Zend Framework Community › Zend Framework

Zend_Auth: Manually setting one identity

Classic

List

Threaded

3 messages Options

robert mena

Zend_Auth: Manually setting one identity

Hi,

I am using Zend_Auth to authenticate my users in an application. I was requested to provide a 'god' mode where the admin will enter the username and a special password and login as that user.

No matter how I dislike the idea I have to implement it. So In my view if the password is the special one I'd have to 'inject' the credentials to the zend_auth so in further requests (in the controllers that require the login user) everything will continue without a problem.

Question:

- How can I do it?

Regards.

Hector Virgen

Re: Zend_Auth: Manually setting one identity

So you're saying an admin goes to the login page, enters a user's username (ex. "johndoe") and the "god mode" password (ex. "g0dm0d3"), your application should log him in as that user?

In that case, I would check the password field first -- if it matches the god mode password, you can inject the identity into Zend_Auth's storage:

$auth = Zend_Auth::getInstance();

$storage = $auth->getStorage();

$storage->write($user);

I'm not sure how you are currently storing the user info in Zend_Auth during a normal login, but it shouldn't be difficult to recreate that data. In my experience I've found it's best to store just the unique user ID. This makes it really easy to do what you want:

$storage->write(123); // example

Zend_Auth doesn't care what you store in there, as long as your application knows how to handle that value when it's pulled out with Zend_Auth#getIdentity().

Hector

On Wed, Jun 23, 2010 at 10:21 AM, robert mena <[hidden email]> wrote:

Hi,

I am using Zend_Auth to authenticate my users in an application. I was requested to provide a 'god' mode where the admin will enter the username and a special password and login as that user.

No matter how I dislike the idea I have to implement it. So In my view if the password is the special one I'd have to 'inject' the credentials to the zend_auth so in further requests (in the controllers that require the login user) everything will continue without a problem.

Question:
- How can I do it?

Regards.

--
Hector Virgen

Andrew Ballard

Re: Zend_Auth: Manually setting one identity

In reply to this post by robert mena

On Wed, Jun 23, 2010 at 1:21 PM, robert mena <[hidden email]> wrote:

> Hi,
> I am using Zend_Auth to authenticate my users in an application. I was
> requested to provide a 'god' mode where the admin will enter the username
> and a special password and login as that user.
> No matter how I dislike the idea I have to implement it. So In my view if
> the password is the special one I'd have to 'inject' the credentials to the
> zend_auth so in further requests (in the controllers that require the login
> user) everything will continue without a problem.
> Question:
> - How can I do it?
> Regards.

It is pretty easy to extend whichever regular authentication adapter
you are using for regular log-ins. Just override the authenticate()
method with something similar to this:

<?php
// Assuming you are using the DbTable adapter.
class My_New_Auth_Adapter extends Zend_Auth_Adapter_DbTable
{

public function authenticate()
{

if ('supreme_username' === $this->_identity) {
if ('supreme_password' === $this->_credential) {
return new Zend_Auth_Result(
Zend_Auth_Result::SUCCESS,
'supreme_user',
array('authentication successful'));
} else {
return new Zend_Auth_Result(
Zend_Auth_Result::FAILURE_CREDENTIAL_INVALID,
'supreme_user',
array('invalid credentials'));
}
} else {
return parent::authenticate();
}
}

}
?>

Andrew