Very nice Erick, looks really good.
This should be the last peace to the puzzle.
On Nov 30, 2011 9:09 AM, "Erick Romero" <[email protected]> wrote:
> **
> Hello everybody.
>
> The approach used by Nicolas to authenticate on APE is perfect valid (php
> to ape).
>
> Also I want to share the way I use to authenticate on it. The approach is
> to have APE asks to "PHP" if the authentication is valid (ape to php).
> For my case, APE is a "piece" of my website and not the core of it. (for
> example a normal CMS + real-time chat)
>
>
> 1. The user enters to the website (php+apache+mysql) and enter its
> user and password (i.e. login.php)
> 2. A hash is stored into a cookie when it is authenticated
> 3. The hash value is taken and send when APE connects (javascript at
> client side)
> 4. The APE server gets that hash upon connections and makes a request
> to a "localhost" script (i.e. connect hook)
> 5. A php script on "localhost" handles any mysql and/or logic related
> to test if the authentication is valid and send the response to APE (i.e.
> localhost/ape_auth.php?session_id=aaaaaa)
> 6. APE drops or accepts the incoming connection based on the
> php-script response
> 7. You should want to make the php-script drops all request other
> than those coming from "localhost"
>
>
>
> The code at the *APE server side* looks like this (javascript)
>
>
> /**
> * Hook connect method
> * When an user is connecting, it must provide its valid session ID.
> * If it is not a logged user, then does not accept the connection
> *
> * @param params (object) The list of parameters sent by the client
> * @param cmd (object) Contains information about the client:
> */
> Ape.registerHookCmd("connect", function(params, cmd) {
>
> if ( ! params || ! params.session_id) return 0;
>
> var request = new Http('
> http://127.0.0.1/is_user_logged_in.php?session=' + params.session_id);
>
> request.getContent(function(result) { //call the PHP file
>
> if (result !== 0) {
>
> var user = JSON.parse(result); //the JSON gotten could include
> user data (i.e. name, uid, email, etc)
> cmd.user.code = user.code;
> cmd.user.uid = user.uid;
>
> cmd.sendResponse('userCode', {'code': user.code});
> log('- ' + user.code + ' is connecting');
>
> return 1;
>
> } else {
>
> log('USER_NOT_LOGGED_IN');
> cmd.sendResponse('ERR', {'code': 1001, 'value': 'User not
> logged-in'});
> return 0;
>
> }
> });
>
> });
>
>
>
> The code at the *APE client side* looks like this (javascript)
> Note: JS unserialize is a very helpful function :-) ->
> http://phpjs.org/functions/unserialize:571
>
>
> var client = new APE.Client();
>
> //Intercept the onLoad event
> client.addEvent('load', function(cmd){
> //get the session_id from the cookie
> var ck = unserialize(Cookie.read('session_id'));
> //Call the core start function to connect to APE Server
> client.core.start({
> 'session_id': ck.session_id
> });
> });
>
> client.load();
>
>
>
>
>
> On 11/30/2011 05:23 AM, Nicolas Guibert wrote:
>
> What I do is send a command to APE via PHP when the user is registered.
>
> The command sends a key to APE who stores it.
>
> Then, when the client tries to connect to APE, it sends the key with it,
> and APE checks it.
>
> The code below should help you:
>
>
> $cmd = array(array(
> 'cmd' => 'REGISTER_USER',
> 'params' => array(
> 'name' => "register_user",
> 'user_id' => $user_id,
> 'check_key' => $key,
> 'activation_key' => $activation_key
> )
> ));
>
> // Attention this is synchronous, so it may freeze the server ??
> $data=send_command_to_APE($cmd);
>
> if ($data===FALSE OR $data=="")
> {
> //die("Server down!!");
> header('location:server_down.php');
> die(); // Otherwise, the next header location will take precedence.
> }
> else
> {
> if ($data[0]->raw=="ERR") // 005 NICK USED
> {
> // We can test
> // $data[0]->data->code
> // for "005"
> // OR
> // $data[0]->data->value
> // for "NICK USED";
> header('location:already_connected.php');
> die();
> }
> else
> {
> //die("data:".$data[0]->data->value);//print_r($data));
>
> // Something went wrong with the registration of the user on
> the HM server
> if ($data[0]->data->value==0)
> {
> header('location:server_down.php');
> die();
> }
>
> //die("data:".$data[0]->data->value);//print_r($data));
> // Nothing, let's continue! Checks succeeded!
> }
> //die("ok");
> }
>
>
>
> // Attention this is synchronous, so it may freeze the server ??
> function send_command_to_APE($cmd)
> {
>
> $base="local.ape-project.org";
> $port=":6969";
>
> $APEserver = "http://ape.".$base.$port."/?";;
>
> $context= stream_context_create(array(
> 'http' => array(
> 'timeout' => 5
> )
> )
> );
>
> $data =
> @file_get_contents($APEserver.rawurlencode(json_encode($cmd)),0, $context);
>
> $data = json_decode($data);
>
> return $data;
> }
>
>
>
>
>
> 2011/11/30 KhoaTA <[email protected]>
>
>> And one thing currently i have to have APE connect MySQL.
>>
>> That is authenticating user who connects to APE.
>> The process is:
>> - User connects to web server, web server will save sessionId in MySQL
>> & return sessionId to user.
>> - User then connects to APE along with sessionId, APE will check if
>> the submitted sessionId is equal to sessionId in MySQL.
>>
>> Currently i can't find another way for authentication. And APE is
>> having problem with MySQL now.
>> Thanks for your support.
>>
>> --
>> You received this message because you are subscribed to the Google
>> Groups "APE Project" group.
>> To post to this group, send email to [email protected]
>> To unsubscribe from this group, send email to
>> [email protected]
>> For more options, visit this group at
>> http://groups.google.com/group/ape-project?hl=en
>> ---
>> APE Project (Ajax Push Engine)
>> Official website : http://www.ape-project.org/
>> Git Hub : http://github.com/APE-Project/
>>
>
> --
> You received this message because you are subscribed to the Google
> Groups "APE Project" group.
> To post to this group, send email to [email protected]
> To unsubscribe from this group, send email to
> [email protected]
> For more options, visit this group at
> http://groups.google.com/group/ape-project?hl=en
> ---
> APE Project (Ajax Push Engine)
> Official website : http://www.ape-project.org/
> Git Hub : http://github.com/APE-Project/
>
>
> --
> You received this message because you are subscribed to the Google
> Groups "APE Project" group.
> To post to this group, send email to [email protected]
> To unsubscribe from this group, send email to
> [email protected]
> For more options, visit this group at
> http://groups.google.com/group/ape-project?hl=en
> ---
> APE Project (Ajax Push Engine)
> Official website : http://www.ape-project.org/
> Git Hub : http://github.com/APE-Project/
>
--
You received this message because you are subscribed to the Google
Groups "APE Project" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/ape-project?hl=en
---
APE Project (Ajax Push Engine)
Official website : http://www.ape-project.org/
Git Hub : http://github.com/APE-Project/
