stackoom
  简体   繁体   中英

validate user credentials with sfGuard

 原文  2011-12-27 15:37:19       php/ symfony1/ login/ propel/ sfguard

Question

I use symfony 1.4 with sfGuard with Propel, and considering that this is my first symfony experience, I'm still a total noob with some part of the architecture.

I was asked to create some webservices, one of this shall be taking user (email) and password and print out a json string feedback as result.

I don't have a clue about how to perform such a task with sfGuard, so if anybody has an example it'd be appreciated.

I think that the algorithm should be sha1, because in the sf_guard_user table I found rows like 

id  username                algorithm   salt                            password                                    created_at              last_login              is_active   is_super_admin
4   myuser@myhostname.com   sha1    623de866b49c696b452e0d12b55895c8    dcbe87a60a769b9e3b5f0988141b824fa5206235    2011-12-06 02:32:43     2011-12-27 15:49:41     1           0

2 answers

solution1
 1  2011-12-27 16:19:23

Just have a look at sfGuardValidatorUser class. Basically it's something like this:

  1. Check if a user with the given username exists
  2. If 1. then check if it's active (is_active field)
  3. If 2. then check the password using the checkPassword public method from the sfGuardUser class (default is something like sha1(db_salt.submitted_password) == db_password )

solution2
 0 ACCPTED  2011-12-27 16:33:07

Ok, I've found a dirty trick, but it works.

I can fake a login form submission and sitck to the usual login patter, which it becomes something like: 

        $request->setParameter('signin', array(
                'username' =>$request->getParameter("username"),
                'password' =>$request->getParameter("password"),
              ));
        $form = new BeetleLoginForm();
        $form->bind($request->getParameter('signin'));
        if ($form->isValid()) {
            $values = $form->getValues();
            $this->getUser()->signin($values['user'], false);
            $resp['return'] = "YES";
            $resp['message'] = "You have successfully logged in";
            return $this->renderText(json_encode($resp));

        }

I hope that this could help somebody stuck in the same limbo.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Which method is better to validate user credentials? How to create a custom login for sfGuard user in Symfony? Validate the user credentials in Android APP with external database Validate FTP credentials How to validate the user login credentials in android using PHP, MySql with the help of json how to resolve it an sfGuard blm? sfguard bundle for symfony2 How to add users to sfguard Caching API user credentials OAuth User Credentials Granting
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM