Next

The sfGuard Plugin

Table of Contents

[Tutorial] My Second Project - Admin Generator + sfGuardPlugin 
[Tutorial] My Second Project - Admin Generator + sfGuardPlugin 
[Tutorial] My Second Project - Admin Generator + sfGuardPlugin 
sfGuard user registration 
accessing sfBlogPlugin via svn 
sfGuard and usage of sfGuardUserProfile 
sfGuard and usage of sfGuardUserProfile 
usage of sfGuardUserProfile 
Get sfGuardProfileId from sfGuard plugin 
Goal 
COil's solution 
My solution 
sfGuard Password Rest 
sfGuard Password Rest 

[Tutorial] My Second Project - Admin Generator + sfGuardPlugin 

http://www.symfony-project.org/forum/index.php?t=msg&th=5064#msg_21825

For people that turn to framework as complicated as symfony for help, I think 99.9% of time they need some authentication. So the next step in this tutorial is to add authentication capability. We'll add more fields to the author table, ie, login id, email, & phone etc, — just for illustration purpose. The step1.tgz already contains meaningful lookup table drop-down, once the sfGuardPlugin is in, you'll see a working version of many to many relationship capability showcase in symfony.

The official doc is here, http://www.symfony-project.org/book/trunk/06-Inside-the-Controller-Layer#Action%20Security

"Among the symfony plug-ins, the sfGuardPlugin extends the session class to make login and logout easy.": http://www.symfony-project.org/trac/wiki/sfGuardPlugin

[Tutorial] My Second Project - Admin Generator + sfGuardPlugin 

For a newbie like me, the docs in the sfGuard wiki has mile long gaps between them.

Chanages to enable the sfGuard are logged at: http://www.symfony-project.org/forum/index.php?t=msg&th=5071#msg_21849

To Customize sfGuardAuth module templates, the wiki says:

Customize sfGuardAuth module templates

By default, sfGuardAuth module comes with 2 very simple templates:

  • signinSuccess.php
  • secureSuccess.php

If you want to customize one of these templates:

  • Create a sfGuardAuth module in your application
  • Create a template with the name of the template you want to customize in your templates directory
  • Symfony now renders your template instead of the default one

I've been trying to follow the above and fill the gaps within.

here is what I've did:

$ symfony init-module backend sfGuardAuth
$ cp plugins/sfGuardPlugin/modules/sfGuardAuth/templates/secureSuccess.php apps/backend/modules/sfGuardAuth/templates/
$ cp plugins/sfGuardPlugin/modules/sfGuardAuth/templates/signinSuccess.php apps/backend/modules/sfGuardAuth/templates/

I've tweaked all three templates under apps/backend/modules/sfGuardAuth/templates/, I.e., secureSuccess.php, signinSuccess.php & indexSuccess.php, and I've made the following changes:

$ head -5 apps/backend/config/routing.yml
# default rules
homepage:
  url:   /
  param: { module: sfGuardAuth, action: index }

$ cat ./apps/backend/modules/sfGuardAuth/actions/actions.class.php
<?php

require_once(sfConfig::get('sf_plugins_dir').'/sfGuardPlugin/modules/sfGuardAuth/lib/BasesfGuardAuthActions.class.php');

/**
 * sfGuardAuth actions.
 *
 * @package    sfpear
 * @subpackage sfGuardAuth
 * @author     Your name here
 * @version    SVN: $Id: actions.class.php 2692 2006-11-15 21:03:55Z fabien $
 */
class sfGuardAuthActions extends BasesfGuardAuthActions
{
  /**
   * Executes index action
   *
   */
  public function executeIndex()
  {
  }
}

But as the result, none of my customized templates are used. All that I want is that

  • when the user is not authenticated, redirect to the /login page.
  • after the user has logged in, redirect to my Post/list page.

The solution is http://www.symfony-project.org/forum/index.php?t=msg&goto=22107&#msg_22107

[Tutorial] My Second Project - Admin Generator + sfGuardPlugin 

Initially, I had major problem just to make the sfGuardPlugin work. The symptom was, right after I turn the security on, I get blocked everywhere, even to login page. The whole analysis and solution is logged at http://www.symfony-project.org/forum/index.php?t=msg&th=5071&mid=21751

Then, I was not able to

  • when the user is not authenticated, redirect to the /login page.
  • after the user has logged in, redirect to my Post/list page.

The solution is at http://www.symfony-project.org/forum/index.php?t=msg&goto=22107&#msg_22107

After that was passed, there were still battles to fight. The sfGuardPlugin is so weired designed that is awfully hard to add those extra field, e.g. first name, last name, email, etc, that I almost wanted to give up the sfGuardPlugin. Check the details at http://www.symfony-project.org/forum/index.php?t=msg&goto=20465#msg_20465

I am working towards a login system, to make things easier a bit. I think the most easy way is to populate them beforehand with fixtures. This is how I did:

data/fixtures/fixtures.00.Category.yml
data/fixtures/fixtures.10.Users.yml
data/fixtures/fixtures.11.Author.yml
data/fixtures/fixtures.12.Admin.yml
data/fixtures/fixtures.15.User.Credentials.yml
data/fixtures/fixtures.20.Post.yml

I'm new to symfony (and quite new to php actually). the login system is what I can do currently. it is not a freely registration system which allows use to register themselves and populate the required fields themselves with validation.

Note that I didn't create the (default) sfGuardUserProfile class, but used the existing Author table for the user profile instead. If you have all the required info, then creating a login system this way is very simple — just maintain the user login info and profile in a separated place and export/convert them into yaml fixtures, then load the yaml fixtures via:

symfony propel-load-data backend

SourceForge.net LogoXpt.SourceForge.netCreative Commons Attribution-ShareAlike License
Single file version available here.
Last updated on 2008-05-28.
To discuss, comment here.
   Next