Authentication backend, responsible for validating user/password pairs and mapping them to a given user as well as the "sessioning" part, e.g.

the transition of the authentication credentials over several requests.

All functions except authenticate() must be implemented, see their individual documentation about what exactly they should do.

Configuration, if necessary, should be done using the MidCOM configuration system, prefixing all values with 'auth_backend_$name_', e.g. 'auth_backend_cookie_timeout'.

package midcom.services

 Methods

__construct ($auth)

The constructor should do only basic initialization.

Parameters

$auth

authenticate ()

This function checks the given username / password pair is valid and sets the $user member accordingly.

The default implementation checks against midcom_connection::login().

Normally you should not need to override this function.

Returns

booleanIndicating successful authentication.

logout ()

The logout function should delete the currently active login session, which has been loaded by a previous call to read_login_session.

You should throw midcom_error if anything goes wrong here.

 Properties

 

mixed $auth

 

string $session_id

The ID of the session we are currently using, usable as an authentication token in the login session manager.
 

\midcom_core_user $user

This variable holds the user that has been successfully authenticated by the class, it is considered to be read-only.