Auth() problems

[GauravK]

I wish the documentation for the Auth had at least one full code example of how it should be used, because it is difficult for newbies to grasp right now.

I have this code, which does not work:

<?php


class AdminController extends Controller {
 
 function beforeroute() {
 // render header
 echo \Template::instance()->render('adminheader.html');
 }


 function login($f3) {
  $auth->reset();
  $user = new Users($this->db);
  $auth = new \Auth($user, array('id'=>'username', 'pw'=>'password'));
  $auth->basic();
   if (!$auth->dry()) {
    $f3->set('SESSION.username', $auth->id);
   }
   else $f3->reroute('/');
 }


 function render($f3){    
 $quizzes = new Quizzes($this->db);
 $quiz = $quizzes->all();
 $topicCount = $quizzes->topicCount();
 $f3->set('quiz',$quiz);
 $f3->set('topicCount',$topicCount);


 if ($f3->get('SESSION.username')=='admin')
    echo \Template::instance()->render('admin.html');
  else $this->login($f3);
 }


}

I'm not sure what I'm doing wrong, but it gives me this error: Internal Server Error Fatal error: Call to a member function reset() on null [app/controllers/AdminController.php:12] 

Any help would be appreciated. Also, if somebody could just add a code example of how to use Auth() to the documentation, that would be fantastic and would prevent a lot of silly questions like this one! I noticed a lot of similar questions on this forum about this module asking for examples.

[bcosca]

$this->db doesn't appear to be populated anywhere in the class.

[GauravK]

I populated that in the parent controller  - I don't think that is the problem. For example, when I comment out the entire login function and related code, I have no problems with the render() function, which also calls $this->db. 

[GauravK]

This managed to get some progress (window pops up, and accepts the correct username/password combo and not incorrect combos), but when a user clicks 'cancel' on the auth popup window it still just renders the admin page. 

function render($f3){    
 
 $user=new DB\SQL\Mapper($this->db,'users');
 $auth== null;

 $auth = new \Auth($user, array('id'=>'username', 'pw'=>'password'));
 $auth->basic();

 $f3->set('SESSION.username','SERVER.PHP_AUTH_USER');
 if (!$f3->get('SESSION.username')) $f3->error(401);


 else {

 $quizzes = new Quizzes($this->db);
 $quiz = $quizzes->all();
 $topicCount = $quizzes->topicCount();
 $f3->set('quiz',$quiz);
 $f3->set('topicCount',$topicCount);

 echo \Template::instance()->render('admin.html');
 }


 }

[ikkez]

that's probably because you logged in with that browser already and it caches the login credentials. try again with a different browser.

[Gaurav Keerthi]

Oh - so how do I reset it so that other users who use my browser don't get auto-logged in. That is, how do I log out of the session in f3? 

[ikkez]

basic auth doesn't have a native way of loggin out.. the only way is sending invalid login data to the auth mechanism to trick the browser.
maybe consider to use a different auth technique (login form), when basic auth does not fit your needs.

[Gaurav Keerthi]

Oh I see. Ok, I was trying to be lazy and avoid coding a login form. Oh well. Thanks! 

--

-- You've received this message because you are subscribed to the Google Groups group. To post to this group, send an email to f3-fra...@googlegroups.com. To unsubscribe from this group, send an email to f3-framework+unsubscribe@googlegroups.com. For more options, visit this group at https://groups.google.com/d/forum/f3-framework?hl=en
---
You received this message because you are subscribed to a topic in the Google Groups "Fat-Free Framework" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/f3-framework/ShmVwVAfAzE/unsubscribe.
To unsubscribe from this group and all its topics, send an email to f3-framework+unsubscribe@googlegroups.com.
To post to this group, send email to f3-fra...@googlegroups.com.
Visit this group at https://groups.google.com/group/f3-framework.

To view this discussion on the web visit https://groups.google.com/d/msgid/f3-framework/e1d32a64-9de3-43eb-b4cc-755cf34da637%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.

[ikkez]

well I tried this little jquery snippet, that sends an incorrect user name (invalidates the basic auth session) and then redirects you to another route... seems to work fine.

function logout(secUrl, redirUrl) {
        $.ajax({
            async: false,
            url: secUrl,
            type: 'GET',
            username: 'logout'
        });
        setTimeout(function () {
            window.location.href = redirUrl;
        }, 1000);
    }

    $('#logout-btn').on('click',function(e){
        e.preventDefault();

        logout('admin','/');
    });

Am Sonntag, 9. April 2017 17:11:24 UTC+2 schrieb GauravK:

Oh I see. Ok, I was trying to be lazy and avoid coding a login form. Oh well. Thanks!