I am using Zend framework 1.12.I have one ajax based UI that sends an user account information(stored in master database) to controller. Every user account has its related DB. But when I select an user that has no related db, controller sends application error. I want some message to be send to UI.
private function _initDB()
{
global $databaseip, $username, $password;
try {
// I can access this scope with valid db name
// for multi user && multi db
$this->_pdo = new Zend_Db_Adapter_Pdo_Mysql(
array(
'host' => $databaseip,
'username' => $username,
'password' => $password,
'dbname' => $this->_dbname,
)
);
} catch (Zend_Exception $e) {
// I want some message to be passed to UI.
// can't access this scope with invalid dbname
// as users list stores in master database
// may be db-admin deleted database of that user
// but forgot to delete that user from master-users database
}
}
Thanks in advance:
Related
I am creating an API for registration and authentication by Active Directory.
When registering, I use the "userPassword" field to store the password.
$user = new User([
'cn' => $full_name,
'userPassword' => $password,
'samaccountname' => $username,
'mail' => $email
]);
$user->inside(config('ldap.connections.default.base_dn'));
$user->save();
Registration works fine.
But at the time of authentication, the Active Directory does not recognize the provided password:
$user = User::where('samaccountname', '=', $username)->firstOrFail(); // all is good here. print_r($user) shows user details
if (Container::getDefaultConnection()->auth()->attempt($user['distinguishedname'], $password)) {
// returns a response to the user
return \response()->json(
new UserResource($user), 200
);
} else {
return \response()->json(
[
'message' => 'invalid credentials or user not exists.'
], 403
);
}
Can someone help me.
Using plain stored password won't work, there are some encoding which need to be carried out but there's a mutator unicodePwd that will handle it for you. Try
$user = new User([
'cn' => $full_name,
'unicodePwd ' => $password,
'samaccountname' => $username,
'mail' => $email
]);
The attribute used to set the password of an account is unicodePwd. This attribute can only be set, not read.
There are some strict requirements about the format of what you put there, which are described in the Microsoft documentation. However, the LdapRecord library handles that for you, according to their documentation:
The password string you set on the users unicodePwd attribute is automatically encoded, you do not need to encode it yourself.
Their example on how to create an AD user looks like this:
$user = (new User)->inside('ou=Users,dc=local,dc=com');
$user->cn = 'John Doe';
$user->samaccountname = 'jdoe';
$user->unicodePwd = 'SecretPassword';
$user->userPrincipalName = 'jdoe#acme.org';
$user->save();
// Enable the user.
$user->userAccountControl = 512;
try {
$user->save();
} catch (\LdapRecord\LdapRecordException $e) {
// Failed saving user.
}
The following method is used to create a user with POSIX login ability in the OpenLDAP database. Users having the account created by the following method can login any of the OpenLDAP client linux machine. When calling this method, I have to pass the following variables:
$ldapconn : Returned by ldap_connect.
$username : The username that I want to create.
$password : The password for logging in the account.
public static function createNewUser($ldapconn, $username, $password) {
if (!$ldapconn) { return false; }
require_once("LDAPConfigurator.php");
$r = ldap_bind($ldapconn, "cn=admin,dc=test,dc=com", "12345");
// Prepare data
$info = [
'cn' => $username,
'sn' => $username,
'gidNumber' => 502,
'homedirectory' => "/home/ldap/".$username,
'loginShell' => "/bin/sh",
'password' => $password,
'uidNumber' => 2333, // Can I set auto increment for this value?
'username' => $username,
'objectclass' => [
'inetOrgPerson',
'posixAccount',
'top'
]
];
// Add data to directory
$r = ldap_add($ldapconn, "cn=".$username",cn=users,ou=groups,dc=test,dc=com", $info);
return true;
}
For setting the $info object, I reference the attributes used in a POSIX user account in phpLDAPadmin and they all have the required label. However, I finally get the following error:
Warning: ldap_add(): Add: Undefined attribute type
So what is the proper $info object for creating a POSIX user?
It looks like you're trying to add attribute that are not supported. The username is neither supported by inetOrgPerson nor by posixAccount and the password-attribute should be userPassword according to the posixAccount.
For more information have a look at the supported attributes at http://www.zytrax.com/books/ldap/ape/#objectclasses
I'm writing an app(run on web and Android) for my company's staffs and I want to use Parse.com to store data.
But I'would like to use my company MYSQL database to check if my staffs account and password is correct.
If I have a php file on my server,
for example something like:
<?php
$account=$_POST['account'];
$pw=$_POST['pw'];
if (checkifpwiscorrect($account,$pw)==true) {
//how can the user also log in to Parse
} else {
// account or password wrong
}
?>
How to log in to Parse if account and password is correct?
here is an login function which actually use the restClient class request method.
public function login($username, $password) {
if (!empty($username) || !empty($password)) {
$request = $this->request(array(
'method' => 'GET',
'requestUrl' => 'login',
'data' => array(
'username' => $username,
'password' => $password
)
));
return $request;
} else {
$this->throwError('username and password field are required for the login method');
}
}
I have asked this question already but still I didn't get an answer.
How to login using Github, Facebook, Gmail and Twitter in Laravel 5.1?
auth not working
I am able to store data from gmail, github in the database.
Controller
if (Auth::attempt(['email' => $email, 'password' => $user_id]))
{
return redirect()->intended('user/UserDashboard');
}
else
{
//here i am going to insert if user not logged in already
return redirect()->intended('user/UserDashboard');
}
My problem is if I echo any data instead of return redirect()->intended('user/UserDashboard'); then it displays. If I add redirect then it doesn't work.
I'm not entirely sure how it works when using google for oAuth, but I assume your desired flow is:
User returns from google.
Check if user already exists, otherwise create new user record.
Log user in.
Redirect to dashboard.
Assuming the above your methods would look something like this.
Controller
public function google()
{
// Redirect user to google for authentication
return Socialite::driver('google')->redirect();
// In Laravel 5.0 this would be
// return Socialize::with('google')->redirect();
}
public function googleCallback()
{
// Return from google with user object
$googleUser = Socialite::driver('google')->user();
// In Laravel 5.0 the above would be
// $user = Socialize::with('google')->user();
// If user exists, retrieve the first() record,
// otherwise create a new record
$user = User::firstOrCreate([
'user_id' => $googleUser->id,
'name' => $googleUser->name,
'password' => $googleUser->id,
'email' => $googleUser->email,
'avatar' => $googleUser->avatar
]);
// Login the user
Auth::login($user, true);
// Redirect to the dashboard
return Redirect::intended('user/UserDashboard');
}
In the login action I'm having the following code:
public function login($sEmail, $sEncryptedPassword, $bIsClear = true)
{
$manager = $this->getServiceLocator()->get('session_manager');
$manager->start();
Container::setDefaultManager($manager);
$this->auth = new AuthenticationService();
$this->auth->setStorage(new Session('FSP'));
$dbAdapter = $this->getServiceLocator()->get('Zend\Db\Adapter\Adapter');
$this->authAdapter = new AuthAdapter(
$dbAdapter,
'fsp_user',
'email',
'password'
);
$this->authAdapter
->setIdentity($sEmail)
->setCredential($sEncryptedPassword);
$authAuthenticate = $this->auth->authenticate($this->authAdapter);
if ($authAuthenticate->isValid()) {
$user = $this->authAdapter->getResultRowObject();
$storage = $this->auth->getStorage();
$storage->write(
array(
'email' => $user->email,
'first_name' => $user->first_name,
'last_name' => $user->last_name,
'id' => $user->id
)
);
}
I have two problems with this code:
1) I'm saving the session in the database, and the session SaveHandler is configured in a service manager. I don't know if once I'm using Zend\Authenticate I should use the session manager too. In the documentation is saying that
"Unless specified otherwise, Zend\Authentication\AuthenticationService
uses a storage class named Zend\Authentication\Storage\Session, which,
in turn, uses Zend\Session."
So my first question is: can I configure the sessionHandler using just Zend\Authenticate or do I have to use the session manager?
2)I can't figured out how session storage is working in ZF. After login, the session data is not persisted in the DB. If I'm doing some debugging I get the following data:
$session = new Container("FSP");
//this returns the session data
var_dump($session->getIterator());
//this returns empty
var_dump($this->auth->getStorage());
//this returns null, but I do have a FSP named cookie with an Id, showing in Chrome's developer tool
$cookie = $this->getServiceLocator()->get('request')->getHeaders()->get('cookie');
$sessionId = $cookie->FSP;
var_dump($sessionId);
However, if I'm doing a refresh on the login (the login action is run again) the data from the previous session is wrote in the DB and not the data from the current one.
So the second question is, why the session data is not persisted in the database at login and at what step in the session instantiation process is the cookie with the session ID created?