ansaurus

Question

Can (and should?) Zend_Auth return class as the Identity?

Answer 1

A:

In one of my applications, I have getIdentity() return a user object, and it works pretty well for me. To use your factory method, do like this:

$auth = Zend_Auth::getInstance();
$user = R00_Model_User::getInstance(...);
$auth->getStorage()->write($user);

Then when you call getIdentity(), you will have your user object.

Eugene M 2009-10-19 20:23:33

Hm. You don't use ZF's authorisation code and do it by yourself, do you? I'll think about it, but It doesn't seem a ZF-way :)

valya 2009-10-19 20:29:09

I'm not sure what you mean? I am using Zend_Auth but just having it store an object instead of a string.

Eugene M 2009-10-19 21:40:46

by default Z_Auth stores the username. If you only want to save the password to session too (DONT DO IT ITS UNSECURE) you have to use this. It's the only way to do it. See the manual ;)Even more. You can get the user object and pass it to te authentication object if you extend it ;)

Tomáš Fejfar 2009-10-19 21:53:55

Answer 2

+1 A:

Two options:

write your own authentication adapter subclassing the out-of-the-box-adapter that matches your scenario best

class R00_Auth_Adapter extends Zend_Auth_Adapter_*
{
    /**
     * authenticate() - defined by Zend_Auth_Adapter_Interface.  This method is called to
     * attempt an authentication.  Previous to this call, this adapter would have already
     * been configured with all necessary information to successfully connect to a database
     * table and attempt to find a record matching the provided identity.
     *
     * @throws Zend_Auth_Adapter_Exception if answering the authentication query is impossible
     * @return Zend_Auth_Result
     */
    public function authenticate()
    {
        $result = parent::authenticate();
        if ($result->isValid() {
            return new Zend_Auth_Result(
                $result->getCode(),
                R00_Model_User::load($result->getIdentity()),
                $result->getMessages()
            );
        } else {
            return $result;
        }
    }
}

This will allow you to code

$adapter = new R00_Auth_Adapter();
//... adapter initialisation (username, password, etc.)
$result = Zend_Auth::getInstance()->authenticate($adapter);

and on successfull authentication your user-object is automatically stored in the authentication storage (session by default).

or use your login-action to update the stored user identity

$adapter = new Zend_Auth_Adapter_*();
$result = $adapter->authenticate();
if ($result->isValid()) {
    $user = R00_Model_User::load($result->getIdentity());
    Zend_Auth::getInstance()->getStorage()->write($user);
}

Stefan Gehrig 2009-10-20 08:34:18

ansaurus

tags:

views:

answers:

Can (and should?) Zend_Auth return class as the Identity?

related questions