* $credentials = new ezcAuthenticationPasswordCredentials( 'jan.modaal', 'b1b3773a05c0ed0176787a4f1574ff0075f7521e' );
* $authentication = new ezcAuthentication( $credentials );
* $authentication->session = new ezcAuthenticationSessionFilter();
* $authentication->addFilter( new ezcAuthenticationHtpasswdFilter( '/etc/htpasswd' ) );
* // add other filters if needed
* if ( !$authentication->run() )
* {
* // authentication did not succeed, so inform the user
* $status = $authentication->getStatus();
* $err = array();
* $err["user"] = "";
* $err["password"] = "";
* for ( $i = 0; $i < count( $status ); $i++ )
* {
* list( $key, $value ) = each( $status[$i] );
* switch ( $key )
* {
* case 'ezcAuthenticationHtpasswdFilter':
* if ( $value === ezcAuthenticationHtpasswdFilter::STATUS_USERNAME_INCORRECT )
* {
* $err["user"] = "Username incorrect";
* }
* if ( $value === ezcAuthenticationHtpasswdFilter::STATUS_PASSWORD_INCORRECT )
* {
* $err["password"] = "Password incorrect";
* }
* break;
* }
* }
* // use $err array (with a Template object for example) to display the login form
* // to the user with "Password incorrect" message next to the password field, etc...
* }
* else
* {
* // authentication succeeded, so allow the user to see his content
* }
*
*
* @property ezcAuthenticationSession $session
* The session object to use during authentication to store the
* authentication information between requests.
* @property ezcAuthenticationStatus $status
* The status object which holds the status of the run filters.
* @property ezcAuthenticationCredentials $credentials
* The user credentials to pass to the authentication filters.
*
* @package Authentication
* @version 1.0beta1
* @mainclass
*/
class ezcAuthentication
{
/**
* The properties of this class.
*
* @var array(string=>mixed)
*/
private $properties = array();
/**
* The filter queue of the authentication process.
*
* @var array(ezcAuthenticationFilter)
*/
private $filters = array();
/**
* Options for the Authentication object.
*
* @var ezcAuthenticationOptions
*/
private $options;
/**
* Creates a new object of this class.
*
* @param ezcAuthenticationCredentials $credentials Authentication credentials
* @param ezcAuthenticationOptions $options Options for this class
*/
public function __construct( ezcAuthenticationCredentials $credentials, ezcAuthenticationOptions $options = null )
{
$this->credentials = $credentials;
$this->sessionSkip = false;
$this->status = new ezcAuthenticationStatus();
$this->options = ( $options === null ) ? new ezcAuthenticationOptions() : $options;
}
/**
* Sets the property $name to $value.
*
* @throws ezcBasePropertyNotFoundException
* if the property $name does not exist
* @throws ezcBaseValueException
* if $value is not correct for the property $name
* @param string $name
* @param mixed $value
* @ignore
*/
public function __set( $name, $value )
{
switch ( $name )
{
case 'session':
if ( $value instanceof ezcAuthenticationSessionFilter )
{
$this->properties[$name] = $value;
}
else
{
throw new ezcBaseValueException( $name, $value, 'ezcAuthenticationSessionFilter' );
}
break;
case 'status':
if ( $value instanceof ezcAuthenticationStatus )
{
$this->properties[$name] = $value;
}
else
{
throw new ezcBaseValueException( $name, $value, 'ezcAuthenticationStatus' );
}
break;
case 'credentials':
if ( $value instanceof ezcAuthenticationCredentials )
{
$this->properties[$name] = $value;
}
else
{
throw new ezcBaseValueException( $name, $value, 'ezcAuthenticationCredentials' );
}
break;
case 'sessionSkip':
$this->properties[$name] = $value;
break;
default:
throw new ezcBasePropertyNotFoundException( $name );
}
}
/**
* Returns the value of the property $name.
*
* @throws ezcBasePropertyNotFoundException
* if the property $name does not exist
* @param string $name
* @return mixed
* @ignore
*/
public function __get( $name )
{
switch ( $name )
{
case 'session':
case 'status':
case 'credentials':
case 'sessionSkip':
return $this->properties[$name];
default:
throw new ezcBasePropertyNotFoundException( $name );
}
}
/**
* Returns true if the property $name is set, otherwise false.
*
* @param string $name
* @return bool
* @ignore
*/
public function __isset( $name )
{
switch ( $name )
{
case 'session':
case 'status':
case 'credentials':
case 'sessionSkip':
return isset( $this->properties[$name] );
default:
return false;
}
}
/**
* Sets the options to $options.
*
* @param ezcAuthenticationOptions $options Options for this class
*/
public function setOptions( ezcAuthenticationOptions $options )
{
$this->options = $options;
}
/**
* Returns the options of this class.
*
* @return ezcAuthenticationFilterOptions
*/
public function getOptions()
{
return $this->options;
}
/**
* Runs through all the filters in the filter list.
*
* @return bool
*/
public function run()
{
$code = ezcAuthenticationFilter::STATUS_OK;
if ( isset( $this->session ) && $this->sessionSkip === false )
{
$code = $this->session->run( $this->credentials );
$this->status->append( get_class( $this->session ), $code );
}
if ( !isset( $this->session ) || $code === ezcAuthenticationSessionFilter::STATUS_EMPTY || $this->sessionSkip === true )
{
foreach ( $this->filters as $filter )
{
$code = $filter[0]->run( $this->credentials );
if ( $filter[0] instanceof ezcAuthenticationGroupFilter )
{
$statuses = $filter[0]->status->get();
foreach ( $statuses as $key => $value )
{
$this->status->append( $key, $value );
}
}
else
{
$this->status->append( get_class( $filter[0] ), $code );
}
if ( ( $filter[1] === true && $code !== ezcAuthenticationFilter::STATUS_OK ) )
{
return false;
}
if ( $filter[1] === true && $code === ezcAuthenticationFilter::STATUS_OK )
{
break;
}
}
}
elseif ( $code === ezcAuthenticationSessionFilter::STATUS_EXPIRED )
{
return false;
}
if ( $code !== ezcAuthenticationFilter::STATUS_OK )
{
return false;
}
if ( isset( $this->session ) )
{
$this->session->save( $this->credentials->__toString() );
}
return true;
}
/**
* Adds an authentication filter at the end of the filter list.
*
* By specifying the second parameter as true, the authentication process
* (triggered by calling the run() method) will stop after processing this
* filter regardless of its success.
*
* @param ezcAuthenticationFilter $filter The authentication filter to add
* @param bool $stop If authentication should continue past this filter
*/
public function addFilter( ezcAuthenticationFilter $filter, $stop = false )
{
$this->filters[] = array( $filter, $stop );
}
/**
* Returns the status of authentication.
*
* The format of the returned array is array( class => code ).
*
* Example:
*
* array(
* 'ezcAuthenticationSessionFilter' => ezcAuthenticationSessionFilter::STATUS_EMPTY,
* 'ezcAuthenticationDatabaseFilter' => ezcAuthenticationDatabaseFilter::STATUS_PASSWORD_INCORRECT
* );
*
*
* @return array(string=>mixed)
*/
public function getStatus()
{
return $this->status->get();
}
}
?>