So, there is problem - I have the order to write web-app on Kohana (no choice) and until yesterday I had no experience with this framework (only in Rails). But anyway I googled and created the authentification on site via net steps:
1: using standart SQL-code in Kohana I created tables for Auth.
2: tutn on ORM and Auth
3: create action login()
public function action_login()
{
$auth = Auth::instance();
if ($auth->logged_in())
{
return $this->request->redirect("welcome/view");
};
if ($_POST)
{
$user = ORM::factory("user");
$status = $auth->login($_POST["username"],$_POST["password"]);
if ($status)
{
$this->request->redirect("welcome/view");
}
else
{
echo "Failed to login";
}
};
$this->response->body(View::factory("login"));
}
But whatever I do I get echo "Failed to login";.
Is there any tools to define what's wrong happening ? Some logs ?
Or, may be, I do something wrong at common....
To answer your question: no there are no obvious tools to dig into Auth. You're best off going into modules/auth and look into the files and dump out information to Kohana::log or Kohana::debug to debug the errors.
I think the problem with your code is that in Kohana 3.2, $_POST is unset. You should use this instead:
$status = $auth->login($this->request->post("username"), $this->request->post("password"));
Should work after that.
Related
I am starting learning Ratchet (reactPHP) I am using laravel. But I came to a line about security.
How can I deny websocket connection based on user is logged in or not
public function onOpen(ConnectionInterface $conn)
{
$this->clients->attach($conn);
$this->users[$conn->resourceId] = $conn;
if(Auth::check()){
echo 'user logged in';
}else{
echo "New connection! ({$conn->resourceId})\n";
}
}
I used something like this but it passes the Auth::check and console always shows New Connection.
Ok Playing around found solution and it seems ok:
I am using Sentinel
$session = (new SessionManager(App::getInstance()))->driver();
$cookies = $conn->WebSocket->request->getCookies();
$laravelCookie = urldecode($cookies['timeline_auth']);
$idSession = Crypt::decrypt($laravelCookie);
$user = Sentinel::findByPersistenceCode($idSession);
If there is better solution please leave a comment
You cannot use Auth::user() anymore with WebSocket. The WebSocket server is handling multiple connections (so Auth::user() dosent have any sense). BUT you can access the user session.
more details here
https://laravel.io/forum/01-16-2015-loading-laravels-session-using-ratchet
Use laravel-ratchet package.
It will handle connection to auth conversion and laravel session for you.
I have successfully configured an ejabberd server with an extauth script (perl).
It is working correctly and only allowing users from my mysql DB.
But following features are not working anymore: roster management, adding users to rosters, authorization of users (for adding them to the roster)
With the internal auth it works. Both times ejabberd is configured to use the internal amnesia db.
Please help me figure out, why it is not working with extauth enabled. Do I have to write my own methods in the extauth script? (That I don't really want...)
So after doing some research on my problem, I think that switching to the external authentication will not support roster management.
What I ended up doing is swichting back to internal authentication and using mod_admin_extra to add users and update passwords with this php script:
<?php
class Jabber
{
public static function registerAndAddToSharedRoster($userId, $sessionToken)
{
$url = "http://localhost:5280/rest";
$register = "register $userId jabber.YOUR_DOMAIN.com $sessionToken";
sendRESTRequest($url, $register);
$sharedRoster = "srg_user_add $userId jabber.YOUR_DOMAIN.com shared jabber.YOUR_DOMAIN.com";
sendRESTRequest($url, $sharedRoster);
}
public static function updatePassword($userId, $newPassword)
{
$url = "http://localhost:5280/rest";
$register = "change_password $userId jabber.YOUR_DOMAIN.com $newPassword";
sendRESTRequest($url, $register);
}
}
function sendRESTRequest ($url, $request)
{
// Create a stream context so that we can POST the REST request to $url
$context = stream_context_create (array ('http' => array ('method' => 'POST'
,'header' => "Host: localhost:5280\nContent-Type: text/html; charset=utf-8\nContent-Length: ".strlen($request)
,'content' => $request)));
$result = file_get_contents($url, false, $context);
return $result;
}
?>
Hope this helps someone!
This answer is late but it could help someone:
Contrary to #ben-marten's answer, Switching to the external authentication does support roster management.
When you add someone to the roster, ejabberd is 'calling' the isuser operation - check if it’s a valid user - you have to provide that method in the script: see ejabberd Developers Guide - External Authentication
I ignored that operation, and I could not add a user to the roster.
For other script examples see Authentication Scripts
Sorry for such a bad question but I spend 2 hours without any success. Zend Docs are horrible ...
I have found this Zend_Gdata library and Picasa data API -- loader.php file missing, but its crashing at line 2 Class 'Application\Controller\Zend\Loader\StandardAutoloader' not found, which obviously isn't the correct path.
I am not sure why ZF does not use
...\vendor\ZF2\library\Zend\Loader\
Im using https://github.com/zendframework/ZendSkeletonApplication which is working, but nothing else works out of box with zf2 and all help topics are described incompletely. A mess in my eyes ...
However here is the code.
//Change this for your domain
$domain = 'yourdomain.com';
$email = 'ad...#yourdomain.com';
$passwd = 'p#ssword';
$user = 'jsmith';
$newuserpassword = 'secretp#assword';
//Connect as admin to Google Apps
require_once 'Zend/Loader.php';
Zend_Loader::loadClass('Zend_Http_Client');
Zend_Loader::loadClass('Zend_Gdata');
Zend_Loader::loadClass('Zend_Gdata_ClientLogin');
Zend_Loader::loadClass('Zend_Gdata_Gapps');
try {
$client = Zend_Gdata_ClientLogin::getHttpClient($email, $passwd, Zend_Gdata_Gapps::AUTH_SERVICE_NAME);
} catch (Zend_Gdata_App_CaptchaRequiredException $cre) {
echo 'URL of CAPTCHA image: ' . $cre->getCaptchaUrl() . "\n";
echo 'Token ID: ' . $cre->getCaptchaToken() . "\n";
} catch (Zend_Gdata_App_AuthException $ae) {
echo 'Problem authenticating: ' . $ae->exception() . "\n";
}
$gdata = new Zend_Gdata_Gapps($client, $domain);
//Now change the user's password
$updateUser = $gdata->retrieveUser($user);
$updateUser->login->password = $newuserpassword;
$updateUser = $updateUser->save();
There's a new API that you can use even if Zend 1 or 2:
https://github.com/google/google-api-php-client
Here's the page with installation instructions and a getting started:
https://developers.google.com/api-client-library/php/
And here are the available services:
https://github.com/google/google-api-php-client/tree/master/src/Google/Service
Hope it help.
There's no such thing as Zend_Loader in zf2 and the code you have posted is for zf1. If you have the barebones application working, then you will already have the autoloader working correctly (I presume you're using MVC and this code is to go in a controller, not a single file).
If you have the autoloader setup correctly, you also don't need to use Zend_Loader::loadClass.. as they will be autoloaded.
As for Gdata in zf2 - you will need to get the package, which can be found here https://packages.zendframework.com/. Good instructions are here: Zend Framework 2.0.2 YouTube API
Converting the code from zf1 to zf2 should be pretty easy.
However, unfortunately the gdata package is no longer maintained, so you are advised to use https://code.google.com/p/google-api-php-client/
I am writing a web service for a droid app adn trying to use phpactiverecord. I am not using an mvc. I cannot tell whether it is connecting to my database correctly because I don't know what it returns when it fails or if it just can't be used without an mvc.
<?php
require_once '../libs/php-activerecord/ActiveRecord.php';
ActiveRecord\Config::initialize(function($cfg)
{
$cfg->set_model_directory('../libs/php-activerecord/models');
$cfg->set_connections(array(
'development' => 'mysql://username:password#localhost/dbname'));
});
//$json=$_GET ['json'];
$json = file_get_contents('php://input');
$obj = json_decode($json);
//echo $json;
$data = Users::all();
$user_name = $data->user_name;
echo($data);
$password = $data->password;
$posts = array(name =>$user_name,
password =>$password
);
header('Content-type: application/json');
echo json_encode(array('posts'=>$posts));
?>
It throws a 500 error when I try to go to the page which isn't very helpful.
I figured it out but thanks for trying to help. My hosting server has a wierd structure that required my path to include a bunch of extra stuff that would be unlikely to happen to anyone else... basically my include pat was wrong. turning on error reporting pointed out the problem quickly.
Hi am starting off with Zend Framework and have a question about action helpers. My first application is a simple authentication system (following a tutorial from a book). The registration and authentication seems to work fine but the redirect doesn't.
I have a customer controller that has this among others:
class CustomerController extends Zend_Controller_Action
{
// some code here......
public function authenticateAction()
{
$request = $this->getRequest();
if (!$request->isPost()) {
return $this->_helper->redirector('login');
}
// Validate
$form = $this->_forms['login'];
if (!$form->isValid($request->getPost())) {
return $this->render('login');
}
if (false === $this->_authService->authenticate($form->getValues())) {
$form->setDescription('Login failed, please try again.');
return $this->render('login');
}
return $this->_helper->redirector('index');
}
the authenticate url is http://localhost/customer/authenticate and this seems to work fine but it does not redirect. After authentication I get a blank page which looks like its taking me to the index and just sits there. I tried using '/index' instead but that did not help either. Do I need to do anything special to make the redirector helper work? I have a logout action which behaves the same.
You should call
$this->_helper->redirector('index');
without the return.
I found out there may be a problem with my setup. The code above is perfect, works on another computer.