\midcom_services_auth_backend

Authentication backend, responsible for validating user/password pairs and mapping them to a given user as well as the "sessioning" part, e.g. the transition of the authentication credentials over several requests.

Configuration, if necessary, should be done using the MidCOM configuration system, prefixing all values with 'authbackend$name_', e.g. 'auth_backend_cookie_timeout'.

Summary

Methods
Properties
Constants
__construct()
read_session()
create_session()
delete_session()
update_session()
check_for_active_login_session()
authenticate()
login()
logout()
No public properties found
No constants found
No protected methods found
$auth
N/A
check_timestamp()
No private properties found
N/A

Properties

Methods

__construct()

__construct(\midcom_services_auth  $auth) 

The constructor should do only basic initialization.

Parameters

\midcom_services_auth $auth

Main authentication instance

read_session()

read_session(\Symfony\Component\HttpFoundation\Request  $request) : boolean|array

This function, always called first in the order of execution, should check whether we have a usable login session. It has to use the login session management system to load a login session. At the end of the successful execution of this function, you have to populate the $session and $user members accordingly.

Parameters

\Symfony\Component\HttpFoundation\Request $request

Returns

boolean|array —

Return clientip, userid and timeout if the login session was successfully loaded, false otherwise.

create_session()

create_session(string  $clientip, \midcom_core_user  $user) : boolean

This is called immediately after a new login The authentication driver has to ensure that the login identifier stays available during subsequent requests.

Parameters

string $clientip
\midcom_core_user $user

Returns

boolean —

Indicating success

delete_session()

delete_session() 

This should delete the currently active login session, which has been loaded by a previous call to read_session or created during create_session.

You should throw midcom_error if anything goes wrong here.

update_session()

update_session() 

Refresh the session's timestamp here

check_for_active_login_session()

check_for_active_login_session(\Symfony\Component\HttpFoundation\Request  $request) : boolean|\midcom_core_user

Checks for a running login session.

Parameters

\Symfony\Component\HttpFoundation\Request $request

Returns

boolean|\midcom_core_user

authenticate()

authenticate(string  $username, string  $password, boolean  $trusted = false) : boolean|\midcom_core_user

Does the actual Midgard authentication.

Parameters

string $username

The name of the user to authenticate.

string $password

The password of the user to authenticate.

boolean $trusted

Returns

boolean|\midcom_core_user

login()

login(string  $username, string  $password, string  $clientip = null, boolean  $trusted = false) : boolean|\midcom_core_user

Creates a login session using the given credentials. It assumes that no login has concluded earlier

Parameters

string $username

The name of the user to authenticate.

string $password

The password of the user to authenticate.

string $clientip

The client IP to which this session is assigned to. This defaults to the client IP reported by the web server

boolean $trusted

Do a trusted login

Returns

boolean|\midcom_core_user

logout()

logout(\midcom_core_user  $user) 

Deletes login information and session

Parameters

\midcom_core_user $user

check_timestamp()

check_timestamp(  $timestamp, \midcom_core_user  $user) 

Parameters

$timestamp
\midcom_core_user $user