Authentication with a custom adapter

In this example, we implement a simple authentication with a custom adapter. The user names and passwords are stored inside. And we use the default persistence mechanism.

Components used in this example

• Zend_Auth
• Zend_Auth_Adapter_Interface
• Zend_Auth_Result

---

MyAuthAdapter MyAuthentication MyHtml Entry point HTML | Try it | View source code

Implementation of the authentication adapter

• User names and passwords are hard coded for the purpose of this example.

class MyAuthAdapter implements Zend_Auth_Adapter_Interface
{
    // User names and passwords are hard coded for the purpose of this example.
    private $_userPasswords = array('john' => '123', 'jane' => '456');
    private $_username;
    private $_password;

Construction of the adapter

• The user name and password are passed to the adapter.

    public function __construct($username, $password)
    {
        // The user name and password are passed to the adapter.
        $this->_username = $username;
        $this->_password = $password;
    }

Authentication of the user

• We check if the user exists. We prepare the error message if not.
• We check if the password is valid. We prepare the error message if not.
• We mark the result as successful if the user name and password are valid.
• We return the authentication result.

    public function authenticate()
    {
        if (!isset($this->_userPasswords[$this->_username])) {
            // We check if the user exists. We prepare the error message if not.
            $result = new Zend_Auth_Result(
                Zend_Auth_Result::FAILURE_IDENTITY_NOT_FOUND,
                $this->_username,
                array('Unknown user!'));
        } else if ($this->_userPasswords[$this->_username] != $this->_password) {
            // We check if the password is valid. We prepare the error message if not.
            $result =  new Zend_Auth_Result(
                Zend_Auth_Result::FAILURE_CREDENTIAL_INVALID,
                $this->_username,
                array('Bad password!'));
        } else {
            // We mark the result as successful if the user name and password are valid.
            $result =  new Zend_Auth_Result(
                Zend_Auth_Result::SUCCESS,
                $this->_username);
        }

        // We return the authentication result.
        return $result;
    }

}

Implementation of the authentication

class MyAuthentication
{

The authentication process

• We get the user name and password from the GET request. Or we get the request to sign out.
• We instantiate the authentication object.
• If the user requested to sign out, we erase the identity of the user.
• If the user is already authenticated, we return the identity of the user.
• Or we attempt to authenticate the user. We return a message stating if the user was identified successfully or not.

    public function process()
    {
        // We get the user name and password from the GET request.
        // Or we get the request to sign out.
        list($username, $password, $clear) = $this->_getParameters();
        // We instantiate the authentication object.
        $auth = Zend_Auth::getInstance();

        if ($clear) {
            // If the user requested to sign out, we erase the identity of the user.
            $auth->clearIdentity();
            $message = 'The identity is cleared';
        } else if ($auth->hasIdentity()) {
            // If the user is already authenticated, we return the identity of the user.
            $identity = $auth->getIdentity();
            $message = "$username is already authenticated and identified as $identity!";
        } else if ($username) {
            // Or we attempt to authenticate the user.
            // We return a message stating if the user was identified successfully or not.
            $message = $this->_authenticate($username, $password);
        } else {
            $message = '';
        }

        return array($username, $password, $message);
    }

Extraction of the parameters from the GET request

    private function _getParameters()
    {
        $username = isset($_GET['username'])? $_GET['username'] : '';
        $password = isset($_GET['password'])? $_GET['password'] : '';
        $clear = !empty($_GET['clear']);

        return array($username, $password, $clear);
    }

Authentication of the user

• We instantiate the authentication adapter by passing the user name and password.
• We instantiate the authentication object.
• We attempt to authenticate the user.
• If the user is authenticated, we return the identity of the user. The identity of the user is stored in the session by default.
• If the authentication failed, we return an error message.

    private function _authenticate($username, $password)
    {
        // We instantiate the authentication adapter by passing the user name and password.
        $authAdapter = new MyAuthAdapter($username, $password);
        // We instantiate the authentication object.
        $auth = Zend_Auth::getInstance();
        // We attempt to authenticate the user.
        $result = $auth->authenticate($authAdapter);

        if ($result->isValid()) {
            // If the user is authenticated, we return the identity of the user.
            // The identity of the user is stored in the session by default.
            $identity = $result->getIdentity();
            $message = "$identity is now authenticated!";
        } else if ($username) {
            // If the authentication failed, we return an error message.
            $message = $result->getMessages();
        }

        return $message;
    }

}

Displaying items

class MyHtml
{

Displaying the title of the page based on the file name.

    public static function printTitle()
    {
        $basename = basename(__FILE__, '.php');
        $title = ucwords(str_replace('-' , ' ', $basename));
        $zfVersion = Zend_Version::VERSION;
        $phpVersion = phpversion();
        echo "ZfEx $title (ZF/$zfVersion PHP/$phpVersion)";
    }

Displaying a string or an array

• If the data is an array, we convert the array into a set of lines.
• We converts special characters into HTML entities.
• We convert new-line characters into line breaks.

    public static function display($mixed)
    {
        // If the data is an array, we convert the array into a set of lines.
        is_array($mixed) and $mixed = implode("\n", $mixed);
        $mixed = stripslashes($mixed);
        // We converts special characters into HTML entities.
        $mixed = htmlspecialchars($mixed, ENT_QUOTES, 'UTF-8');
        // We convert new-line characters into line breaks.
        echo nl2br($mixed);
    }

}

Processing the authentication

• We get the user name, the password and the authentication result, to display in the form.

$auth = new MyAuthentication;
// We get the user name, the password and the authentication result, to display in the form.
list($username, $password, $message) = $auth->process();

<html xmlns="http://www.w3.org/1999/xhtml">
  <head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
    <title><?php MyHtml::printTitle();?></title>
    <style type="text/css">
      body {
          font-family: arial, sans-serif;
          font-size: 0.9em;
      }
    </style>
  </head>

  <body>

    <p>EXAMPLE <?php MyHtml::printTitle();?></p>
    <hr />

    <form>
      Name:
      <input type="text" name="username"
             value="<?php MyHtml::display($username);?>" />
      Password:
      <input type="text" name="password"
             value="<?php MyHtml::display($password);?>" />
      <input type="submit" value="Sign In" />
    </form>

    <a href="?clear=1">Sign Out (Clear the user identity)</a>

    <br /> <br />
    (The authentication is only valid for users john and jane
    with respective passwords 123 and 456.)

    <br /> <br />
    <hr />
    AUTHENTICATION RESULT
    <br /> <br />
    <?php echo MyHtml::display($message);?>

  </body>
</html>