Back to the module list

Authentication of the user

In the index.php page of the project, create the few lines :

require ("domframework/authentication.php");
$route = new \route;
$authentication = new \authentication ($route);
$authentication->appName = "Application !";
$authentication->authMethods = array ("ldap");
$authentication->authServers = array ("authldap"=>array (
                                       ),
);
$authentication->routes ();
');

In the REST part, add :

$route->output = "rest";
$route->viewClass =\'\views\rest\';
try
{
  $authREST = $authentication->verifAuthREST ();
}
catch (Exception $e)
{
  $route->error ($e);
}
');

In the HTML part, add :

$route->output = "html";
$route->viewClass =\'\views\general\';
try
{
  $authHTML = $authentication->verifAuthHTML ();
}
catch (Exception $e)
{
  $route->error ($e);
}
');

The class definition

Class \authentication

Namespace \

Description

 All the authentication protocol

Properties

public $appName;
 The application Name displayed on authentication page
public $authMethods=array ();
 The authentication methods. Can be ldap, sympa...
public $authServers=array ();
 The authentication servers configuration
 array ("authXXXX"=>array (
     array ("ldapserver"=>"ldaps://annuaire.grenoble.cnrs.fr",
            "ldapport"=>636,
            "ldaptimeout"=>5,
            "ldapauth"=>"uid=annuaire,ou=people,dc=grenoble,dc=cnrs,dc=fr",
            "ldappwd"=>";authANNUAIRE2013",
            "ldapbase"=>"",
            "ldapfilter"=>"(mail=%s)",
            "ldapfield"=>"mail",
            "ldapfiltersearch"=>"(objectClass=inetOrgPerson)"
     ),
   ),
 );
public $debug=0;
 The debug of the authentication methods
public $htmlMethods=array (session);
 The html authentication methods. Can be http, session, post
 The "post" is already used when using verifAuthLoginPage method (usually
 only in authentication page)
public $loggingFunc;
 The class and method to use to log the errors
public $ratelimitAuth=3;
 Number of authentication maximum by minute
public $ratelimitDir="/tmp";
 Directory to store the ratelimit files
public $restMethods=array (http);
 The rest authentication methods. Can be http, session, post.
 Attention : session case = CSRF !

Methods

public function __construct ($route)
 The constructor
 @param object $route The route object

public function logout ($url="")
 Disconnect the user
 @param string|null $url The url to be redirected after a valid
 logout

public function pageHTML ($url="")
 Display the login page
 @param string|null $url The url to be redirected after a valid
 authentication

public function routes ()
 Add the authentication routes to the routing model for HTML
 authentication. Not needed if using shibboleth, HTTP auth...

public function verifAuthHTML ()
 Check all the others pages of the site

public function verifAuthLoginPage ($url="")
 Check the authentication page
 @param string|null $url The url to be redirected after a valid
 authentication

public function verifAuthREST ()
 Check all the REST API