Zend session and zend auth
-
19-04-2021 - |
Question
I have made a login system through zend auth here is the code
// userAuthentication
public function authAction(){
$request = $this->getRequest();
$registry = Zend_Registry::getInstance();
$auth = Zend_Auth::getInstance();
$DB = $registry['DB'];
$authAdapter = new Zend_Auth_Adapter_DbTable($DB);
$authAdapter->setTableName('user')
->setIdentityColumn('user_name')
->setCredentialColumn('user_password');
$username = $request->getParam('username');
$password = $request->getParam('password');
$authAdapter->setIdentity($username);
$authAdapter->setCredential($password);
$result = $auth->authenticate($authAdapter);
if($result->isValid()){
$data = $authAdapter->getResultRowObject(null,'password');
$auth->getStorage()->write($data);
$this->_redirect('/login/controlpannel');
}else{
$this->_redirect('/login/login');
}
}
This work fine now. There is user_id (column) in user (table) where there are username and password too. I need to get that specific user_id from this table which just login and put it in session through
$user_session = new Zend_Session_Namespace('user_session');
$user_session->username = $username;
$user_id->user_id = $user_id;
so that I can query some info against this $user_id and pass the result into view (name) controlpanel
Solution
Get user id from storage :
$userInfo = Zend_Auth::getInstance()->getStorage()->read();
echo $userInfo->user_id;
OTHER TIPS
While this was already answered, I tend to use the getIdentity()
function more frequently than the getStorage()->read()
chain. Examples below.
// to check if authenticated
Zend_Auth::getInstance()->hasIdentity();
// to actually get the details from storage
Zend_Auth::getInstance()->getIdentity()->user_id;
// if I need to use the identity over and over
$identity = Zend_Auth::getInstance()->getIdentity();
$userId = $identity->user_id;
You can access the data the way Teez suggest or just pull it from Zend_Session_Namespace.
15.1.3.1. Default Persistence in the PHP Session
By default, Zend_Auth provides persistent storage of the identity from a successful authentication attempt using the PHP session. Upon a successful authentication attempt, Zend_Auth::authenticate() stores the identity from the authentication result into persistent storage. Unless configured otherwise, Zend_Auth uses a storage class named Zend_Auth_Storage_Session, which, in turn, uses Zend_Session. A custom class may instead be used by providing an object that implements Zend_Auth_Storage_Interface to Zend_Auth::setStorage().Zend_Auth_Storage_Session uses a session namespace of 'Zend_Auth'. This namespace may be overridden by passing a different value to the constructor of Zend_Auth_Storage_Session, and this value is internally passed along to the constructor of Zend_Session_Namespace. This should occur before authentication is attempted, since Zend_Auth::authenticate() performs the automatic storage of the identity.
assigning an array to a session, you must provide a name to the session you area creating, i.e. you must do setStorage before you do getStorage.
you must write your code like this:
// userAuthentication
public function authAction(){
$request = $this->getRequest();
$registry = Zend_Registry::getInstance();
$auth = Zend_Auth::getInstance();
$DB = $registry['DB'];
$authAdapter = new Zend_Auth_Adapter_DbTable($DB);
$authAdapter->setTableName('user')
->setIdentityColumn('user_name')
->setCredentialColumn('user_password');
$username = $request->getParam('username');
$password = $request->getParam('password');
$authAdapter->setIdentity($username);
$authAdapter->setCredential($password);
$authAdapter->setStorage(new Zend_Auth_Storage_Session('User_Auth'));
$result = $auth->authenticate($authAdapter);
if($result->isValid()){
$data = $authAdapter->getResultRowObject(null,'password');
$auth->getStorage()->write($data);
$this->_redirect('/login/controlpannel');
}else{
$this->_redirect('/login/login');
}
}
and then to get your storage value, you must use this:
$x = new Zend_Auth_Storage_Session('User_Auth');
$y = $x->read();
and you get everything in $y as an object.
Enjoy!
This is my approach and it s working nice: 1-i start by defining an init function in the bootstrap
protected function _initSession()
{
$UserSession = new Zend_Session_Namespace('UserSession');
$UserSession->setExpirationSeconds(/* you may fix a limit */);
Zend_Registry::set('UserSession', $UserSession);
}
/* in the Login action,after correct username & pwd */
// Create session
$UserSession = Zend_Registry::get('UserSession');
// Get the user from database
$db = Zend_Db_Table::getDefaultAdapter();
$user = $db->fetchRow("SELECT * FROM user_table WHERE user_email = '".$user_email."'");
//then you assign to $user to $UserSession variable :
$UserSession->user = $user;
//finaly don't forget to unset session variable in the Logout action ...