Authentication Example?

1 view
Skip to first unread message

ctodd

unread,
Aug 19, 2007, 9:07:46 PM8/19/07
to phocoa users
Can anyone provide some pointers on integrating the included modules/
login tools into an application? Seems as if I should be able to
reference them from my test application.

Chris

Alan Pinstein

unread,
Aug 20, 2007, 10:45:01 AM8/20/07
to phocoa...@googlegroups.com
Sure...

The built-in "login" module is for login only. There is no sign-up,
since everyone does that their own way anyway. To use it in a login/
signup page, I'd recommend building your own signup module then using
WFModuleView to include the "existing members log in here" kinda thing.

However, if you're just testing log in, that's perfect, you can just
go to http://your-server/login to see it work.

Also, in case you hadn't noticed it, you can "require login" for a
given module by adding a "checkSecurity()" function like so:

> function checkSecurity (WFAuthorizationInfo $authInfo)
> {
> if ($authInfo->isLoggedIn() and $authInfo->isAdmin())
> return WFAuthorizationManager::ALLOW;
> return WFAuthorizationManager::DENY;
> }

As far as the code goes, here's an example:

Go here:

http://4.mydx.showcasere.com/webapp/idx/idx/12657

and click on "Save Search". That will bring up a "register" module
that does what I explained above.

Here's the Login Delegate class and setup:

> // in AppDelegate::initialize()
> $ac = WFAuthorizationManager::sharedAuthorizationManager();
> $ac->setDelegate(new ShowcaseClientLogin);
>
> class ShowcaseClientLogin
> {
> function login($username, $password, $passIsToken)
> {
> $origPW = $password; // keep copy for logging purposes
> try {
> // can log in with CLIENT_ID or EMAIL;
> $hostAgentId = MyWebApplicationDelegate::hostAgentId();
> if (is_numeric($username))
> {
> $client = ClientPeer::retrieveByPK($username);
> // make sure client id belongs to this host agent
> if ($client->getAgentId() != $hostAgentId)
> {
> $client = NULL;
> }
> }
> else
> {
> $client = ClientPeer::retrieveByEmail($hostAgentId,
> $username);
> }
> if (!$passIsToken)
> {
> $password = md5($password);
> }
> if ($client and $password === $client->getPassMd5())
> {
> $authInfo = new ShowcaseClientAuthorizationInfo;
> $authInfo->setUserid($client->getClientId());
> return $authInfo;
> }
> else
> {
> WFLog::logToFile('auth.log', "Invalid client login:
> $username");
> }
> } catch (Exception $e) {
> throw($e);
> }
>
> return NULL;
> }
>
> function loginInvocationPath()
> {
> return 'client/register/register';
> }
>
> function loginMessage()
> {
> return 'Sign into your MyDX Client Center for access to
> advanced features.';
> }
>
> function usernameLabel()
> {
> return 'Email Address';
> }
>
> function shouldEnableForgottenPasswordReset() { return true; }
>
> function resetPassword($username)
> {
> // lookup user
> $client = ClientPeer::retrieveByEmail
> (MyWebApplicationDelegate::hostAgentId(), $username);
> if (!$client) throw( new WFException("Could not locate an
> account for \"{$username}\".") );
>
> // pick new password and email it to client
> $client->resetPassword();
> }
>
> function defaultLogoutContinueURL()
> {
> // go to agent home page on client logout
> return 'http://' . HostAgent::sharedHostAgent()-
> >getDomainName();

Reply all
Reply to author
Forward
0 new messages