stackoom
  简体   繁体   中英

authentication+acl in zend framework 2

 原文  2013-03-22 20:03:38       php/ zend-framework2/ bootstrapping

Question

Hello I managed to implement acl and authentication in ZF2, but now I have two main problems. I am cannot redirect the user after he is/is not logged in (in bootstrap file) and my another mission is to do query to mysql because I have to check user permissions, after he is logged in. This code bellow is all Module.php. Can you help me? To now I did login form an it works good.(it works without acl for now)

namespace Application;

use Zend\Mvc\ModuleRouteListener;
use Zend\Mvc\MvcEvent;

use Zend\ModuleManager\Feature\AutoloaderProviderInterface;
use Zend\Authentication\Storage;
use Zend\Authentication\AuthenticationService;
use Zend\Authentication\Adapter\DbTable as DbTableAuthAdapter;
class Module
{
    protected $loginTable;
public function onBootstrap(MvcEvent $e)
{
    $e->getApplication()->getServiceManager()->get('translator');
    $eventManager        = $e->getApplication()->getEventManager();
    $moduleRouteListener = new ModuleRouteListener();
    $moduleRouteListener->attach($eventManager);

    $this -> initAcl($e);
    $e -> getApplication() -> getEventManager() -> attach('route', array($this, 'checkAcl'));


        $app = $e->getApplication();
        $locator = $app->getServiceManager();
        $authAdapter = $locator->get('AuthService');

        if($authAdapter->hasIdentity() === true){
        //is logged in
        }else{
                //user is not logged in...redirect to home
        }


}

public function getConfig()
{
    return include __DIR__ . '/config/module.config.php';
}

public function getAutoloaderConfig()
{
    return array(
        'Zend\Loader\StandardAutoloader' => array(
            'namespaces' => array(
                __NAMESPACE__ => __DIR__ . '/src/' . __NAMESPACE__,
            ),
        ),
    );
}


 public function getServiceConfig() {

    return array(
        'factories' => array(
            'AuthService' => function($sm) {

                $dbAdapter = $sm->get('Zend\Db\Adapter\Adapter');
                $dbTableAuthAdapter = new DbTableAuthAdapter($dbAdapter, 'user', 'username', 'password', 'MD5(?)');

                $authService = new AuthenticationService();
                $authService->setAdapter($dbTableAuthAdapter);


                return $authService;
            },
        ),
    );
}


public function initAcl(MvcEvent $e) {

    $acl = new \Zend\Permissions\Acl\Acl();
    $roles = include __DIR__ . '/config/module.acl.roles.php';
    $allResources = array();
    foreach ($roles as $role => $resources) {

        $role = new \Zend\Permissions\Acl\Role\GenericRole($role);
        $acl -> addRole($role);

        $allResources = array_merge($resources, $allResources);

        //adding resources
        foreach ($resources as $resource) {
            $acl -> addResource(new \Zend\Permissions\Acl\Resource\GenericResource($resource));
        }
        //adding restrictions
        foreach ($allResources as $resource) {
            $acl -> allow($role, $resource);
        }
    }
    //testing
    //var_dump($acl->isAllowed('admin','home'));
    //true

    //setting to view
    $e -> getViewModel() -> acl = $acl;

}

public function checkAcl(MvcEvent $e) {
    $route = $e -> getRouteMatch() -> getMatchedRouteName();

    $userRole = 'guest';

    if (!$e -> getViewModel() -> acl -> isAllowed($userRole, $route)) {
        $response = $e -> getResponse();
        //location to page or what ever
        $response -> getHeaders() -> addHeaderLine('Location', $e -> getRequest() -> getBaseUrl() . '/404');
        $response -> setStatusCode(303);

    }
}


}

2 answers

solution1
 0  2013-03-22 21:03:21

here is some example of my codes :

$controller = $e->getTarget();
$auth = new AuthenticationService();
$is_login = $auth->hasIdentity();

//check if action is login

$params = $e->getApplication()->getMvcEvent()->getRouteMatch()->getParams();

if ($params['action'] == 'login') {

if ($is_login) {
    return $controller->redirect()->toRoute('adminwithlang/adminindex');
}

if (!$is_login) {
return $controller->redirect()->toRoute('adminwithlang/adminauthlogin');
}

example gist : https://gist.github.com/anonymous/5227267

solution2
 0  2014-05-07 06:09:32

I am looking at something similar to this; I did some digging and found the following

get the following inside the function you attach on the onBootstrap

$routeMatch = $e->getRouteMatch( );
$controllerParamName = \Zend\Mvc\ModuleRouteListener::ORIGINAL_CONTROLLER;
$controller = $routeMatch->getParam( $controllerParamName );
$action = $routeMatch->getParam( 'action' );
$route = $routeMatch->getMatchedRouteName( );

check if the user has logged in; if not you are redirecting to the login event

while redirecting you can pass these 3 variables (controller, action, route) inside your login event these will default to null and if they are defined then after successful login you will redirect to this combination of controller, action, route

I am still writing the code and I will publish once I am successful Hope this helps

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Zend framework authentication and acl question Zend Framework Sitemap and ACL Persisting Zend Framework ACL Lists Manage ACL with Zend Framework and Doctrine 2 Zend Framework 1 ini config for ACL Dynamic custom ACL in zend framework? Zend Framework 2.0 Acl Library Zend framework: Implementing Zend_acl Grant ACL permission by URLs in Zend Framework 2 user authentication with zend framework 2
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM