ZF2: combine authentication with remember me function

classic Classic list List threaded Threaded
8 messages Options
Reply | Threaded
Open this post in threaded view
|

ZF2: combine authentication with remember me function

Ralf Eggert
Hi,

I have a login form which also has a simple checkbox for the user to
determine if he wants a short living or long living cookie for the login.

For Authentication I use the Zend\Authentication\AuthenticationService
within my user service which is kept in $this->authentication. Now here
is my solution so far. The $user array holds the data from the login form.

-----------------------------------------------------------------------
use Zend\Authentication\AuthenticationService;
use Zend\Authentication\Storage\Session;
use Zend\Session\Container;

[...]

// get authentication
$authentication = $this->authentication;
$authentication->getAdapter()->setIdentity($user['email']);
$authentication->getAdapter()->setCredential($user['password']);

// check expire
if ($user['expire'] == 'yes') {
    $authNamespace = new Container(Session::NAMESPACE_DEFAULT);
    $authNamespace->getManager()->rememberMe(2000);
} else {
    $authNamespace = new Container(Session::NAMESPACE_DEFAULT);
    $authNamespace->getManager()->rememberMe(10);
}

// authenticate
$result = $authentication->authenticate();
-----------------------------------------------------------------------

This looks a little awkward and I wonder if there is a more elegant
solution without creating new Zend\Session\Container objects. With
$authentication->getStorage() I can get the storage but the session
container in the storage is not accessible.

One idea could be to create my own Storage class which allows the access
of the session container. But I don't know if that would be a good solution.

Please advise!

Thanks and best regards,

Ralf

--
List: [hidden email]
Info: http://framework.zend.com/archives
Unsubscribe: [hidden email]


Reply | Threaded
Open this post in threaded view
|

Re: ZF2: combine authentication with remember me function

patrioticcow
hi, have you ever figure this out?

i am trying to build a simple authentication from scratch, just so i can learn more,
but i can't yet figure it out.

Do you mind sharing some code in this regard?
luk
Reply | Threaded
Open this post in threaded view
|

Re: ZF2: combine authentication with remember me function

luk
patrioticcow wrote
hi, have you ever figure this out?

i am trying to build a simple authentication from scratch, just so i can learn more,
but i can't yet figure it out.

Do you mind sharing some code in this regard?
Try this plug and play module for user authentication, courtesy of ZF Commons (https://github.com/ZF-Commons)
https://github.com/ZF-Commons/ZfcUser
Cheers, -- Luke Mierzwa
Reply | Threaded
Open this post in threaded view
|

Re: ZF2: combine authentication with remember me function

patrioticcow
This post has NOT been accepted by the mailing list yet.
thanks for reply.

i am familiar with ZfcUser, well, it works.

but is a bit difficult for me to understand how it works.

im thinking i should do an authentication + acl from scratch by myself,

then use that module.

or maybe i should ask the creator of that module to do a more in depth tutorial on it

thanks again
luk
Reply | Threaded
Open this post in threaded view
|

Re: ZF2: combine authentication with remember me function

luk
patrioticcow wrote
thanks for reply.

i am familiar with ZfcUser, well, it works.

but is a bit difficult for me to understand how it works.

im thinking i should do an authentication + acl from scratch by myself,

then use that module.

or maybe i should ask the creator of that module to do a more in depth tutorial on it

thanks again
I think that you can use simply zfcBase + zfcUser + zfcAcl rather than writing them from scratch. "Remember me" function you should be able to add by writing your own module which will extend zfcUser.
Cheers, -- Luke Mierzwa
Reply | Threaded
Open this post in threaded view
|

Re: ZF2: combine authentication with remember me function

samsonasik
This post has NOT been accepted by the mailing list yet.
In reply to this post by Ralf Eggert
Just my solution, create a class that extends Zend\Authentication\Storage like the following :
   
    use Zend\Authentication\Storage;

   class MyAuthStorage extends Storage\Session
  {
      public function setRememberMe($rememberMe = 0, $time = 1209600)
      {
          if ($rememberMe == 1){
             $this->session->getManager()->rememberMe($time);
         }
      }
  }

btw, i just post a blog post about this in this : http://samsonasik.wordpress.com/2012/10/23/zend-framework-2-create-login-authentication-using-authenticationservice-with-rememberme/

I hope it will helpfull, comments are welcome ;)
Reply | Threaded
Open this post in threaded view
|

Re: ZF2: combine authentication with remember me function

neno
This post has NOT been accepted by the mailing list yet.
In reply to this post by Ralf Eggert
Try it:

In module config

'service_manager' => array(
        'invokables' => array(
             'auth_service' => 'Zend\Authentication\AuthenticationService',
        ),
        'aliases' => array(
             'Zend\Authentication\AuthenticationService' => 'auth_service',
        ),
),

In login controller

first

... login form ...
... AuthAdapter ... bla bla

after

$auth = $this->getServiceLocator()->get('auth_service');

$sessionManager = new SessionManager();
                               
if ($validatedData['rememberme'] /* from checkbox field */) {
      $sessionManager->rememberMe();
      $auth->setStorage(new SessionStorage(null /* null = 'Zend_Auth' */, null /* null = 'storage' */, $sessionManager));
}
                               
$result = $auth->authenticate($authAdapter);
                       
if ($result->isValid()) {
      $sessionManager->regenerateId();

      /* ok redirect */
} else {
     /* error message */
}

Reply | Threaded
Open this post in threaded view
|

Re: ZF2: combine authentication with remember me function

neno
This post has NOT been accepted by the mailing list yet.
In reply to this post by Ralf Eggert
without line below the script also works!

$auth->setStorage(new SessionStorage(null, null, $sessionManager));