From 55c4ac1bfe565f1ca7f537fdd8b7a201be28e581 Mon Sep 17 00:00:00 2001 From: xue <> Date: Thu, 10 Nov 2005 12:47:19 +0000 Subject: Initial import of prado framework --- framework/Security/TAuthManager.php | 205 ++++++++++++++++++++++++++++++++++++ 1 file changed, 205 insertions(+) create mode 100644 framework/Security/TAuthManager.php (limited to 'framework/Security/TAuthManager.php') diff --git a/framework/Security/TAuthManager.php b/framework/Security/TAuthManager.php new file mode 100644 index 00000000..c12ee245 --- /dev/null +++ b/framework/Security/TAuthManager.php @@ -0,0 +1,205 @@ +_id; + } + + /** + * @param string id of this module + */ + public function setID($value) + { + $this->_id=$value; + } + + /** + * Initializes this module. + * This method is required by the IModule interface. + * @param IApplication Prado application, can be null + * @param TXmlElement configuration for this module, can be null + */ + public function init($application,$config) + { + $this->_application=$application; + $application->attachEventHandler('Authentication',array($this,'doAuthentication')); + $application->attachEventHandler('EndRequest',array($this,'leave')); + $application->attachEventHandler('Authorization',array($this,'doAuthorization')); + $this->_initialized=true; + } + + public function getGuestName() + { + return $this->_guest; + } + + public function setGuestName($value) + { + $this->_guest=$value; + } + + public function getUserManager() + { + if($this->_users instanceof TUserManager) + return $this->_users; + else + { + if(($users=$this->_application->getModule($this->_users))===null) + throw new TConfigurationException('authenticator_usermanager_inexistent',$this->_users); + if(!($users instanceof TUserManager)) + throw new TConfigurationException('authenticator_usermanager_invalid',$this->_users); + $this->_users=$users; + return $users; + } + } + + public function setUserManager($provider) + { + $this->_users=$provider; + } + + public function getLoginPage() + { + return $this->_loginPage; + } + + public function setLoginPage($pagePath) + { + $this->_loginPage=$pagePath; + } + + public function doAuthentication($sender,$param) + { + $this->onAuthenticate($param); + + $service=$this->_application->getService(); + if(($service instanceof TPageService) && $service->isRequestingPage($this->getLoginPage())) + $this->_skipAuthorization=true; + } + + public function doAuthorization($sender,$param) + { + if(!$this->_skipAuthorization) + { + $this->onAuthorize($param); + } + } + + public function leave($sender,$param) + { + if($this->_application->getResponse()->getStatusCode()===401) + { + $service=$this->_application->getService(); + if($service instanceof TPageService) + { + $returnUrl=$this->_application->getRequest()->getRequestUri(); + $url=$service->constructUrl($this->getLoginPage(),array(self::RETURN_URL_VAR=>$returnUrl)); + $this->_application->getResponse()->redirect($url); + } + } + } + + public function onAuthenticate($param) + { + if($this->hasEventHandler('Authenticate')) + $this->raiseEvent('Authenticate',$this,$this->_application); + if($this->_application->getUser()!==null) + return; + + if(($session=$this->_application->getSession())===null) + throw new TConfigurationException('authenticator_session_required'); + $session->open(); + if(($userManager=$this->getUserManager())===null) + throw new TConfigurationException('authenticator_usermanager_required'); + $sessionInfo=$session->getItems()->itemAt($this->generateUserSessionKey()); + $user=$userManager->getUser(null)->loadFromString($sessionInfo); + $this->_application->setUser($user); + } + + public function onAuthorize($param) + { + if($this->hasEventHandler('Authenticate')) + $this->raiseEvent('Authorize',$this,$this->_application); + if($this->_authRules!==null && !$this->_authRules->isUserAllowed($this->_application->getUser(),$this->_application->getRequest()->getRequestType())) + { + $this->_application->getResponse()->setStatusCode(401); + $this->_application->completeRequest(); + } + } + + protected function generateUserSessionKey() + { + return md5($this->_application->getUniqueID().'prado:user'); + } + + public function updateSessionUser($user) + { + if(!$user->getIsGuest()) + { + if(($session=$this->_application->getSession())===null) + throw new TConfigurationException('authenticator_session_required'); + else + $session->getItems()->add($this->generateUserSessionKey(),$user->saveToString()); + } + } + + public function login($username,$password) + { + if(($userManager=$this->getUserManager())===null) + throw new TConfigurationException('authenticator_usermanager_required'); + else + { + if($userManager->validateUser($username,$password)) + { + $user=$userManager->getUser($username); + $this->updateSessionUser($user); + $this->_application->setUser($user); + return true; + } + else + return false; + } + } + + public function logout() + { + if(($userManager=$this->getUserManager())===null) + throw new TConfigurationException('authenticator_usermanager_required'); + else if(($session=$this->_application->getSession())===null) + throw new TConfigurationException('authenticator_session_required'); + else + { + $userManager->logout($this->_application->getUser()); + $session->destroy(); + } + } + /** + * @return TAuthorizationRuleCollection list of authorization rules that may be applied + */ + + public function getAuthorizationRules() + { + if($this->_authRules===null) + $this->_authRules=new TAuthorizationRuleCollection; + return $this->_authRules; + } +} + +?> \ No newline at end of file -- cgit v1.2.3