Re: [Phrame-devel] User authentication

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Hi Mike,
> Having read the php|architect article today on MVC and Phrame use I'm
> still not 100% sure how you would go about implementing something like
> user login authentication and then permission checking on each page.
> 
> Does anybody have an example of how it all fits together?  I was
> thinking of using one of the PEAR authentication classes to do the job.

The first article was intended to truly be an introduction to the concepts of
MVC.  There will be a followup article next month, with much more concrete
example.  

One of these facets is security.  I implemented a very simple User mode, that
basically allows one to login (or just be recognized) as the "admin" for a
site.

For any user authentication system, the key will be your User model.  This
model will need to handle things like:
being able to report if a user is currently (probably session or cookie based)
being able to validate a login (password to db password compare perhaps?)
report current user information from some persistant store (db again?)

Some of these exposed methods might be accessed by a view- for example
User::IsValid might determine if you display a user name vs a login form on a
view.

Other methods might be accessed in Action::Perform methods.  The example might
be a user logging in, this would post to a LoginAction, which would take the
posted username and password, and access a method of the User class to
determine if a valid login was performed.

HTH

> At least I understand a bit more of what code goes in which parts of the
> MVC now - after reading the article.
> 
> Thanks Jason!

Glad it helped clarify some, that is why I wrote it :)

Jason

__________________________________
Do you Yahoo!?
The New Yahoo! Search - Faster. Easier. Bingo.
http://search.yahoo.com