From cb62a8b25b67f4c23148efe5d9e93278651d1901 Mon Sep 17 00:00:00 2001 From: xue <> Date: Wed, 26 Sep 2007 13:15:56 +0000 Subject: added support to remember login. --- .../quickstart/protected/pages/Advanced/Auth.page | 42 ++++++++++++++++++++++ .../pages/GettingStarted/NewFeatures.page | 1 + 2 files changed, 43 insertions(+) (limited to 'demos/quickstart/protected/pages') diff --git a/demos/quickstart/protected/pages/Advanced/Auth.page b/demos/quickstart/protected/pages/Advanced/Auth.page index 531b8bdf..e0cbcaef 100644 --- a/demos/quickstart/protected/pages/Advanced/Auth.page +++ b/demos/quickstart/protected/pages/Advanced/Auth.page @@ -124,5 +124,47 @@ In the above, UserClass specifies what class will be used to create use

The user class has to implement the two abstract methods in TDbUser: validateUser() and createUser(). Since user account information is stored in a database, the user class may make use of its DbConnection property to reach the database.

+ +

+Since 3.1.1, TAuthManager provides support to allow remembering login. Accordingly, TDbUser adds two methods to facilitate the implementation of this feature. In particular, two new methods are introduced: createUserFromCookie() and saveUserToCookie(). Developers should implement these two methods if remembering login is needed. Below is a sample implementation: +

+ +public function createUserFromCookie($cookie) +{ + if(($data=$cookie->Value)!=='') + { + $application=Prado::getApplication(); + if(($data=$application->SecurityManager->validateData($data))!==false) + { + $data=unserialize($data); + if(is_array($data) && count($data)===3) + { + list($username,$address,$token)=$data; + $sql='SELECT passcode FROM user WHERE LOWER(username)=:username'; + $command=$this->DbConnection->createCommand($sql); + $command->bindValue(':username',strtolower($username)); + if($token===$command->queryScalar() && $token!==false && $address=$application->Request->UserHostAddress) + return $this->createUser($username); + } + } + } + return null; +} + +public function saveUserToCookie($cookie) +{ + $application=Prado::getApplication(); + $username=strtolower($this->Name); + $address=$application->Request->UserHostAddress; + $sql='SELECT passcode FROM user WHERE LOWER(username)=:username'; + $command=$this->DbConnection->createCommand($sql); + $command->bindValue(':username',strtolower($username)); + $token=$command->queryScalar(); + $data=array($username,$address,$token); + $data=serialize($data); + $data=$application->SecurityManager->hashData($data); + $cookie->setValue($data); +} +
$Id$
\ No newline at end of file diff --git a/demos/quickstart/protected/pages/GettingStarted/NewFeatures.page b/demos/quickstart/protected/pages/GettingStarted/NewFeatures.page index adc19fc7..faf3b9b1 100644 --- a/demos/quickstart/protected/pages/GettingStarted/NewFeatures.page +++ b/demos/quickstart/protected/pages/GettingStarted/NewFeatures.page @@ -17,6 +17,7 @@ This page summarizes the main new features that are introduced in each PRADO rel
  • Added support to TDataGrid to allow grouping consecutive cells with the same content.
  • Added support to allow configuring page properties and authorization rules using relative page paths in application and page configurations. Added support to allow authorization based on remote host address.
  • Added a new page state persister TCachePageStatePersister. It allows page state to be stored using a cache module (e.g. TMemCache, TDbCache, etc.) +
  • Added support to the auth framework to allow remembering login.
  • Version 3.1.0

    -- cgit v1.2.3