Thank you!
But where the question arise:
authenticate($adapter) then saves the identity in the storage and default
storage is session-based storage. This storage accepts only strings, as I
understand. So before the example below can work I should change the storage
too?
Sincerely,
On 4/10/07, Simon Mundy <[EMAIL PROTECTED]> wrote:
Yeah, that example was ~0.7.0 when the Zend_Auth class was still in
incubator and the getIdentity() was separate. Now it's possible to simply
implement the Zend_Auth_Interface in an instance of Zend_Db_Table if you
like and you can remove a couple of steps.
The 'role' property is simply a field within a users table.
E.g. users_list schema:-
CREATE TABLE `user_list` (
`id` int(10) unsigned NOT NULL auto_increment,
`role` enum('guest','member','admin') NULL default 'guest',
`username` varchar(32) default NULL,
`password` varchar(32) default NULL,
`email` varchar(255) default NULL,
PRIMARY KEY (`id`),
UNIQUE KEY `username` (`username`)
);
...and then I simply subclass Zend_Db_Table to leverage the identity check
and return an instance of Zend_Db_Table_Row as the 'identity':-
class My_User extends Zend_Db_Table implements Zend_Auth_Adapter_Interface
{
protected $_username;
protected $_password;
protected $_name = 'user_list';
public setUsername($username)
{
$this->_username = $username;
}
public setPassword($password)
{
$this->_password = $password;
}
public authenticate()
{
$authenticated = false;
$messages = array();
$identity = $this->fetchRow($this->_db->quoteInto('username = ?',
$this->_username));
if (!$identity->id) {
$this->_messages[] = 'Your account number is incorrect';
} elseif ($identity->password != md5($this->_password)) {
$this->_messages[] = 'Your password is incorrect';
} else {
$authenticated = true;
}
return new Zend_Auth_Result($authenticated, $identity, $messages);
}
}
...so then your identity check could look like this example (within a
login controller). Yes, I do use this class as the adapter:-
$auth = Zend_Auth::getInstance();
$adapter = new My_User();
$adapter-> setUsername($_POST['username']);
$adapter-> setPassword($_POST['password']);
$result = $auth->authenticate($adapter);
if (!$result->isValid()) {
...show error messages...
} else {
...successful login...
}
Thank you, that clarifies a lot!
However, I would like to know where you changed the identity of Zend_Auth?
E.g. what makes
$this->_auth->getIdentity()->getUser()->role;
possible?
I think that $identity->setUser(...) means that you use some class to
store identity-related information. Do use your own adapter for this?
Does this adapter store identity object into session auth storage and
loads it on next request?
But bootstrap above shows that
// Create auth object
$auth = Zend_Auth::getInstance();
So I need to subclass Zend_Auth to save some user-related information?
--
Simon Mundy | Director | PEPTOLAB
""" " "" """""" "" "" """"""" " "" """"" " """"" " """""" "" "
202/258 Flinders Lane | Melbourne | Victoria | Australia | 3000
Voice +61 (0) 3 9654 4324 | Mobile 0438 046 061 | Fax +61 (0) 3 9654 4124
http://www.peptolab.com
--
Alexander
http://www.alexatnet.com/ - Blog and CMS created with Zend Framework and
Ajax.
