NEW Support for other authenticators
I've added the ability to add other authenticators to the RestfulServer Use the config system to change the authenticator option and it'll call 'authenticate' on that class. I've assumed that one won't need any parameters sent to that and everything can be taken from `Controller::curr()->request` This relies on the default authenticator being able to accept the standard email/password identifiers. I imagine anyone using a default authenticator to that will go to the trouble of adding a RestfulServer authenticator too.
This commit is contained in:
Daniel Hensby
parent
9ea7097acc
commit
687fac83f7
|
|
@ -0,0 +1,39 @@
|
|||
<?php
|
||||
|
||||
/**
|
||||
* A simple authenticator for the Restful server.
|
||||
*
|
||||
* This allows users to be authenticated against that RestfulServer using their
|
||||
* login details, however they will be passed 'in the open' and will require the
|
||||
* application accessing the RestfulServer to store logins in plain text (or in
|
||||
* decrytable form)
|
||||
*/
|
||||
class BasicRestfulAuthenticator {
|
||||
|
||||
/**
|
||||
* The authenticate function
|
||||
*
|
||||
* Takes the basic auth details and attempts to log a user in from the DB
|
||||
*
|
||||
* @return Member|false The Member object, or false if no member
|
||||
*/
|
||||
public static function authenticate() {
|
||||
//if there is no username or password, break
|
||||
if(!isset($_SERVER['PHP_AUTH_USER']) || !isset($_SERVER['PHP_AUTH_PW'])) return false;
|
||||
|
||||
//Attempt to authenticate with the default authenticator for the site
|
||||
$authClass = Authenticator::get_default_authenticator();
|
||||
$member = $authClass::authenticate(array(
|
||||
'Email' => $_SERVER['PHP_AUTH_USER'],
|
||||
'Password' => $_SERVER['PHP_AUTH_PW'],
|
||||
));
|
||||
|
||||
//Log the member in and return the member, if they were found
|
||||
if($member) {
|
||||
$member->LogIn(false);
|
||||
return $member;
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
}
|
||||
|
|
@ -10,7 +10,6 @@
|
|||
* but not their relation with each other)
|
||||
* @todo Make SearchContext specification customizeable for each class
|
||||
* @todo Allow for range-searches (e.g. on Created column)
|
||||
* @todo Allow other authentication methods (currently only HTTP BasicAuth)
|
||||
* @todo Filter relation listings by $api_access and canView() permissions
|
||||
* @todo Exclude relations when "fields" are specified through URL (they should be explicitly
|
||||
* requested in this case)
|
||||
|
|
@ -36,6 +35,8 @@ class RestfulServer extends Controller {
|
|||
|
||||
protected static $api_base = "api/v1/";
|
||||
|
||||
protected static $authenticator = 'BasicRestfulAuthenticator';
|
||||
|
||||
/**
|
||||
* If no extension is given in the request, resolve to this extension
|
||||
* (and subsequently the {@link self::$default_mimetype}.
|
||||
|
|
@ -57,7 +58,7 @@ class RestfulServer extends Controller {
|
|||
*/
|
||||
protected $member;
|
||||
|
||||
static $allowed_actions = array(
|
||||
public static $allowed_actions = array(
|
||||
'index'
|
||||
);
|
||||
|
||||
|
|
@ -540,21 +541,14 @@ class RestfulServer extends Controller {
|
|||
return "Unsupported Media Type";
|
||||
}
|
||||
|
||||
/**
|
||||
* A function to authenticate a user
|
||||
*
|
||||
* @return Member|false the logged in member
|
||||
*/
|
||||
protected function authenticate() {
|
||||
if(!isset($_SERVER['PHP_AUTH_USER']) || !isset($_SERVER['PHP_AUTH_PW'])) return false;
|
||||
|
||||
if($member = Member::currentUser()) return $member;
|
||||
$member = MemberAuthenticator::authenticate(array(
|
||||
'Email' => $_SERVER['PHP_AUTH_USER'],
|
||||
'Password' => $_SERVER['PHP_AUTH_PW'],
|
||||
), null);
|
||||
|
||||
if($member) {
|
||||
$member->LogIn(false);
|
||||
return $member;
|
||||
} else {
|
||||
return false;
|
||||
}
|
||||
$authClass = self::config()->authenticator;
|
||||
return $authClass::authenticate();
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
|||
Loading…
Reference in New Issue