DStruct PHP Framework
Back to top  

Acts as a central Authorisation and permissions system for the script.

Some theory: 'Applications' are not directly supported as they are taken to mean separate domains.
Areas track users having authenticated in different 'log in pages' within the same domain, e.g. an Administrators area and a Members area and prevents users with valid credentials in one area moving to a different area and having the same 'AuthID' as someone in the second area, therefore gaining access.
AuthContainers are classes capable of authenticating a user (they should implement AuthContainerInterface). They also need to be added to the database so that they can be linked to Groups. The system can handle multiple AuthContainers.

package dstruct_auth

 Methods

Class constructor Silently starts a session and checks to see whether the session has made a valid authentication for the given area.

__construct(string $areaname) 

If it has then isAuthenticated() will return true.

Parameters

$areaname

string

Area that this Auth object will pertain to

Returns the ID of the active container, or false if no active container.

authID() : string | false

Returns

stringfalse

Returns name of the active container class or false if no active container.

authName() : string | false

Returns

stringfalse

Authenticate a user within a given area.

authenticate(string $username, string $password, string $areaname) : boolean

Calls authenticate() method of each AuthContainer until it finds a match. To authenticate, a user within the AuthContainers collection must have a valid username and password and belong to at least one group.

Parameters

$username

string

The username of the client to authenticate

$password

string

$areaname

string

The area that the client is to be authenticated within

Returns

booleanTrue on success, False on failure

Returns the active container object or false if no active container.

getActiveAuth() : object | false

Returns

objectfalse

Get the user object.

getUser(string $container, string $id) : boolean

Parameters

$container

string

$id

string

Returns

boolean

Test whether the authenticated user has a right.

hasRight(string $rightname) : boolean

All rights are strings e.g. edit_gallery If a user has the right to 'edit the gallery' then true would be returned, otherwise false.

Parameters

$rightname

string

Returns

boolean

Is the user authenticated.

isAuthenticated() : boolean

Authentication is stored in $_SESSION and is then validated against the AuthContainers and the Area to stop a user crossing over from one area to another by being authenticated on the first area but not the second.

Returns

boolean

Unsets the session and logs the user out.

logOut() 

Returns the array of current permissions.

permissions() : array

Returns

array

Does a username exist in any of the authcontainers?

usernameExists(string $username) : boolean

Parameters

$username

string

Returns

boolean

Load the current permissions into the object.

loadPermissions() 

 Properties

 

$activecontainer : null | object
 

$areaname : string
 

$authcontainers : array
 

$isauthenticated : boolean
 

$permissions : array
 

$permissionsloaded : boolean