Zend_Auth Version Identification

Question

Zend_Auth Version Identification

The situation arises: I store some structured data (for example, an array or object or even a string) as the identifier Zend_Auth. From version to version, it was possible to change the structure of the identifier, so an identifier from one version could (or could not) be compatible with the application code of another version.

I would like to be able to check whether the stored credentials match the current version requirements.

As I see from the manual, checking if an identifier exists is done like this:

$auth = Zend_Auth::getInstance();
if ($auth->hasIdentity()) {
    // Identity exists; get it
    $identity = $auth->getIdentity();
}

But there is no way to connect to the method hasIdentity()or elsewhere to perform the check.

The only way to do this is to implement your own class Zend_Auth_Storage_Interface, which will use some other repository as an implementation and perform validation of the stored data.

Is there a better solution?

+2

php versioning zend-framework zend-auth

Sergei Morozov Mar 12 '11 at 12:43

source share

2 answers

, , , - .

$auth = Zend_Auth::getInstance();
if ($auth->hasIdentity()) {
    // Identity exists - validate if it valid

    $identity = $auth->getIdentity();
    if (!HelperClass::validateIdentity($identity)) { //you validation method
         /* User has stored identity from previous version. 
          * It may miss some important info (like a role value
          * you added recently). Clear it and require re-login. */
         $auth->clearIdentity();
         $this->_helper->flashMessenger('Please login ...');
         $this->_helper->redirector('login');
    }
    // identity is valid
    $acl = Acl::factory(); //get acl object somehow
    if (!$acl->isAllowed($module.$controller.$action, $identity->role)) {
         throw new AccessDeniedException();
    }
    // else nothing -> user has valid session data and is allowed to access the resource. 
}

0

Tomáš Fejfar 12 . '11 15:42

Boris Guéry · Accepted Answer · 2011-03-12T13:14:36+0000

I am not entirely sure about the understanding, but it seems that you do not understand the difference between authorization and authentication.

Zend_Auth is about authentication, so you should not use Zend_Auth to handle authorization, but Zend_Acl.

, (, ), getResultRowObject($returnColumns, $ommitColumns);.

" " .

Zend_Auth_Storage_Interface , , , , .

Zend_Acl , ( ), ( ), ( )

.. Zend_Acl, //, .
, , , , , , .. *

Zend_Auth Version Identification

More articles: