Zeta Components Manual :: Docs For Class ezcAuthenticationSession
Authentication::ezcAuthenticationSession
Class ezcAuthenticationSession
Support for session authentication and saving of authentication information between requests.
Contains the methods:
- start - starts the session, calling the PHP function session_start()
- load - returns the information stored in the session key ezcAuth_id
- save - saves information in the session key ezcAuth_id and also saves the current timestamp in the session key ezcAuth_timestamp
- destroy - deletes the information stored in the session keys ezcAuth_id and ezcAuth_timestamp
- regenerateId - regenerates the PHPSESSID value
- // no headers should be sent before calling $session->start()
- // retrieve the POST request information
- $password = isset( $_POST['password'] ) ? $_POST['password'] : null;
- $authentication->session = $session;
- // add other filters if needed
- {
- // authentication did not succeed, so inform the user
- $status = $authentication->getStatus();
- $err = array(
- 'ezcAuthenticationHtpasswdFilter' => array(
- ),
- 'ezcAuthenticationSession' => array(
- )
- );
- foreach ( $status as $line )
- {
- echo $err[$key][$value] . "\n";
- }
- }
- else
- {
- // authentication succeeded, so allow the user to see his content
- }
See ezcAuthenticationSessionOptions for options you can set to session objects.
Source for this file: /Authentication/src/session/authentication_session.php
Version: | //autogen// |
Constants
STATUS_EMPTY
= 1
|
The session is empty; normal behaviour is to continue with the other filters. |
STATUS_EXPIRED
= 2
|
The session expired; normal behaviour is to regenerate the session ID. |
STATUS_OK
= 0
|
Successful authentication; normal behaviour is to skip the other filters. This should be the same value as ezcAuthenticationFilter::STATUS_OK. |
Member Variables
protected ezcAuthenticationFilterOptions |
$options
Options for authentication filters. |
Method Summary
public ezcAuthenticationSession |
__construct(
[ $options
= null] )
Creates a new object of this class. |
public void |
destroy(
)
Removes the variables used by this class from the session variables. |
public ezcAuthenticationSessionOptions |
getOptions(
)
Returns the options of this class. |
public bool |
isValid(
$credentials
)
Runs through the session and returns true if the session is correct. |
public string |
load(
)
Loads the authenticated username from the session or null if it doesn't exist. |
public void |
regenerateId(
)
Regenerates the session ID. |
public int |
run(
$credentials
)
Runs through the session and returns a status code when finished. |
public void |
save(
$data
)
Saves the authenticated username and the current timestamp in the session variables. |
public void |
setOptions(
$options
)
Sets the options of this class to $options. |
public void |
start(
)
Starts the session. |
Methods
__construct
Creates a new object of this class.
Parameters:
Name | Type | Description |
---|---|---|
$options |
ezcAuthenticationSessionOptions | Options for this class |
destroy
Removes the variables used by this class from the session variables.
getOptions
Returns the options of this class.
isValid
Runs through the session and returns true if the session is correct.
When using the session, it is often desirable to take advantage of the fact that the authenticated state of the user is kept in the session and not create and initialize the other filters (which might slow things down on every request).
The application can be structured like this:
- $authenticated = false;
- {
- // create the authentication object
- $authentication->session = $session;
- // create filters and add them to the authentication object
- // run the authentication object
- {
- $status = $authentication->getStatus();
- // build an error message based on $status
- }
- else
- {
- $authenticated = true;
- }
- }
- else
- {
- $authenticated = true;
- }
- if ( $authenticated )
- {
- // the authentication succeeded and the user can see his content
- }
- else
- {
- // inform the user that the authentication failed (with the error
- // message that was created earlier)
- }
In this way, the creation and initialization of the authentication filters is not performed if the credentials are stored in the session.
Parameters:
Name | Type | Description |
---|---|---|
$credentials |
ezcAuthenticationCredentials | Authentication credentials |
load
Loads the authenticated username from the session or null if it doesn't exist.
regenerateId
Regenerates the session ID.
run
Runs through the session and returns a status code when finished.
Parameters:
Name | Type | Description |
---|---|---|
$credentials |
ezcAuthenticationCredentials | Authentication credentials |
save
Saves the authenticated username and the current timestamp in the session variables.
Parameters:
Name | Type | Description |
---|---|---|
$data |
string | Information to save in the session, usually username |
setOptions
Sets the options of this class to $options.
Parameters:
Name | Type | Description |
---|---|---|
$options |
ezcAuthenticationSessionOptions | Options for this class |
start
Starts the session.
This function must be called before sending any headers to the client.