|
|
Snippets |
|
Here is how I did this... Create a sfGuardAuth module in your application and edit the actions.class.php file as follow.
The trick is to not try to overwrite the sfGuardAuth/signin action, as it use validation. As well it allow you to use the "normal" signin way (form and etc).
require_once(sfConfig::get('sf_plugins_dir').'/sfGuardPlugin/modules/sfGuardAuth/lib/BasesfGuardAuthActions.class.php'); class sfGuardAuthActions extends BasesfGuardAuthActions { public function executeHTTPSignin() { // get somme interesting stuff! $request = $this->getRequest(); $response = $this->getResponse(); $user = $this->getUser(); // An HTTP authenticated user cannot logout (browser always send authentification datas) // So we must be sure that the user has seen the HTTP authentification box before if ( $user->getAttribute('request_authentification') ) { // If authentification datas has been sent if ( isset( $_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW'] ) ) { // If correct username given $guarduser = sfGuardUserPeer::retrieveByUserName( $_SERVER['PHP_AUTH_USER'] ); if ( $guarduser instanceof sfGuardUser ) { // If correct Password given if ( ($guarduser instanceof sfGuardUser) and ($guarduser->checkpassword( $_SERVER['PHP_AUTH_PW'] )) ) { // we can signin the user and redirect it $user->signin( $guarduser ); $user->setAttribute('request_authentification',false); $this->redirect( sfConfig::get('app_sf_guard_plugin_success_signin_url','@homepage') ); throw new sfStopException; } } } } // else, popup the authentification box $user->setAttribute('request_authentification',true); $response->setHttpHeader( 'WWW-Authenticate', 'Basic realm="Identification"' ); $response->setHttpHeader( 'HTTP/1.0', '401 Unauthorized' ); // This will be displayed if the user cancel the authentification process $this->forward( 'sfGuardAuth', 'password' ); throw new sfStopException; } public function executePasswowd() { # Implement this action as usual... } }
Enjoy... (I hope)
A simple way to detect an ajax request.
In your action class.
$this->isAjaxCall = $this->getRequest()->isXmlHttpRequest();
I put the above line in my preExecute where needed, this way the variable is accessible by action and views.
Here is a little hack to use http auth when credentials or auth is insufficient:
public function executeSecure() { if (!$this->getUser()->hasAttribute("secure_referer")) $this->getUser()->setAttribute("secure_referer", $this->getRequest()->getReferer()); if (!isset($_SERVER['PHP_AUTH_USER'])) { header('WWW-Authenticate: Basic realm="Member Area"'); header('HTTP/1.0 401 Unauthorized'); return sfView::NONE; } else { if ($this->getUser()->tryLogin($_SERVER['PHP_AUTH_USER'],$_SERVER['PHP_AUTH_PW'])) { return $this->redirect($this->getUser()->getAttribute("secure_referer")); } else { header('WWW-Authenticate: Basic realm="Member Area"'); header('HTTP/1.0 401 Unauthorized'); return sfView::NONE; } } }
No template is needed, as everytime you access it will redirect to the referer. Then change in app/yourapp/config/settings.yml the secure_module and secure_action to match this module.
You will need a myUser::tryLogin function that returns a boolean saying "auth is ok" or "bad auth"
And then you're done :p
[from my Wiki Post ab out that]
Do you like this code snippets section? It is an implementation of the snipeet application, an open-source project initiated by the symfony team. If you want to browse its source, install it or contribute, head to snipeet.com.
contacts & credits - powered by
