 'country', 'language')); $authentication->addFilter($filter); } if (!$authentication->run()) { // authentication did not succeed, so inform the user $status = $authentication->getStatus();
<?php require_once 'tutorial_autoload.php'; // no headers should be sent before calling $session->start() $options = new ezcAuthenticationSessionOptions(); // setting 60 seconds timeout for session for testing purposes only $options->validity = 60; $session = new ezcAuthenticationSession($options); $session->start(); $identity = $session->load(); $url = isset($_GET['openid_identifier']) ? $_GET['openid_identifier'] : $identity; $action = isset($_GET['action']) ? strtolower($_GET['action']) : null; $credentials = new ezcAuthenticationIdCredentials($url); $authentication = new ezcAuthentication($credentials); $authentication->session = $session; if ($action === 'logout') { $session->destroy(); } if (!$authentication->run()) { // authentication did not succeed, so inform the user ?> <script language="JavaScript"> var xmlhttp = false; /*@cc_on @*/ /*@if ( @_jscript_version >= 5 ) try { xmlhttp = new ActiveXObject( "Msxml2.XMLHTTP" ); }
<?php require_once 'tutorial_autoload.php'; // no headers should be sent before calling $session->start() $session = new ezcAuthenticationSession(); $session->start(); // $token is used as a key in the session to store the authenticated state between requests $token = isset($_GET['token']) ? $_GET['token'] : $session->load(); $credentials = new ezcAuthenticationIdCredentials($token); $authentication = new ezcAuthentication($credentials); $authentication->session = $session; $filter = new ezcAuthenticationTypekeyFilter(); $authentication->addFilter($filter); // add other filters if needed if (!$authentication->run()) { // authentication did not succeed, so inform the user $status = $authentication->getStatus(); $err = array('ezcAuthenticationTypekeyFilter' => array(ezcAuthenticationTypekeyFilter::STATUS_SIGNATURE_INCORRECT => 'Signature returned by TypeKey is incorrect', ezcAuthenticationTypekeyFilter::STATUS_SIGNATURE_EXPIRED => 'The signature returned by TypeKey expired'), 'ezcAuthenticationSession' => array(ezcAuthenticationSession::STATUS_EMPTY => '', ezcAuthenticationSession::STATUS_EXPIRED => 'Session expired')); foreach ($status as $line) { list($key, $value) = each($line); echo $err[$key][$value] . "\n"; } ?> <form method="GET" action="https://www.typekey.com/t/typekey/login" onsubmit="document.getElementById('_return').value += '?token=' + document.getElementById('t').value;"> TypeKey token: <input type="text" name="t" id="t" /> <input type="hidden" name="_return" id="_return" value="http://localhost/typekey.php" /> <input type="submit" /> </form> <?php } else { // authentication succeeded, so allow the user to see his content
/** * This method sets up the authentication mechanism. * * By default it uses database and session storage only. If you want to do * more complex things, the best way would be to inherit from this class * and override this method. It takes a user name and password, but those * can be empty if your overridden class does not require them. This method * will also be called with $user and $password being NULL in case the * filter needs to check whether a user is already logged in. In this case, * the session should be checked. * * @param string $user * @param string $password * * @return ezcAuthentication */ protected function setupAuth($user = null, $password = null) { $database = new ezcAuthenticationDatabaseInfo($this->options->database, $this->options->tableName, array($this->options->userIdField, $this->options->passwordField)); $databaseFilter = new ezcAuthenticationDatabaseFilter($database); // use the options object when creating a new Session object $options = new ezcAuthenticationSessionOptions(); $options->validity = 86400; $options->idKey = $this->options->sessionUserIdKey; $options->timestampKey = $this->options->sessionTimestampKey; $session = new ezcAuthenticationSession($options); $session->start(); if ($user === null) { $user = $session->load(); $password = null; } $credentials = new ezcAuthenticationPasswordCredentials($user, $this->hashPassword($password)); $authentication = new ezcAuthentication($credentials); $authentication->session = $session; $authentication->addFilter($databaseFilter); return $authentication; }
<?php require_once 'tutorial_autoload.php'; // no headers should be sent before calling $session->start() $session = new ezcAuthenticationSession(); $session->start(); $user = isset($_POST['user']) ? $_POST['user'] : $session->load(); $password = isset($_POST['password']) ? $_POST['password'] : null; $credentials = new ezcAuthenticationPasswordCredentials($user, $password); $authentication = new ezcAuthentication($credentials); $authentication->session = $session; $authentication->addFilter(new ezcAuthenticationHtpasswdFilter('/etc/htpasswd')); // add other filters if needed if (!$authentication->run()) { // authentication did not succeed, so inform the user $status = $authentication->getStatus(); $err = array('ezcAuthenticationHtpasswdFilter' => array(ezcAuthenticationHtpasswdFilter::STATUS_USERNAME_INCORRECT => 'Incorrect username', ezcAuthenticationHtpasswdFilter::STATUS_PASSWORD_INCORRECT => 'Incorrect password'), 'ezcAuthenticationSession' => array(ezcAuthenticationSession::STATUS_EMPTY => '', ezcAuthenticationSession::STATUS_EXPIRED => 'Session expired')); foreach ($status as $line) { list($key, $value) = each($line); echo $err[$key][$value] . "\n"; } } else { // authentication succeeded, so allow the user to see his content }