Last active
July 9, 2017 20:46
-
-
Save ruckuus/5520759 to your computer and use it in GitHub Desktop.
Silex User Authentication and PHP ActiveRecord
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
/* | |
* Put it in app.php | |
*/ | |
use Silex\Provider\SecurityServiceProvider; | |
$app = new Silex\Application(); | |
$app->register(new SecurityServiceProvider(), array( | |
'security.firewalls' => array( | |
'admin' => array( | |
'pattern' => '^/', | |
'form' => array( | |
'login_path' => '/user/login', | |
'username_parameter' => 'form[username]', | |
'password_parameter' => 'form[password]', | |
'check_path' => '/admin/login_check', | |
), | |
'logout' => true, | |
'anonymous' => true, | |
'users' => $app->share(function() use ($app) { | |
return new App\User\UserProvider(); | |
}), | |
), | |
), | |
)); | |
/* ActiveRecord */ | |
$app['ar.model_dir'] = __DIR__ . '/App/Model'; | |
$app['ar.connections'] = array ( | |
'development' => 'mysql://root@localhost/db_name' | |
); | |
$app['ar.default_connection'] = 'development'; | |
$app->register(new Ruckuus\Silex\ActiveRecordServiceProvider()); | |
return $app; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{% extends 'layout.html.twig' %} | |
{% set active = 'account' %} | |
{% block content %} | |
<h1>{{ 'Login'|trans }}</h1> | |
{% if error %} | |
<div class="alert alert-error"> | |
{{ error }} | |
</div> | |
<div class="alert alert-info"> | |
<strong>Hint:</strong> Try <code>username</code>/<code>password</code> | |
</div> | |
{% endif %} | |
<form action="{{ path('admin_login_check') }}" method="post" novalidate {{ form_enctype(form) }} class="form-vertical"> | |
{{ form_widget(form) }} | |
<div class="form-actions"> | |
<button type="submit" class="btn btn-primary">{{ 'Send'|trans }}</button> | |
</div> | |
</form> | |
{% endblock %} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
/* | |
* Put it in App/Provider | |
*/ | |
namespace App\Provider; | |
use Silex\Application; | |
use Silex\ControllerProviderInterface; | |
use Symfony\Component\HttpFoundation\Request; | |
use Symfony\Component\HttpFoundation\Response; | |
class LoginControllerProvider implements ControllerProviderInterface | |
{ | |
public function connect(Application $app) { | |
$controllers = $app['controllers_factory']; | |
$controllers->match('/', function() use ($app) { | |
if (!$app['security']->isGranted('ROLE_USER')) { | |
return $app->redirect('/user/login'); | |
} else { | |
/* Redirect to user's account page */ | |
return $app->redirect($app['url_generator']->generate('homepage')); | |
} | |
}); | |
$controllers->match('/login', function(Request $request) use ($app) { | |
$form = $app['form.factory']->createBuilder('form') | |
->add('username', 'text', array('label' => 'Username', 'data' => $app['session']->get('_security.last_username'))) | |
->add('password', 'password', array('label' => 'Password')) | |
->getForm() | |
; | |
return $app['twig']->render('login.html.twig', array( | |
'form' => $form->createView(), | |
'error' => $app['security.last_error']($request), | |
'last_username' => $app['session']->get('_security.last_username'), | |
)); | |
})->bind('login'); | |
$controllers->match('/logout', function() use ($app) { | |
$app['session']->clear(); | |
return $app->redirect($app['url_generator']->generate('homepage')); | |
})->bind('logout'); | |
return $controllers; | |
} | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
/* | |
* Put it in App/Model | |
*/ | |
namespace App\Model; | |
class User extends \ActiveRecord\Model | |
{ | |
static $connection = 'development'; | |
static $attr_accessible = array('username', 'password', 'roles'); | |
static $alias_attribute = array( | |
'alias_username' => 'username', | |
'alias_password' => 'password', | |
'alias_roles' => 'roles', | |
'alias_id' => 'id' | |
); | |
static $has_many = array( | |
array('problem') | |
); | |
static $validates_presence_of = array( | |
array('name'), array('roles') | |
); | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
/* | |
* Put it in App/User | |
*/ | |
namespace App\User; | |
use Symfony\Component\Security\Core\User\UserProviderInterface; | |
use Symfony\Component\Security\Core\User\UserInterface; | |
use Symfony\Component\Security\Core\User\User; | |
use Symfony\Component\Security\Core\Exception\UsernameNotFoundException; | |
use Symfony\Component\Security\Core\Exception\UnsupportedUserException; | |
use App\Model\User as BlogUser; | |
class UserProvider implements UserProviderInterface | |
{ | |
public function loadUserByUsername($username) | |
{ | |
$user = BlogUser::find_by_username(strtolower($username)); | |
if ($user->count() < 1) { | |
throw new UsernameNotFoundException(sprintf('Username "%s" does not exist.', $username)); | |
} | |
if ($user->dirty_attributes()) { | |
throw new UnsupportedUserException(sprintf('Bad credentials for "%s"'), $username); | |
} | |
return new User($user->alias_username, $user->alias_password, explode(',', $user->alias_roles), true, true, true, true); | |
} | |
public function refreshUser(UserInterface $user) | |
{ | |
if (!$user instanceof User) { | |
throw new UnsupportedUserException(sprintf('Instances of "%s" are not supported.', get_class($user))); | |
} | |
return $this->loadUserByUsername($user->getUsername()); | |
} | |
public function supportsClass($class) | |
{ | |
return $class === 'Symfony\Component\Security\Core\User\User'; | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment