php – Zend_Auth:允许用户登录到多个表/身份
|
我在网络门户中使用Zend_Auth进行身份验证.
具有登录名和密码列的普通mySQL“用户”表被查询,用户登录. 但是,我有两个额外的用户组,我想要验证.所有这三个用户组都在其他表中具有登录数据.他们的数据来自外部来源,因此不需要将这些登录帐户统一为一个. 因此,用户可以是来自三个组中的任何一个的认证用户,甚至是三个组中的所有用户. 三个登录组中的每一个都有自己的登录表单和注销按钮. 目前,我有一个简单直观的Zend_Auth登录,从一些教程中抽取出来,稍作修改,大致如下: function login($user,$password)
{
$auth = Zend_Auth::getInstance();
$storage = new Zend_Auth_Storage_Session();
$auth->setStorage($storage);
$adapter = new Zend_Auth_Adapter_DbTable(....);
$adapter->setIdentity($username)->setCredential($password);
$result = $auth->authenticate($adapter);
if ($result->isValid())
......... success!
else
.... fail!
我将在哪里开始提供这个服务,并针对这三个组分别处理单独的“登录”状态?我的想法是,我想分享会话,并分别管理身份验证. 这可能吗?也许有一个简单的前缀,使这很容易?问题上是否存在任何教程或资源? 我是Zend框架的相对新手.
您应该创建自己的Zend_Auth_Adapter.此适配器将尝试针对您的三个资源进行身份验证,并将其标记在专用成员变量中,以便您可以知道哪些登录尝试被强制验证.
要创建您的认证适配器,您可以作为Zend_Auth_Adapter_DbTable的基础. 因此,在__construct中,而不是仅传递一个DbTable适配器,您可以传递每个资源中使用的三个适配器.只有当每个人使用不同的资源(例如LDAP)或甚至另一个数据库时,您才能以这种方式执行,否则,您只能传递一个适配器,并在配置选项中设置三个不同的表名. 以下是Zend_Auth_Adapter_DbTable的示例: /**
* __construct() - Sets configuration options
*
* @param Zend_Db_Adapter_Abstract $zendDb
* @param string $tableName
* @param string $identityColumn
* @param string $credentialColumn
* @param string $credentialTreatment
* @return void
*/
public function __construct(Zend_Db_Adapter_Abstract $zendDb,$tableName = null,$identityColumn = null,$credentialColumn = null,$credentialTreatment = null)
{
$this->_zendDb = $zendDb;
// Here you can set three table names instead of one
if (null !== $tableName) {
$this->setTableName($tableName);
}
if (null !== $identityColumn) {
$this->setIdentityColumn($identityColumn);
}
if (null !== $credentialColumn) {
$this->setCredentialColumn($credentialColumn);
}
if (null !== $credentialTreatment) {
$this->setCredentialTreatment($credentialTreatment);
}
}
从Zend_Auth_Adapter_DbTable的方法,尝试对一个表进行身份验证,您可以将其更改为在三个表中尝试,而对于每个表,您可以将其设置为私有成员变量中的标志.像$result [‘group1’] = 1;您将为每次成功登录尝试设置1. /**
* authenticate() - defined by Zend_Auth_Adapter_Interface. This method is called to
* attempt an authentication. Previous to this call,this adapter would have already
* been configured with all necessary information to successfully connect to a database
* table and attempt to find a record matching the provided identity.
*
* @throws Zend_Auth_Adapter_Exception if answering the authentication query is impossible
* @return Zend_Auth_Result
*/
public function authenticate()
{
$this->_authenticateSetup();
$dbSelect = $this->_authenticateCreateSelect();
$resultIdentities = $this->_authenticateQuerySelect($dbSelect);
if ( ($authResult = $this->_authenticateValidateResultset($resultIdentities)) instanceof Zend_Auth_Result) {
return $authResult;
}
$authResult = $this->_authenticateValidateResult(array_shift($resultIdentities));
return $authResult;
}
只有三次登录尝试之一被成功验证,您才会返回一个有效的$authresult. 现在,在您的控制器中,尝试登录后: public function loginAction()
{
$form = new Admin_Form_Login();
if($this->getRequest()->isPost())
{
$formData = $this->_request->getPost();
if($form->isValid($formData))
{
$authAdapter = $this->getAuthAdapter();
$authAdapter->setIdentity($form->getValue('user'))
->setCredential($form->getValue('password'));
$result = $authAdapter->authenticate();
if($result->isValid())
{
$identity = $authAdapter->getResult();
Zend_Auth::getInstance()->getStorage()->write($identity);
// redirect here
}
}
}
$this->view->form = $form;
}
private function getAuthAdapter()
{
$authAdapter = new MyAuthAdapter(Zend_Db_Table::getDefaultAdapter());
// Here the three tables
$authAdapter->setTableName(array('users','users2','users3'))
->setIdentityColumn('user')
->setCredentialColumn('password')
->setCredentialTreatment('MD5(?)');
return $authAdapter;
}
这里的关键是下面的行,这将在您的自定义验证适配器中实现: $identity = $authAdapter->getResult(); 您可以将此表单作为基础Zend_Auth_Adapter_DbTable: /**
* getResultRowObject() - Returns the result row as a stdClass object
*
* @param string|array $returnColumns
* @param string|array $omitColumns
* @return stdClass|boolean
*/
public function getResultRowObject($returnColumns = null,$omitColumns = null)
{
// ...
}
当成功进行身份验证时,这将返回登录尝试中匹配的行. public function authenticate()
{
// Perform the query for table 1 here and if ok:
$this->result = $row->toArrray(); // Here you can get the table result of just one table or even merge all in one array if necessary
$this->result['group1'] = 1;
// and so on...
$this->result['group2'] = 1;
// ...
$this->result['group3'] = 1;
// Else you will set all to 0 and return a fail result
}
public function getResult()
{
return $this->result;
}
毕竟,您可以使用Zend_Acl控制您的视图和其他操作.由于您将拥有Zend Auth Storage中的标志,因此您可以使用作为角色: $this->addRole(new Zend_Acl_Role($row['group1'])); 这里有一些资源: http://framework.zend.com/manual/en/zend.auth.introduction.html http://zendguru.wordpress.com/2008/11/06/zend-framework-auth-with-examples/ http://alex-tech-adventures.com/development/zend-framework/61-zendauth-and-zendform.html http://alex-tech-adventures.com/development/zend-framework/62-allocation-resources-and-permissions-with-zendacl.html http://alex-tech-adventures.com/development/zend-framework/68-zendregistry-and-authentication-improvement.html (编辑:李大同) 【声明】本站内容均来自网络,其相关言论仅代表作者个人观点,不代表本站立场。若无意侵犯到您的权利,请及时与联系站长删除相关内容! |