diff options
Diffstat (limited to 'demos/time-tracker')
5 files changed, 94 insertions, 7 deletions
diff --git a/demos/time-tracker/protected/App_Code/TrackerAuthManager.php b/demos/time-tracker/protected/App_Code/TrackerAuthManager.php new file mode 100644 index 00000000..4ee01a37 --- /dev/null +++ b/demos/time-tracker/protected/App_Code/TrackerAuthManager.php @@ -0,0 +1,85 @@ +<?php
+/**
+ * Custom Authentication manager permits authentication using
+ * a string token saved in the cookie.
+ *
+ * @author Wei Zhuo <weizhuo[at]gmail[dot]com>
+ * @version $Revision: $ $16/07/2006: $
+ * @package Demos
+ * @since 3.1
+ */
+class TrackerAuthManager extends TAuthManager
+{
+ /**
+ * @const string signon token cookie name.
+ */
+ const SignonCookieName = 'time-tracker-signon';
+
+ /**
+ * Performs the real authentication work. Overrides and calls parent
+ * implementation. Trys to authenticate using token saved in cookie.
+ * @param mixed parameter to be passed to OnAuthenticate event
+ */
+ public function onAuthenticate($param)
+ {
+ parent::onAuthenticate($param);
+ $currentUser = $this->Application->User;
+ if(!$currentUser || $currentUser->IsGuest)
+ $this->authenticateFromCookie($param);
+ }
+
+ /**
+ * If the user is not set or is still a guest, try to authenticate the user
+ * using a string token saved in the cookie if any.
+ * @param mixed parameter to be passed to OnAuthenticate event
+ */
+ protected function authenticateFromCookie($param)
+ {
+ $cookie = $this->Request->Cookies[self::SignonCookieName];
+ if(!is_null($cookie))
+ {
+ $daos = $this->getApplication()->getModule('daos');
+ $userDao = $daos->getDao('UserDao');
+ $user = $userDao->validateSignon($cookie->Value);
+ if($user instanceof TimeTrackerUser)
+ $this->updateCredential($user);
+ }
+ }
+
+ /**
+ * Changes the user credentials.
+ * @param TUser new user details.
+ */
+ public function updateCredential($user)
+ {
+ $user->IsGuest = false;
+ $this->updateSessionUser($user);
+ $this->Application->User = $user;
+ }
+
+ /**
+ * Generate a token to be saved in the cookie for later authentication.
+ * @param TimeTrackerUser user details.
+ */
+ public function rememberSignon($user)
+ {
+ $daos = $this->getApplication()->getModule('daos');
+ $userDao = $daos->getDao('UserDao');
+ $token = $userDao->createSignonToken($user);
+ $cookie = new THttpCookie(self::SignonCookieName, $token);
+ $cookie->Expire = strtotime('+1 month');
+ $this->Response->Cookies[] = $cookie;
+ }
+
+ /**
+ * Logs out the user and delete the token from cookie.
+ */
+ public function logout()
+ {
+ parent::logout();
+ $cookie = new THttpCookie(self::SignonCookieName,'');
+ $this->Response->Cookies[] = $cookie;
+ }
+}
+
+?>
\ No newline at end of file diff --git a/demos/time-tracker/protected/App_Data/users.xml b/demos/time-tracker/protected/App_Data/users.xml index 78de588a..f4151c30 100644 --- a/demos/time-tracker/protected/App_Data/users.xml +++ b/demos/time-tracker/protected/App_Data/users.xml @@ -82,12 +82,14 @@ (#token#, #username#, NOW())
</insert>
-<select id="ValidateAutoSignon" resultClass="TimeTrackerUser">
+<select id="ValidateAutoSignon" resultMap="time-tracker-user">
SELECT
users.Username as Name,
- users.EmailAddress as EmailAddress
+ users.EmailAddress as EmailAddress,
+ user_roles.RoleType as role
FROM
- users, signon
+ users LEFT JOIN user_roles ON users.Username = user_roles.UserID,
+ signon
WHERE
users.Username = signon.Username
AND signon.SessionToken = #value#
diff --git a/demos/time-tracker/protected/pages/TimeTracker/Login.php b/demos/time-tracker/protected/pages/TimeTracker/Login.php index 376953a5..aa12e716 100644 --- a/demos/time-tracker/protected/pages/TimeTracker/Login.php +++ b/demos/time-tracker/protected/pages/TimeTracker/Login.php @@ -45,6 +45,8 @@ class Login extends TPage if($this->Page->IsValid)
{
$auth = $this->Application->getModule('auth');
+ if($this->remember->Checked)
+ $auth->rememberSignon($this->User);
$this->Response->redirect($auth->getReturnUrl());
}
}
diff --git a/demos/time-tracker/protected/pages/TimeTracker/UserCreate.php b/demos/time-tracker/protected/pages/TimeTracker/UserCreate.php index b337bfca..49e64458 100644 --- a/demos/time-tracker/protected/pages/TimeTracker/UserCreate.php +++ b/demos/time-tracker/protected/pages/TimeTracker/UserCreate.php @@ -61,9 +61,7 @@ class UserCreate extends TPage $userDao->addNewUser($newUser, $this->password->Text);
//update the user
- $auth = $this->Application->getModule('auth');
- $auth->updateSessionUser($newUser);
- $this->Application->User = $newUser;
+ $this->User->Manager->updateCredential($newUser);
//return to requested page
$this->Response->redirect($auth->getReturnUrl());
diff --git a/demos/time-tracker/protected/pages/TimeTracker/config.xml b/demos/time-tracker/protected/pages/TimeTracker/config.xml index dac6465d..16391c00 100644 --- a/demos/time-tracker/protected/pages/TimeTracker/config.xml +++ b/demos/time-tracker/protected/pages/TimeTracker/config.xml @@ -6,7 +6,7 @@ <!-- user manager module -->
<module id="users" class="Application.App_Code.UserManager" />
<!-- auth manager module -->
- <module id="auth" class="System.Security.TAuthManager"
+ <module id="auth" class="Application.App_Code.TrackerAuthManager"
UserManager="users" LoginPage="TimeTracker.Login" />
</modules>
|