<?php/** * @author Sebastian Sauer <info@dynpages.de> * @copyright Sebas

1. <?php
2.  
3. /**
4. * @author Sebastian Sauer <info@dynpages.de>
5. * @copyright Sebastian Sauer 2009/2010
6. * @license library/LICENSE New BSD License
7. * @package auth
8. * @version 1.9
9. */
10.  
11. abstract class ExtZend_Auth_Abstract {
12.  
13. protected $_request;
14.  
15. /**
16. * database table name
17. * @var string
18. */
19. protected $_authTable = "";
20.  
21. /**
22. * database table userfield field name
23. * @var string
24. */
25. protected $_userField = "";
26.  
27. /**
28. * database table password field name
29. * @var string
30. */
31. protected $_passwordField = "";
32.  
33. /**
34. * database table password salt field name
35. * @var string
36. */
37. protected $_passwordSaltField = "password_salt";
38.  
39. /**
40. * cache auth adapter object for child classes
41. * @var object Zend_Auth_Adapter_DbTable
42. */
43. private $_authAdapter = null;
44.  
45. const storageModuleAppendix = "AuthStorage";
46. /**
47. * login user
48. */
49. public function identify() {
50. $request = $this->_request;
51. $post = $request->getPost();
52. $username = $this->_filterUsername($post['username']);
53. $password = $post['password'];
54. if(empty($username) || empty($password)) {
55. return;
56. }
57. $this->_doAuth($username, $password);
58. }
59.  
60. abstract public function getRole();
61.  
62. /**
63. * @param object Zend_Controller_Request_Abstract $request
64. */
65. public function __construct(
66. Zend_Controller_Request_Abstract $request
67. ) {
68. $this->_request = $request;
69. $auth = Zend_Auth::getInstance();
70. $module = (null === $request->getModuleName())
71. ? 'default'
72. : $request->getModuleName();
73. $namespace = $module . self::storageModuleAppendix;
74. $auth->setStorage(new Zend_Auth_Storage_Session($namespace));
75. }
76.  
77. /**
78. * getter for auth adapter object
79. *
80. * @return object Zend_Auth_Adapter_DbTable
81. *
82. * Initialisiere Authentifizierungsadapter
83. * gesaltet! bootstrapping beachten
84. * Führe Authentifizierung durch
85. */
86. protected function _getAuthAdapter () {
87. if(null === $this->_authAdapter) {
88. $authAdapter = $this->_authAdapter = new Zend_Auth_Adapter_DbTable(
89. Zend_Registry::get('Zend_Db'),
90. $this->_authTable,
91. $this->_userField,
92. $this->_passwordField,
93. "MD5(
94. CONCAT('"
95. . Zend_Registry::get('staticSalt')
96. . "', password_salt, ?
97. )
98. )"
99. );
100. }
101. return $this->_authAdapter;
102. }
103.  
104. /**
105. * filters Username
106. * @see Zend_Filter_Alnum
107. * @param string $username
108. */
109. protected function _filterUsername ($username) {
110. $filter = new Zend_Filter_Alnum(true);
111. return $filter->filter($username);
112. }
113.  
114. public function logout() {
115. Zend_Auth::getInstance()->clearIdentity();
116. unset($_SESSION);
117. // tweak the garbage collector
118. $_SESSION = null;
119. }
120.  
121. /**
122. * check if username / password combination exists in database
123. * sets storage data if auth is valid
124. * @return bool
125. */
126. protected function _doAuth($username, $password) {
127. $authAdapter = $this->_getAuthAdapter();
128. // Übergebe Daten an Adapter
129. $authAdapter->setIdentity($username);
130. $authAdapter->setCredential($password);
131. $result = Zend_Auth::getInstance()->authenticate($authAdapter);
132. if($result->isValid()) {
133. $authData = $authAdapter->getResultRowObject();
134. unset(
135. $authData->{$this->_passwordField},
136. $authData->{$this->_passwordSaltField}
137. );
138. Zend_Auth::getInstance()->getStorage()->write
139. (
140. $authData
141. );
142. }
143. return $result->isValid();
144. }
145. }