\midcom_services_auth_frontend_form

Form-based authentication frontend. This one is rather simple, it just renders a two-field (username/password) form which is targeted at the current URL.

Summary

Methods
Properties
Constants
read_login_data()
show_login_page()
show_access_denied()
show_login_form()
No public properties found
No constants found
No protected methods found
No protected properties found
N/A
generate_http_response()
$auth_credentials_found
N/A

Properties

$auth_credentials_found

$auth_credentials_found : boolean

Flag, which is set to true if the system encountered any new login credentials during startup. If this is true, but no user is authenticated, login did fail.

Type

boolean

Methods

read_login_data()

read_login_data(\Symfony\Component\HttpFoundation\Request  $request) : Array

This call checks whether the two form fields we have created are present, if yes it reads and returns their values.

Parameters

\Symfony\Component\HttpFoundation\Request $request

The request we're reading from

Returns

Array —

A simple associative array with the two indexes 'username' and 'password' holding the information read by the driver or null if no information could be read.

show_login_page()

show_login_page() 

If the current style has an element called <i>midcom_services_auth_login_page</i> it will be shown instead. The local scope will contain the two variables $title and $login_warning. $title is the localized string 'login' from the main MidCOM L10n DB, login_warning is empty unless there was a failed authentication attempt, in which case it will have a localized warning message enclosed in a paragraph with the ID 'login_warning'.

show_access_denied()

show_access_denied(string  $message) 

This will display the error message and appends the login form below it if and only if the headers have not yet been sent.

The function will clear any existing output buffer, and the sent page will have the 403 - Forbidden HTTP Status. The login will relocate to the same URL, so it should be mostly transparent.

The login message shown depends on the current state:

  • If an authentication attempt was done but failed, an appropriated wrong user/password message is shown.
  • If the user is authenticated, a note that he might have to switch to a user with more privileges is shown.
  • Otherwise, no message is shown.

This function will exit() unconditionally.

If the style element midcom_services_auth_access_denied is defined, it will be shown instead of the default error page. The following variables will be available in the local scope:

$title contains the localized title of the page, based on the 'access denied' string ID of the main MidCOM L10n DB. $message will contain the notification what went wrong and $login_warning will notify the user of a failed login. The latter will either be empty or enclosed in a paragraph with the CSS ID 'login_warning'.

Parameters

string $message

The message to show to the user.

show_login_form()

show_login_form() 

This call renders a simple form without any formatting (that is to be done by the callee) that asks the user for his username and password.

If you want to replace the form by some custom style, you can define the style element midcom_services_auth_frontend_form. In that case you should look into the source of it to see exactly what is required. The output from the frontend is surrounded by a div tag whose CSS ID is set to 'midcom_login_form'.

generate_http_response()

generate_http_response()