Authentication of the user

In the index.php page of the project, create the few lines :

require ("domframework/authentication.php");
$route = new Domframework\Route;
$authentication = new Domframework\Authentication ($route);
$authentication->appName = "Application !";
$authentication->authMethods = array ("ldap");
$authentication->authServers = array ("authldap"=>array (
                                       ),
);
$authentication->routes ();

In the REST part, add :

$route->output = "rest";
$route->viewClass ='\views\rest';
try
{
  $authREST = $authentication->verifAuthREST ();
}
catch (\Exception $e)
{
  $route->error ($e);
}

In the HTML part, add :

$route->output = "html";
$route->viewClass = '\views\general';
try
{
  $authHTML = $authentication->verifAuthHTML ();
}
catch (\Exception $e)
{
  $route->error ($e);
}

The class definition

Class Domframework\Authentication

Namespace Domframework

Description

/**
 All the authentication protocol

Properties

public $appName;

/**
 The application Name displayed on authentication page

public $authMethods=array ();

/**
 The authentication methods. Can be ldap, sympa...

public $authServers=array ();

/**
 The authentication servers configuration
 array ("authXXXX" => array (
     array ("ldapserver"       => "ldaps://server.domain.fr",
            "ldapport"         => 636,
            "ldaptimeout"      => 5,
            "ldapauth"         => "uid=XXX,dc=domain,dc=fr",
            "ldappwd"          => "XXX",
            "ldapbase"         => "",
            "ldapfilter"       => "(mail=%s)",
            "ldapfield"        => "mail",
            "ldapfiltersearch" => "(objectClass=inetOrgPerson)"
     ),
   ),
 );

public $debug=0;

/**
 The debug of the authentication methods

public $htmlMethods=array (session);

/**
 The html authentication methods. Can be : post, session, http, shibboleth,
 jwt
 The "post" is already used when using verifAuthLoginPage method (usually
 only in authentication page)

public $loggingFunc;

/**
 The class and method to use to log the errors

public $ratelimitAuth=3;

/**
 Number of authentication maximum by minute

public $ratelimitDir="/tmp/ratelimit/";

/**
 Directory to store the ratelimit files

public $restMethods=array (http,jwt);

/**
 The rest authentication methods. Can be post, session, http, shibboleth,
 jwt
 Attention : session case = CSRF !

Methods

public function __construct ( $route)

/**
 The constructor
 @param object $route The route object

public function createJwtToken ( $auth)

/**
 Return the JSON Web Token
 @param string|array $auth The user data to store in JSON Web Token cache.
 The $this->authServers["authjwt"]["algorithm"],
     $this->authServers["authjwt"]["cipherKey"] and
     $this->authServers["authjwt"]["serverKey"] can be set

public function debug ( $debug=null)

/**
 Setter/Getter for debug
 @param integer|null $debug The debug value to get/set
 @return integer|self the actual value or this

public function logout ( $url="")

/**
 Disconnect the user
 @param string|null $url The url to be redirected after a valid
 logout

public function pageHTML ( $url="")

/**
 Display the login page
 @param string|null $url The url to be redirected after a valid
 authentication

public function routes ()

/**
 Add the authentication routes to the routing model for HTML
 authentication. Not needed if using shibboleth, HTTP auth...

public function verifAuthHTML ()

/**
 Check all the others pages of the site
 @return array The details provided by the authentication mecanism

public function verifAuthLoginPage ( $url="")

/**
 Check the authentication page
 @param string|null $url The url to be redirected after a valid
 authentication

public function verifAuthREST ( $savePassword=false)

/**
 Check all the REST API
 @param boolean|null $savePassword return the user password if the
 authentication is valid
 @return array The details provided by the authentication mecanism