/**
* Pluggable Authentication plugins base class
+ *
+ * By default, the session cookie is used
*
*/
abstract class ForgeAuthPlugin extends Plugin {
break;
case 'display_auth_form':
// no default implementation, but see AuthBuiltinPlugin::displayAuthForm()
+ // $params can be passed with a 'return_to' attribute
+ // it should return an HTML dialog appened to passed $params['html_snippets']
+ // it may return a redirection URL appened to $params['transparent_redirect_urls']
$this->displayAuthForm($params);
break;
case 'display_create_user_form':
}
// Default mechanisms
+
+
+ /**
+ * Current forge user
+ *
+ * @var object GFUser
+ */
protected $saved_user;
+
/**
* Is there a valid session?
+ *
* @param unknown_type $params
+ * @return FORGE_AUTH_AUTHORITATIVE_ACCEPT, FORGE_AUTH_AUTHORITATIVE_REJECT or FORGE_AUTH_NOT_AUTHORITATIVE
+ * TODO : document 'auth_token' param
*/
function checkAuthSession(&$params) {
+ // check the session cookie/token to get a user_id
if (isset($params['auth_token']) && $params['auth_token'] != '') {
$user_id = $this->checkSessionToken($params['auth_token']);
} else {
$this->saved_user = user_get_object($user_id);
if ($this->isSufficient()) {
$params['results'][$this->name] = FORGE_AUTH_AUTHORITATIVE_ACCEPT;
-
} else {
$params['results'][$this->name] = FORGE_AUTH_NOT_AUTHORITATIVE;
}
/**
* What GFUser is logged in?
+ *
+ * This will generate a valid forge user (by default, it was generated and cached already in saved_user)
+ *
* @param unknown_type $params
+ * @return array $params['results'] containing user object
*/
function fetchAuthUser(&$params) {
if ($this->saved_user && $this->isSufficient()) {
}
// Helper functions for individual plugins
- protected $cookie_name = 'forge_session';
+ // FIXME : where is $this->cookie_name set ?
+ protected $cookie_name;
+
+ /**
+ * Returns the session cookie name for the auth plugin (by default forge_session_AUTHPLUGINNAME)
+ *
+ * @return string
+ */
+ protected function getCookieName() {
+ if ($this->cookie_name) {
+ return $this->cookie_name;
+ }
+ return 'forge_session_'.$this->name;
+ }
protected function checkSessionToken($token) {
return session_check_session_token($token);
}
protected function checkSessionCookie() {
- $token = getStringFromCookie($this->cookie_name);
+ $token = getStringFromCookie($this->getCookieName());
return $this->checkSessionToken($token);
}
+ /**
+ * Sets the session cookie according to the user in $this->saved_user
+ */
protected function setSessionCookie() {
- $cookie = session_build_session_token($this->saved_user->getID());
- session_set_cookie($this->cookie_name, $cookie, "", forge_get_config('session_expire'));
+ if($this->saved_user) {
+ $cookie = session_build_session_token($this->saved_user->getID());
+ session_set_cookie($this->getCookieName(), $cookie, "", forge_get_config('session_expire'));
+ }
}
/**
- * TODO: Enter description here ...
+ * Start a new session for a user
* @param string $username
* @return boolean
*/
- function login($username) {
+ function startSession($username) {
if ($this->isSufficient() || $this->isRequired()) {
$params = array();
$params['username'] = $username;
$user = user_get_object_by_name($username);
$this->saved_user = $user;
$this->setSessionCookie();
+ return $user;
} else {
- return true;
+ return false;
}
}
protected function unsetSessionCookie() {
- session_set_cookie($this->cookie_name, '');
+ session_set_cookie($this->getCookieName(), '');
}
/**