ZF authentication using Doctrine
Edit: There’s a follow up article http://blog.elinkmedia.net.au/2010/01/26/auth-service/
As one of my everyday morning tasks, I just checked the rss feeds from my news reader. Interesting enough, one of my favourite blog authors, Jon Lebensold from ZendCasts, just published a new post on “Writing a Zend_Auth_Adapter with Doctrine“.
The issue that we are trying to solve is to handle user login authentication from an application, which uses Zend Framework and Doctrine ORM. Jon took the approach of writing a custom zend auth adaptor to accomplish the task. I watched the video from ZendCasts, and clearly this is another quality video and it will just work for you.
However here, I want to show you an alternative approach to solve the same problem. I basically used an already written authentication doctrine adapter from the ZendX incubator. The class file can be found here.
To autoload the ZendX_Doctrine_Auth_Adapter class file, obviously you need to include the file in the correct directory inside the “library” directory. So that is “library/ZendX/Doctrine/Auth/Adapter.php”.
Now let’s look at some code. Please note that I am only showing topic-related code here, all other security checking, error checking code have been taken out.
class LoginController extends Zend_Controller_Action
{
public function loginAction()
{
// collect the data from the user
$loginUsername = $this->getRequest()->getParam('username', '');
$loginPassword = $this->getRequest()->getParam('password', '');
$myAuth = Zend_Auth::getInstance();
// do the authentication
$authAdapter = $this->_getAuthAdapter($loginUsername, $loginPassword);
$result = $myAuth->authenticate($authAdapter);
if (!$result->isValid()) {
// take care of invalid login
} else {
// empty password
$identity = $authAdapter->getResultRowObject(null, 'password');
$myAuth->getStorage()->write($identity);
// all good, do you redirect or whatever
}
}
protected function _getAuthAdapter($username, $password)
{
$authAdapter = new ZendX_Doctrine_Auth_Adapter(Doctrine::getConnectionByTableName('Model_User'));
$encryptedPassword = Model_Utility::encryptPassword($password);
$authAdapter->setTableName('Model_User u')
->setIdentityColumn('u.username')
->setCredentialColumn('u.password')
->setIdentity($username)
->setCredential($encryptedPassword);
return $authAdapter;
}
Ok. Most of the code should be pretty self explanatory. The authentication is done with the following assumptions.
- Your login users are stored in a table called “user”, with at least 2 columns, “username” and “password”.
- You have your Doctrine “Model_User” class setup.
- If you store encrypted or hashed passwords in your database (I do), the encryption logic is handled by a static method call from a utility class, “Model_Utility”.
This is it. In our case, we do not need to create an authentication method in “Model_User” as Jon showed us in his video tutorial. The authentication magic is all done by the “ZendX_Doctrine_Auth_Adapter” class.
Hope you find this useful and let me know if you have issues or suggestions.
Reference
Related posts:
- Authentication service
- ZF, Doctrine and Unit Tests
- Zend Framework 1 and Doctrine 2 integration
- Zend Framework 1 and Doctrine 2 integration – modular setup
- Doctrine tricks
As one of my everyday morning tasks, I just checked the rss feeds from my news reader. Interesting enough, one of my favourite blog authors, Jon Lebensold from ZendCasts, just published a new post on “Writing a Zend_Auth_Adapter with Doctrine“….
The error is not clear and checking all I discovered that Zend_Auth not maintain data across the pages, when you redirect to another page you can’t check if the user is logon, Zend_Auth loose their data. I couldn’t solve this so I use your approach and it works. I like more this approach because it ’s very similar what I have been using with Zend_Auth_Adapter_DbTable. Do you have the same error using Jon’s approach ? Do you know how to storage Zend_Auth data using Jon’s approach ? Thank you.