Zend_Auth:允许用户登录到多个表/身份 [英] Zend_Auth: Allow user to be logged in to multiple tables/identities
问题描述
我正在使用Zend_Auth在Web门户中进行身份验证.
I am using Zend_Auth for authentication in a web portal.
查询具有login和password列的普通mySQL用户"表,并登录用户.
A normal mySQL "users" table with a login and password column gets queried against, and a user logged in.
但是,我还有两个要验证的用户组.这三个用户组的登录数据都在其他表中.他们的数据来自外部来源,因此不希望将这些登录帐户统一为一个.
However, I have two additional groups of users that I want to authenticate. All three of these user groups have their logon data in other tables. Their data is coming from external sources, so unifying these login accounts into one is not desired.
因此,一个用户可能是同时来自三个组中的任何一个的经过身份验证的用户,甚至三个组中的全部..
So it could be that a user is an authenticated user from any of the three groups, even all three of them, at the same time.
三个登录组中的每个登录组都有自己的登录表单和注销按钮.
Every one of the three login groups has their own login form and logout button.
此刻,我有一个简单的Zend_Auth登录名,该登录名取自一些教程,并做了一些修改,看起来大致像这样:
At the moment, I have a single, straightforward Zend_Auth login, taken from some tutorial and slightly modified, that looks approximately like this:
function login($user, $password)
{
$auth = Zend_Auth::getInstance();
$storage = new Zend_Auth_Storage_Session();
$auth->setStorage($storage);
$adapter = new Zend_Auth_Adapter_DbTable(....);
$adapter->setIdentity($username)->setCredential($password);
$result = $auth->authenticate($adapter);
if ($result->isValid())
......... success!
else
.... fail!
我该从哪里开始服务并为这三个组处理单独的已登录"状态?我的想法是,我想共享会话,并分别管理身份验证.
where would I have to start to make this serve and address separate "logged in" states for the three groups? My idea is that I would like to share the session, and manage the authentications separately.
这可能吗?也许有一个简单的前缀可以简化此操作?问题上是否有任何教程或资源?
Is this possible? Maybe there is a simple prefix that makes this easy? Do any tutorials or resources exist on the issue?
我是Zend Framework的相对新手.
I'm a relative newbie to the Zend Framework.
推荐答案
您应该创建自己的Zend_Auth_Adapter.该适配器将尝试对您的三个资源进行身份验证,并将其标记在私有成员变量中,这样您就可以知道哪些登录尝试已成功进行了身份验证.
You should create your own Zend_Auth_Adapter. This adapter will try to authenticate against your three resources and will flag it in a private member variable, so you can know which of the logins attempts were sucefully authenticated.
要创建您的身份验证适配器,您可以将Zend_Auth_Adapter_DbTable作为基础.
To create your Auth Adapter you can take as basis the Zend_Auth_Adapter_DbTable.
因此,在__construct中,您可以传递每个资源中使用的三个适配器,而不是仅传递一个DbTable适配器.仅当每个人使用不同的资源(例如LDAP)或什至另一个数据库时,您才可以这样做,否则,您只能传递一个适配器并在配置选项中设置三个不同的表名.
So, in the __construct instead of pass just one DbTable adapter, you can pass the three adapters used in each resource. You'll do in that way only if each one use different resources, like LDAP for example, or even another database, if not, you can pass just one adapter and set three different table names in the configuration options.
以下是Zend_Auth_Adapter_DbTable中的示例:
Here is the example from Zend_Auth_Adapter_DbTable:
/**
* __construct() - Sets configuration options
*
* @param Zend_Db_Adapter_Abstract $zendDb
* @param string $tableName
* @param string $identityColumn
* @param string $credentialColumn
* @param string $credentialTreatment
* @return void
*/
public function __construct(Zend_Db_Adapter_Abstract $zendDb, $tableName = null, $identityColumn = null,
$credentialColumn = null, $credentialTreatment = null)
{
$this->_zendDb = $zendDb;
// Here you can set three table names instead of one
if (null !== $tableName) {
$this->setTableName($tableName);
}
if (null !== $identityColumn) {
$this->setIdentityColumn($identityColumn);
}
if (null !== $credentialColumn) {
$this->setCredentialColumn($credentialColumn);
}
if (null !== $credentialTreatment) {
$this->setCredentialTreatment($credentialTreatment);
}
}
下面的方法,来自Zend_Auth_Adapter_DbTable,尝试对一个表进行身份验证,您可以将其更改为在三个表中进行尝试,对于每个表,当成功时,都可以将其设置为私有成员变量中的一个标志.类似于$ result ['group1'] = 1;您将为每次成功登录尝试设置1.
The method bellow, from Zend_Auth_Adapter_DbTable, try to authenticate against one table, you can change it to try in three tables, and for each, when you get sucess, you set this as a flag in the private member variable. Something like $result['group1'] = 1; You'll set 1 for each sucessfully login attempt.
/**
* authenticate() - defined by Zend_Auth_Adapter_Interface. This method is called to
* attempt an authentication. Previous to this call, this adapter would have already
* been configured with all necessary information to successfully connect to a database
* table and attempt to find a record matching the provided identity.
*
* @throws Zend_Auth_Adapter_Exception if answering the authentication query is impossible
* @return Zend_Auth_Result
*/
public function authenticate()
{
$this->_authenticateSetup();
$dbSelect = $this->_authenticateCreateSelect();
$resultIdentities = $this->_authenticateQuerySelect($dbSelect);
if ( ($authResult = $this->_authenticateValidateResultset($resultIdentities)) instanceof Zend_Auth_Result) {
return $authResult;
}
$authResult = $this->_authenticateValidateResult(array_shift($resultIdentities));
return $authResult;
}
只有成功验证了三个登录尝试之一,您才返回有效的$ authresult.
You will return a valid $authresult only if one of the three login attempts were sucessfully authenticated.
现在,在您尝试登录后,在您的控制器中
Now, in your controller, after you try to login:
public function loginAction()
{
$form = new Admin_Form_Login();
if($this->getRequest()->isPost())
{
$formData = $this->_request->getPost();
if($form->isValid($formData))
{
$authAdapter = $this->getAuthAdapter();
$authAdapter->setIdentity($form->getValue('user'))
->setCredential($form->getValue('password'));
$result = $authAdapter->authenticate();
if($result->isValid())
{
$identity = $authAdapter->getResult();
Zend_Auth::getInstance()->getStorage()->write($identity);
// redirect here
}
}
}
$this->view->form = $form;
}
private function getAuthAdapter()
{
$authAdapter = new MyAuthAdapter(Zend_Db_Table::getDefaultAdapter());
// Here the three tables
$authAdapter->setTableName(array('users','users2','users3'))
->setIdentityColumn('user')
->setCredentialColumn('password')
->setCredentialTreatment('MD5(?)');
return $authAdapter;
}
这里的关键是波纹管,它将在您的自定义身份验证适配器中实现:
The key here is the line bellow, that will be implemeted in your custom auth adapter:
$identity = $authAdapter->getResult();
您可以将Zend_Auth_Adapter_DbTable这种形式用作基础:
You can take as basis this form Zend_Auth_Adapter_DbTable:
/**
* getResultRowObject() - Returns the result row as a stdClass object
*
* @param string|array $returnColumns
* @param string|array $omitColumns
* @return stdClass|boolean
*/
public function getResultRowObject($returnColumns = null, $omitColumns = null)
{
// ...
}
这将在成功通过身份验证后返回登录尝试中匹配的行. 因此,您将创建可以返回此行以及$ this-> result ['groupX']标志的getResult()方法. 像这样:
This return the row matched in the login attempt when sucessfully authenticated. So, you'll create your getResult() method that can return this row and also the $this->result['groupX'] flags. Something like:
public function authenticate()
{
// Perform the query for table 1 here and if ok:
$this->result = $row->toArrray(); // Here you can get the table result of just one table or even merge all in one array if necessary
$this->result['group1'] = 1;
// and so on...
$this->result['group2'] = 1;
// ...
$this->result['group3'] = 1;
// Else you will set all to 0 and return a fail result
}
public function getResult()
{
return $this->result;
}
毕竟,您可以使用Zend_Acl来控制您的视图和其他操作.由于您将在Zend Auth Storage中拥有这些标志,因此可以将than用作角色:
After all you can use Zend_Acl to take control over your views and other actions. Since you will have the flags in the Zend Auth Storage, you can use than as roles:
$this->addRole(new Zend_Acl_Role($row['group1']));
以下是一些资源:
http://framework.zend.com/manual/en/zend.auth.introduction.html
http://zendguru.wordpress. com/2008/11/06/zend-framework-auth-with-examples/
http://alex-tech -adventures.com/development/zend-framework/61-zendauth-and-zendform.html
这篇关于Zend_Auth:允许用户登录到多个表/身份的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
