I'm writing an application in PHP using Yii. I'm trying to add the ability for users to be able to be authenticated differently.
My main question is what is the best way to go about it.
For example, I was thinking of doing something like so:
Have a table of Authenticators in a database that correlates to classes.
In the users table, have an authenticator id column that correlates to an authenticator.
This is about where I get stuck. I'm trying to be a Yii as possible here and use ActiveRecord. Each authenticator would need to know the users ID, so I'd have to pass that to the authenticator model (that stores the class name) and then find a way to pull the actual class, while passing the user to that as well.
All this seems a bit ... over kill.
Any guidance would be greatly appreciated.
Thanks!
Kyle
Just create your own descendant of CUserIdentity which implements Factory pattern. Sounds difficult, but I think there's no short answer at all.
You have all your answers in this topic: Authentication and Authorization.
i'm suggesting you to use rbac approach and the easiest way is to use right module.
Related
I'm building a website with symfony and for the user management I choose FOSUserBundle. Now.. I've build my form where I need an username, email and password (nothing more for now), which are the fields in my User table. But with FOSUserBundle it expects a lot more fields in my table like username_canonical, token, login_confirmation....
Is there a way to still use FOSUserBundle, but only with the 3 fields that I want to use? I was searching to maybe override it, but I couldn't find a solution.
In order to use FOS\UserBundle your user class needs to implement FOS\UserBundle\Model\UserInterface. It will provide the mandatory information. If you really want to have a simpler user interface (although FOS\UserBundle\Model\UserInterface is pretty simple) you will need to create your own logic (e.g. fork FOS\UserBundle).
I am facing the problem that I have to implement a way to authenticate a user against a SecurityService and, after that, get some data about him out of my database.
I want to use the ZfcUser Plugin and I am confused by Adapters, AdapterChains and AuthServices.
I really would appreciate some clarification about those classes and when to use them and in particular which one will be the type of class I have to use to communicate with my SecurityService.
I'm currently developing a website in Zend Framework wich uses Zend_Auth. The current design of the database is the following:
users - id / email
users_props - id - user_id - prop_name - prop_value
However, the current Zend_Auth_Adapter_DbTable uses only one table, as where I have to tables and need to join them.
How on earth can I do this? As far as i'm concerned, there are three options:
I somehow create a (mysql) view
I change the design so the users table contains both username/password
I rewrite the Zend_Auth_Adapter_DbTable to a Custom_Auth_Adapter_DbTabe
Can anyone point me out what the best practise is?
Thanks in advance :)
The proper thing to do is to create a custom Zend_Auth_Adapter that authentication to your particular DB schema.
Its actually pretty easy, there is only a single method in the interface to implemnt. Its also possible you could jsut extend Zend_Auth_Db_Adapter and override methods as necessary. Probably only what builds executes and returns the query result. But honestly i would just implment the interfae from scratch were it me. A lot easier that way IMO :-)
I'm hoping to use Ion Auth for a Codeigniter application, but I'm unsure of exactly how to structure the tables appropriately. Basically, I have a few different types of users each with different attributes. How would one build this out with just a single meta table?
Some ideas were offered here ( Create user roles and profiles in Codeigniter using Ion Auth ) but none seem particularly elegant or ideal. Is there a a better way? Can I easily work with multiple meta tables (e.g. meta_type1, meta_type2, etc.) somehow?
A related issue pertains to the "identity" config parameter for login etc. How could I have the identity be email for one user type, and username for another?
Thanks in advance for any tips/advice/ideas
Ion Auth code is really clean and organized.
You can easily hack the login process to accept both username or email. Even better, you can fork the repo on GitHub and make the $config['identity'] variable accept both string or array, and act according to that. And send a pull request! :-)
Regarding meta data for users: I would definitely use a single table to handle users metadata. You can put several columns and set to null in case some user type doesn't need them.
Hope my ideas help! Good luck and happy coding.
I also meet the same problem as you. And i found codeigniter authentication library alternative that could solve the problem. Flexi Auth seems can handle "multiple extra meta table" for different user groups.
i was just looking for a bit of advice, currently my DB design is that one user has many blog postings. Now i have a user class and a blog class.
However im not sure about the proper way to get all blog posts for that user. Do i create a getAllBlogs() function in the user class which returns blog objects or do i create a main blog class that you can search by user, so it'd be getAllBlogsForUser($id)
Thanks :-)
I'd personally use the later option. This is because the blog class knows how to deal with the blog table(s). I wouldn't want to write blog-specific DB code in the user class. On the other hand, you still can add User::getAllBlogs() as a wrapper around Blog::getAllBlogsForUser().
It's really up to you. Since users are pretty tightly coupled to blogs, you could do both.
Consider how nicely they could play together:
<?PHP
class User {
protected $_blogs;
public function getBlogs($force=false){
if (empty($this->_blogs) || $force){
$this->_blogs = BlogClass::getBlogsByUser($this->user_id);
}
return $this->_blogs;
}
}
Now you can grab a user's blogs whenever you want, and it will fetch them only when necessary. The $force parameter can be used to force a reload.
i am not sure if this is actually a helpful answer .. however if your db design is done correctly with the correct normalization practices in place .. it should be indicative of your class layouts as well. as User is an independent entity, and posts use user_id or something as the foreign key , it should clearly give you the idea who should be the master. Users can exist with-out posts , however posts can not exist with out users. So it makes sense to put the get posts method in the postings class rather than the users class.
I'd use both, like User::getPosts and Posts::findByUserId ("Posts" as model name sounds better to me than "Blogs" ). Both methods have similar functionality and which one to use depends on the context, for example, frontend will rather use Users model, while in admin interface 'finder' methods could be more appropriate.
I would create both. Your User::getBlogs() could use Blogs::getBlogsByUserId($idUser) since when you are in the user context, you will have access to the user's id to pass to the Blogs method.