[symfony-users] Why the fors always is invalid?

[Reynier Perez Mira]

Hi every:
I'm trying to build my own logic behind sfGuard plugin. Right now I can 
authenticate over LDAP but the same user need to exists in the DB also. Why? I 
don't know but this is what I'm see. For this I proposed myself do something. 
First I write this code inside /apps/frontend/lib/myUser.class.php

class myUser extends sfGuardSecurityUser {
  public function doLogin($user_id, $passwd) {
    $this->login_method = sfConfig::get('app_login');
    return call_user_func(array($this, 'doLogin' . $this->login_method), 
$user_id, $passwd);
  }

  private function doLoginDB($user_id, $passwd) {
    $access_level = UserManagement::checkLoginData($user_id, $passwd);
    if ($access_level != -1) {
    // avoid session fixation attacks
      session_regenerate_id();
      $this->setAuthenticated(true);
      $this->addCredential(sfConfig::get("app_credentials_".$access_level));
      $this->setAttribute('user_identifier', $user_id);
      return true;
    } else {
      return false;
    }
  }

  private function doLoginLDAP($user_id, $passwd) {
    $options = array('account_suffix'=>'@uci.cu','base_dn'=>'OU=UCI Domain 
Users, DC=uci,DC=cu','domain_controllers'=>array('uci.cu'));
    $ldap = new adLDAP($options);
    $authenticated = $ldap->authenticate($user_id, $passwd);
    if ($authenticated) {
    // if the credentials are right then insert the new user in the DB
    // @todo check if the user already exists
      $new_user = new sfGuardUser();
      $new_user->setUsername($user_id);
      $new_user->setPassword($passwd);
      $new_user->setAlgorithm('sha1');
      $new_user->setIsActive(true);
      $new_user->save();//creando el usuario

     // avoid session fixation attacks
      session_regenerate_id();
      $this->setAuthenticated(true);
      $this->addCredential(sfConfig::get("app_credentials_".$access_level));
      $this->setAttribute('user_identifier', $user_id);

      $result = true;
    }
    return $result;
  }
}

As you can see I use "app_login" value from app.yml. This are set as follow: 
"login: LDAP" so when I call the doLogin method it call himself doLoginLDAP, 
right?

I invoke this code from the Signin() method overwritten in 
/apps/frontend/sfGuardAuth/actions/actions.class.php and contains this piece of 
code:

class sfGuardAuthActions extends BasesfGuardAuthActions {
  public function executeSignin($request) {
    $user = $this->getUser();
    if ($user->isAuthenticated()) {
      return $this->redirect('@homepage');
    }

    $class = sfConfig::get('app_sf_guard_plugin_signin_form', 
'sfGuardFormSignin');
    $this->form = new $class();
    if ($request->isMethod('post')) {
      $this->form->bind($request->getParameter('signin'));
      if ($this->form->isValid()) {
        die('qpee');
        $values = $this->form->getValues();
        var_dump($values);
        exit();
        try {
          if ($user->doLogin($values['username'], $values['password'])) {
            die('Entro');
            $this->redirect('@homepage');
          } else {
            $this->setFlash('exception', "El usuario no existe o la 
contraseña no es válida.", 0);
          }
        }
        catch (Exception $exception) {
          $this->setFlash('exception', strip_tags($exception->getMessage()), 0);
        }

        //$this->getUser()->signin($values['user'], 
array_key_exists('remember', $values) ? $values['remember'] : false);
        $signinUrl = sfConfig::get('app_sf_guard_plugin_success_signin_url', 
$user->getReferer('@homepage'));
        return $this->redirect($signinUrl);
      }
    } else {
      if ($request->isXmlHttpRequest()) {
        $this->getResponse()->setHeaderOnly(true);
        $this->getResponse()->setStatusCode(401);
        return sfView::NONE;
      }
      $user->setReferer($this->getContext()->getActionStack()->getSize() > 1 ? 
$request->getUri() : $request->getReferer());
      $module = sfConfig::get('sf_login_module');
      if ($this->getModuleName() != $module) {
        return $this->redirect($module.'/'.sfConfig::get('sf_login_action'));
      }
      $this->getResponse()->setStatusCode(401);
    }
  }

As you can see is the same code with some minors changes in this lines:

if ($this->form->isValid()) {
        die('qpee');
        $values = $this->form->getValues();
        var_dump($values);
        exit();
        try {
          if ($user->doLogin($values['username'], $values['password'])) {
            die('Entro');
            $this->redirect('@homepage');
          } else {
            $this->setFlash('exception', "El usuario no existe o la 
contraseña no es válida.", 0);
          }
        }
        catch (Exception $exception) {
          $this->setFlash('exception', strip_tags($exception->getMessage()), 0);
        }

        //$this->getUser()->signin($values['user'], 
array_key_exists('remember', $values) ? $values['remember'] : false);
        $signinUrl = sfConfig::get('app_sf_guard_plugin_success_signin_url', 
$user->getReferer('@homepage'));
        return $this->redirect($signinUrl);
}

Nothing else. What's happening? The form never is valid because the die('qpee') 
is never accessed. Can any say me why?

Ing. Reynier Pérez Mira



--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups 
"symfony users" group.
To post to this group, send email to symfony-users@googlegroups.com
To unsubscribe from this group, send email to 
symfony-users+unsubscr...@googlegroups.com
For more options, visit this group at 
http://groups.google.com/group/symfony-users?hl=en
-~----------~----~----~----~------~----~------~--~---