Last active
June 29, 2016 16:43
-
-
Save sanhuang/87776cb330776814c865cb03ce23127e to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
namespace Personalwork\Auth; | |
use Phalcon\Events\Event, | |
Phalcon\Mvc\Dispatcher, | |
Phalcon\Mvc\User\Plugin; | |
use Personalwork\Exceptions\AuthExceptions as Exception; | |
/** | |
* Personalwork\Plugins\Auth | |
*/ | |
class AuthPlugin extends Plugin { | |
/** | |
* 基本版驗證 | |
*/ | |
const TYPE_BASIC = 1; | |
/** | |
* 進階版驗證 | |
*/ | |
const TYPE_ADVANCE = 2; | |
var $type; | |
/** | |
* Allowed resource types for the configuration file | |
* @var array | |
*/ | |
private $st_resourceTypes = array( | |
'public', | |
'private' | |
); | |
public function __construct($opt=null) { | |
if( is_array($opt) ){ | |
foreach ($opt as $key => $value) { | |
$this->$key = $value; | |
} | |
} | |
} | |
/** | |
* beforeDispatchLoop | |
* | |
* @param Event $event | |
* @param Dispatcher $dispatcher | |
* @return \Phalcon\Http\ResponseInterface | |
*/ | |
public function beforeDispatchLoop(Event $event, Dispatcher $dispatcher) | |
{ | |
if ($this->auth->hasRememberMe()) { | |
$this->auth->loginWithRememberMe(false); | |
} | |
$config = $dispatcher->getDI()->get('config'); | |
$authConfig = $this->getConfigStructure($config); | |
$needsIdentity = $this->needsIdentity($authConfig, $dispatcher); | |
$identity = $this->auth->getIdentity(); | |
if ($this->auth->isUserSignedIn()) { | |
$actionName = $dispatcher->getActionName(); | |
$controllerName = $dispatcher->getControllerName(); | |
if ($controllerName == 'people' && $actionName == 'login') { | |
if( in_array($user->RoleId ,array('1','2')) ){ | |
$authRedirect = $config->auth->backend->success; | |
}elseif( in_array($user->RoleId ,array('3')) ){ | |
$authRedirect = $config->auth->frontend->success; | |
} | |
return $this->response->redirect($authRedirect); | |
} | |
} | |
if (true === $needsIdentity) { | |
if (!is_object($identity)) { | |
$this->flash->notice('Private area. Please login.'); | |
$this->view->disable(); | |
return $this->response->redirect($config->auth->frontend->failure)->send(); | |
} | |
} | |
$this->view->setVar('identity', $identity); | |
} | |
/** | |
* Check if the controller / action needs identity | |
* | |
* @param array $config | |
* @param Dispatcher $dispatcher | |
* @return boolean | |
*/ | |
private function needsIdentity($config, Dispatcher $dispatcher) | |
{ | |
$actionName = $dispatcher->getActionName(); | |
$controllerName = $dispatcher->getControllerName(); | |
if ($config['type'] == 'public') { // all except .. | |
return $this->checkPublicResources($config['resources'], $actionName, $controllerName); | |
} else { | |
return $this->checkPrivateResources($config['resources'], $actionName, $controllerName); | |
} | |
return false; | |
} | |
/** | |
* Check for public resources | |
* | |
* @param array $resources | |
* @param string $actionName | |
* @param string $controllerName | |
* @return boolean | |
*/ | |
private function checkPublicResources($resources, $actionName, $controllerName) | |
{ | |
$resources = isset($resources['*']) ? $resources['*'] : $resources; | |
foreach ($resources as $controller => $actions) { | |
if ($controller == $controllerName) { | |
if (isset($controller['*'])) { | |
return true; | |
} else { | |
if (in_array($actionName, $actions) || $actions[0] == '*') { | |
return true; | |
} | |
} | |
} | |
} | |
return false; | |
} | |
/** | |
* Check for private resources | |
* | |
* @param array $resources | |
* @param string $actionName | |
* @param string $controllerName | |
* @return boolean | |
*/ | |
private function checkPrivateResources($resources, $actionName, $controllerName) | |
{ | |
$resources = isset($resources['*']) ? $resources['*'] : $resources; | |
foreach ($resources as $controller => $actions) { | |
if ($controller == $controllerName) { | |
if (isset($controller['*'])) { | |
return true; | |
} else { | |
if (in_array($actionName, $actions)) { | |
return false; | |
} | |
} | |
} | |
} | |
return true; | |
} | |
/** | |
* Get the configuration structure for the plugin | |
* | |
* @param \Phalcon\Config $config | |
* @throws Exception | |
*/ | |
private function getConfigStructure(\Phalcon\Config $config) | |
{ | |
if (isset($config->auth)) { | |
$config = $config->auth->resources->toArray(); | |
if (!isset($config['type']) || (isset($config['type']) && !in_array($config['type'], $this->st_resourceTypes))) { | |
throw new Exception('Wrong configuration for key "type" or the key does not exists'); | |
} | |
if (!isset($config['resources']) || (isset($config['resources']) && !is_array($config['resources']))) { | |
throw new Exception('Resources key must be an array'); | |
} | |
return $config; | |
} else { | |
throw new Exception('Configuration error: I couldn\'t find the configuration key "auth" '); | |
} | |
} | |
} | |
?> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment