Created
January 10, 2012 17:03
-
-
Save inxilpro/1590022 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
/* | |
This User model handles everything related to users. Most of the code is | |
ommitted, because it's not relevant to this example. | |
*/ | |
class User | |
{ | |
public static function loadUserByCredentials($username, $password) | |
{ | |
/* | |
Check database for user matching credentials. If no match, | |
return false. If a match, create a new User object, populate | |
it with the user's data, and return that object. | |
*/ | |
} | |
} | |
/* | |
The Auth class is a central place to handle everything having | |
to do with authentication. | |
*/ | |
class Auth | |
{ | |
/* | |
Here we implement a faux-singleton pattern via the getInstance() method | |
so that a single Auth instance is readily available throughout our application. | |
*/ | |
protected static $_instance = null; | |
public function getInstance() | |
{ | |
if (null == self::$_instance) { | |
self::$_instance = new Auth(); | |
} | |
return self::$_instance; | |
} | |
/* | |
authenticate() just passes the info on to our User class and either returns | |
a User object (on success) of FALSE on failure. It also stores the user | |
in the session for later use. | |
You would call this method when a user submits a login form. | |
*/ | |
public function authenticate($username, $password) | |
{ | |
if ($user = User::loadUserByCredentials($username, $password)) { | |
$_SESSION['user'] = serialize($user); | |
return $user; | |
} | |
return false; | |
} | |
/* | |
getIdentity() returns a User object if one is stored in the session. | |
Use this when a user isn't required, but may result in additional features. | |
*/ | |
public function getIdentity() | |
{ | |
if (isset($_SESSION['user'])) { | |
$user = unserialize($_SESSION['user']); | |
if ($user instanceof User) { | |
return $user; | |
} | |
} | |
return false; | |
} | |
/* | |
requireIdentity() is similar to getIdentity(), except that if no user | |
is set in the session, it redirects to APP_ROOT_URI and exits. This way | |
you can be sure you have a User object if requireIdentitu() returns. | |
*/ | |
public function requireIdentity() | |
{ | |
if ($user = $this->getIdentity()) { | |
return $user; | |
} | |
header('Location: ' . APP_ROOT_URI); | |
exit; | |
} | |
} | |
/* | |
This is a very simple controller. Obviously the controller and the view | |
should be separated, but I have the controller printing content just for | |
simplicity's sake. | |
*/ | |
class Controller | |
{ | |
/* | |
The index action doesn't REQUIRE a user, so it uses getIdentity(). | |
If a user exists, we print their name. If not, we fall back on "Guest". | |
*/ | |
public function indexAction() | |
{ | |
$name = 'Guest'; | |
$user = Auth::getInstance()->getIdentity(); | |
if ($user) { | |
$name = $user->getName(); | |
} | |
printf("Hello, %s!", $name); | |
} | |
/* | |
The 'secret' action REQUIRES a user, so we use requireIdentity(). | |
If a user doesn't exist, it automatically redirects (built into the | |
redirectIdentity() method). | |
*/ | |
public function secretAction() | |
{ | |
$user = Auth::getInstance()->requireIdentity(); | |
// If you want to be paranoid, you can sanity-check your $user object. | |
// This way, if you mess up the requireIdentity() code, you still error out. | |
if ($user !instanceof User) { | |
throw new Exception('Authentication error.'); | |
} | |
printf("You can access this secret page because you're %s!", $user->getName()); | |
} | |
} | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment