Thanks Pablo. APE is really good, so I got a nice way to work around all the MySQL issues by using the http-request from APE-Server. In the other hand, it should be "quicker" to make a request from ape-server to apache (same server in my case) than a request from the client-side-end-user to apache.
Also I use the "php-script on localhost" to handle not only authentication but any other MySQL logic. I am implementing APE in the following website: http://ninjanojutsu.com/ Tip for those who want chat history: Include the chat history when the "connect" HookCmd sends the response. (of course provided by the php-localhost-script into the JSON response) On 11/30/2011 09:57 AM, Pablo Tejada wrote: > > Very nice Erick, looks really good. > This should be the last peace to the puzzle. > > On Nov 30, 2011 9:09 AM, "Erick Romero" <[email protected] > <mailto:[email protected]>> wrote: > > Hello everybody. > > The approach used by Nicolas to authenticate on APE is perfect > valid (php to ape). > > Also I want to share the way I use to authenticate on it. The > approach is to have APE asks to "PHP" if the authentication is > valid (ape to php). > For my case, APE is a "piece" of my website and not the core of > it. (for example a normal CMS + real-time chat) > > 1. The user enters to the website (php+apache+mysql) and enter > its user and password (i.e. login.php) > 2. A hash is stored into a cookie when it is authenticated > 3. The hash value is taken and send when APE connects > (javascript at client side) > 4. The APE server gets that hash upon connections and makes a > request to a "localhost" script (i.e. connect hook) > 5. A php script on "localhost" handles any mysql and/or logic > related to test if the authentication is valid and send the > response to APE (i.e. localhost/ape_auth.php?session_id=aaaaaa) > 6. APE drops or accepts the incoming connection based on the > php-script response > 7. You should want to make the php-script drops all request > other than those coming from "localhost" > > > > The code at the *APE server side* looks like this (javascript) > > > /** > * Hook connect method > * When an user is connecting, it must provide its valid > session ID. > * If it is not a logged user, then does not accept the connection > * > * @param params (object) The list of parameters sent by > the client > * @param cmd (object) Contains information about the > client: > */ > Ape.registerHookCmd("connect", function(params, cmd) { > > if ( ! params || ! params.session_id) return 0; > > var request = new > Http('http://127.0.0.1/is_user_logged_in.php?session=' + > params.session_id); > > request.getContent(function(result) { //call the PHP file > > if (result !== 0) { > > var user = JSON.parse(result); //the JSON gotten > could include user data (i.e. name, uid, email, etc) > cmd.user.code = user.code; > cmd.user.uid = user.uid; > > cmd.sendResponse('userCode', {'code': user.code}); > log('- ' + user.code + ' is connecting'); > > return 1; > > } else { > > log('USER_NOT_LOGGED_IN'); > cmd.sendResponse('ERR', {'code': 1001, 'value': > 'User not logged-in'}); > return 0; > > } > }); > > }); > > > > The code at the *APE client side* looks like this (javascript) > Note: JS unserialize is a very helpful function :-) -> > http://phpjs.org/functions/unserialize:571 > > > var client = new APE.Client(); > > //Intercept the onLoad event > client.addEvent('load', function(cmd){ > //get the session_id from the cookie > var ck = unserialize(Cookie.read('session_id')); > //Call the core start function to connect to APE Server > client.core.start({ > 'session_id': ck.session_id > }); > }); > > client.load(); > > > > > > On 11/30/2011 05:23 AM, Nicolas Guibert wrote: >> What I do is send a command to APE via PHP when the user is >> registered. >> >> The command sends a key to APE who stores it. >> >> Then, when the client tries to connect to APE, it sends the key >> with it, and APE checks it. >> >> The code below should help you: >> >> >> $cmd = array(array( >> 'cmd' => 'REGISTER_USER', >> 'params' => array( >> 'name' => "register_user", >> 'user_id' => $user_id, >> 'check_key' => $key, >> 'activation_key' => $activation_key >> ) >> )); >> >> // Attention this is synchronous, so it may freeze the server ?? >> $data=send_command_to_APE($cmd); >> >> if ($data===FALSE OR $data=="") >> { >> //die("Server down!!"); >> header('location:server_down.php'); >> die(); // Otherwise, the next header location will take >> precedence. >> } >> else >> { >> if ($data[0]->raw=="ERR") // 005 NICK USED >> { >> // We can test >> // $data[0]->data->code >> // for "005" >> // OR >> // $data[0]->data->value >> // for "NICK USED"; >> header('location:already_connected.php'); >> die(); >> } >> else >> { >> //die("data:".$data[0]->data->value);//print_r($data)); >> >> // Something went wrong with the registration of the >> user on the HM server >> if ($data[0]->data->value==0) >> { >> header('location:server_down.php'); >> die(); >> } >> >> //die("data:".$data[0]->data->value);//print_r($data)); >> // Nothing, let's continue! Checks succeeded! >> } >> //die("ok"); >> } >> >> >> >> // Attention this is synchronous, so it may freeze the server ?? >> function send_command_to_APE($cmd) >> { >> >> $base="local.ape-project.org <http://local.ape-project.org>"; >> $port=":6969"; >> >> $APEserver = "http://ape.".$base.$port."/?";; >> >> $context= stream_context_create(array( >> 'http' => array( >> 'timeout' => 5 >> ) >> ) >> ); >> >> $data = >> @file_get_contents($APEserver.rawurlencode(json_encode($cmd)),0, >> $context); >> >> $data = json_decode($data); >> >> return $data; >> } >> >> >> >> >> >> 2011/11/30 KhoaTA <[email protected] <mailto:[email protected]>> >> >> And one thing currently i have to have APE connect MySQL. >> >> That is authenticating user who connects to APE. >> The process is: >> - User connects to web server, web server will save sessionId >> in MySQL >> & return sessionId to user. >> - User then connects to APE along with sessionId, APE will >> check if >> the submitted sessionId is equal to sessionId in MySQL. >> >> Currently i can't find another way for authentication. And APE is >> having problem with MySQL now. >> Thanks for your support. >> -- You received this message because you are subscribed to the Google Groups "APE Project" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/ape-project?hl=en --- APE Project (Ajax Push Engine) Official website : http://www.ape-project.org/ Git Hub : http://github.com/APE-Project/
