SolarPHP Basic User Authentication Example

Submitted by CoolGoose on

Here's another short tutorial for solar php in which I'm going to try to explain how to achieve a simple authentication system in SolarPHP.

User Roles and ACL's will follow in another tutorial.

Let's get started:
I'm using the SQL adapter for the authentication system. I'm assuming you're already have the config file setup for connecting to the sql server.

The config file is as follows:

// Specify our authentication adapter
$config['Solar_Auth']['adapter']= 'Solar_Auth_Adapter_Sql';

// authentication adapter information
$config['Solar_Auth_Adapter_Sql'] = array(
'table' => 'users',
'uid_col' => 'id',
'email_col' => 'email',
'passwd_col'=> 'password',
'handle_col'=> 'username',
'source_handle' => 'username',
'source_passwd' => 'password',
'process_login' => 'login',
'process_logout'=> 'logout',
);

$config['Solar']['registry_set']['user'] = 'Solar_User';

The code is mostly self-explanatory with the following clarification:
source_handle and source_passwd represent the post keys on which the authentication happens.
The process_login represents the type of process sent by the form, based on which the authentication happens.

Also, notice the last line that sets the Solar_User meta class in our registry. Solar_User is a wrapper for the auth / role / access classes.


class Webland_App_User extends Webland_Controller_Page
{
/**
*
* The default action when no action is specified.
*
* @var string
*
*/
protected $_action_default = 'login';

protected $_model;
protected $_user;

public $form;

protected function _setup()
{
parent::_setup();
$this->_user = Solar_Registry::get('user');
}

/**
*
* Generic login action.
*
* @return void
*
*/
public function actionLogin()
{
//check to see if the user is authenticated, if so redirect him somewhere
if ($this->_user->auth->isValid()) {
$uri = "/{$this->_controller}/details";
$this->_redirectNoCache($uri);
}

$this->form = Solar::factory('Solar_Form');

$this->form->setElements(array(
'username' => array(
'type' => 'text',
'label' => 'LABEL_LOGIN_FORM_USERNAME',
'require'=> true,
'valid' => array(
array('notBlank','Please enter a username!'),
),
),
'password' => array(
'type' => 'password',
'label' => 'LABEL_LOGIN_FORM_PASSWORD',
'require'=> true,
'valid' => array(
array('notBlank','Please enter a password!'),
),
),
));

// did the user click the save button?
if ($this->_isProcess('login')) {
$this->_user->auth->processLogin();
$this->form->populate();

if ($this->form->validate() && $this->_user->auth->isValid()) {
print 'login valid';
} else {
print 'login invalid';
}
}
}

public function actionLogout()
{
$this->_view = null;
$this->_user->auth->processLogout();
$uri = "/{$this->_controller}/login";
$this->_redirectNoCache($uri);
}
}


Login Form
<?php
echo $this->form()
->auto($this->form)
->addProcess('login')
->fetch();
?>

We're loading the Solar_User from the registry and setting it to the $_user variable in the _setup() method.

actionLogin is pretty straightforward as well:
- we're checking to see if the user is already logged in using the isValid() function, and if so redirecting him to another action
- we're creating a login form loading the Solar_Form using the factory
- the process for the login form is set in the view (i'm open for cleaner solutions)
- we're checking to see if the process request is login, if so we're calling the processLogin() function to start the authentication check.
- if the form is valid (no missing required fields) and the isValid function returns true (because the user is logged in now) we're displaying a login valid message (or better yet, we should redirect him somewhere).
- else we're displaying login invalid and the "magic" behind the scenes notifies the user about the required fields.

For suggestions for improvements use the comments box below :).

Technology: 

Add new comment