我最近开始使用Zend Framework,我仍然习惯于session_start,并将变量分配给某些会话名称(即:$ _SESSION ['username'] == $ username)
我正试图弄清楚如何在Zend中做类似的事情。现在,我的auth脚本使用LDAP针对我的AD服务器检查凭据,如果成功,则对用户进行身份验证。
我想创建一个脚本,允许管理员用户轻松“输入”其他人的会话。假设admin1有一个活动会话,并希望切换到user1的会话。通常我只会更改$ _SESSION ['username']变量并有效地更改登录用户的身份。
但是对于Zend,我不太确定如何更改会话信息。对于它的价值,这是我的验证脚本:
class LoginController extends Zend_Controller_Action
{
public function getForm()
{
return new LoginForm(array(
'action' => '/login/process',
'method' => 'post',
));
}
public function getAuthAdapter(array $params)
{
$username = $params['username'];
$password = $params['password'];
$auth = Zend_Auth::getInstance();
require_once 'Zend/Config/Ini.php';
$config = new Zend_Config_Ini('../application/configs/application.ini', 'production');
$log_path = $config->ldap->log_path;
$options = $config->ldap->toArray();
unset($options['log_path']);
require_once 'Zend/Auth/Adapter/Ldap.php';
$adapter = new Zend_Auth_Adapter_Ldap($options, $username, $password);
$result = $auth->authenticate($adapter);
if ($log_path) {
$messages = $result->getMessages();
require_once 'Zend/Log.php';
require_once 'Zend/Log/Writer/Stream.php';
require_once 'Zend/Log/Filter/Priority.php';
$logger = new Zend_Log();
$logger->addWriter(new Zend_Log_Writer_Stream($log_path));
$filter = new Zend_Log_Filter_Priority(Zend_Log::DEBUG);
$logger->addFilter($filter);
foreach ($messages as $i => $message) {
if ($i-- > 1) { // $messages[2] and up are log messages
$message = str_replace("\n", "\n ", $message);
$logger->log("Ldap: $i: $message", Zend_Log::DEBUG);
}
}
}
return $adapter;
}
public function preDispatch()
{
if (Zend_Auth::getInstance()->hasIdentity()) {
// If the user is logged in, we don't want to show the login form;
// however, the logout action should still be available
if ('logout' != $this->getRequest()->getActionName()) {
$this->_helper->redirector('index', 'index');
}
} else {
// If they aren't, they can't logout, so that action should
// redirect to the login form
if ('logout' == $this->getRequest()->getActionName()) {
$this->_helper->redirector('index');
}
}
}
public function indexAction()
{
$this->view->form = $this->getForm();
}
public function processAction()
{
$request = $this->getRequest();
// Check if we have a POST request
if (!$request->isPost()) {
return $this->_helper->redirector('index');
}
// Get our form and validate it
$form = $this->getForm();
if (!$form->isValid($request->getPost())) {
// Invalid entries
$this->view->form = $form;
return $this->render('index'); // re-render the login form
}
// Get our authentication adapter and check credentials
$adapter = $this->getAuthAdapter($form->getValues());
$auth = Zend_Auth::getInstance();
$result = $auth->authenticate($adapter);
if (!$result->isValid()) {
// Invalid credentials
$form->setDescription('Invalid credentials provided');
$this->view->form = $form;
return $this->render('index'); // re-render the login form
}
// We're authenticated! Redirect to the home page
$this->_helper->redirector('index', 'index');
}
public function logoutAction()
{
Zend_Auth::getInstance()->clearIdentity();
$this->_helper->redirector('index'); // back to login page
}
}
有没有办法做我描述的事情?谢谢你的任何建议。
答案 0 :(得分:2)
鉴于您的代码,身份验证的结果通过Zend_Auth_Storage_Session对象存储在PHP会话中。
调用Zend_Auth::getIdentity()可以访问存储并返回结果(如果它不为空)。同样,您可以通过访问底层存储并更改其值来更改存储的标识。通过Zend_Auth_Adapter_Ldap进行身份验证而存储的实际身份只是表示LDAP用户名的字符串值。
要有效更改登录用户,您可以执行以下操作:
Zend_Auth::getInstance()->getStorage()->write('newUserName');
这假定在给定代码的情况下应该采用默认行为。
在成功进行身份验证后,我在应用程序中执行的操作是创建某个User模型的新对象,并将其写入Zend_Auth会话,以便我可以获得有关每个会话中可用用户的更多信息,因此您应该知道根据应用的不同,存储中可能存在不同的内容。
这就是我所做的例子:
$auth = new Zend_Auth(...);
$authResult = $auth->authenticate();
if ($authResult->isValid() == true) {
$userobj = new Application_Model_UserSession();
// populate $userobj with much information about the user
$auth->getStorage()->write($userobj);
}
现在我的应用程序中的任何地方都调用Zend_Auth::getInstance()->getIdentity()我返回Application_Model_UserSession对象而不是字符串;但我离题了。
应该对您有所帮助的信息是:
$user = Zend_Auth::getInstance()->getIdentity(); // reads from auth->getStorage()
Zend_Auth::getInstance()->getStorage()->write($newUser);