Snippets
Create an account or login to be able to add, comment and rate snippets.

Navigation

Refine Tags

Snippets tagged "authenticate" Snippets tagged "authenticate"

Using HTTP authentification with sfGuardPlugin

Here is how I did this... Create a sfGuardAuth module in your application and edit the actions.class.php file as follow.

The trick is to not try to overwrite the sfGuardAuth/signin action, as it use validation. As well it allow you to use the "normal" signin way (form and etc).

require_once(sfConfig::get('sf_plugins_dir').'/sfGuardPlugin/modules/sfGuardAuth/lib/BasesfGuardAuthActions.class.php');
 
class sfGuardAuthActions extends BasesfGuardAuthActions
{
  public function executeHTTPSignin()
  {
    // get somme interesting stuff!
    $request = $this->getRequest();
    $response = $this->getResponse();
    $user = $this->getUser();
 
    // An HTTP authenticated user cannot logout (browser always send authentification datas)
    // So we must be sure that the user has seen the HTTP authentification box before
    if ( $user->getAttribute('request_authentification') )
    {
      // If authentification datas has been sent
      if ( isset( $_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW'] ) )
      {
        // If correct username given
        $guarduser = sfGuardUserPeer::retrieveByUserName( $_SERVER['PHP_AUTH_USER'] );
        if ( $guarduser instanceof sfGuardUser )
        {
          // If correct Password given
          if ( ($guarduser instanceof sfGuardUser) and ($guarduser->checkpassword( $_SERVER['PHP_AUTH_PW'] )) )
          {
            // we can signin the user and redirect it
            $user->signin( $guarduser );
            $user->setAttribute('request_authentification',false);
            $this->redirect( sfConfig::get('app_sf_guard_plugin_success_signin_url','@homepage') );
            throw new sfStopException;
          }
        }
      }
    }
 
    // else, popup the authentification box
    $user->setAttribute('request_authentification',true);
    $response->setHttpHeader( 'WWW-Authenticate', 'Basic realm="Identification"' );
    $response->setHttpHeader( 'HTTP/1.0', '401 Unauthorized' );
 
    // This will be displayed if the user cancel the authentification process
    $this->forward( 'sfGuardAuth', 'password' );
    throw new sfStopException;
  }
 
  public function executePasswowd()
  {
    # Implement this action as usual...
  }
}
 

Enjoy... (I hope)

by jugjug on 2008-03-03, tagged authenticate  http  sfguard