1. 技术文章
  2. Adding more constrain in sentry 2 authentication processs

Adding more constrain in sentry 2 authentication processs

…衆ロ難τιáo~ 提交于 2019-12-11 06:59:40

问题


Do you have any ideas, how to add some more constrain while authentication in sentry 2, I have a company table and users belongs to a company, and if the company is disabled(set the active to 0 to mark it as disabled in the company table) then the user should not be able to login.

In short while logging some users it should check for the company they belongs to and check if it is active or not, if not then do not log them in or throw an exception.

...Please help if u have any idea about it. Thanks :)


回答1:


You can keep it simple without changing the sentry 2 code. 

try
{
    $user = Sentry::authenticate($credentials, false);
    if ($user->company->active == 0)
    {
        Sentry::logout();
        // Redirect to login page with the proper flash message
    }
}
catch (Cartalyst\Sentry\Users\LoginRequiredException $e)
{
}
... other catches

Update If you want, you can create your own service provider for Sentry2. When registering classes, you can register a class that extends the \Cartalyst\Sentry\Sentry class and override the login() method.

Your code will looks like the following:

public function login(UserInterface $user, $remember = false)
{
    if ( ! $user->isActivated())
    {
        $login = $user->getLogin();
        throw new UserNotActivatedException("Cannot login user [$login] as they are not activated.");
    }

    // you can create this method in your company model
    if ($user->company->isDisabled()) 
    {
        throw new CompanyDisabledException("... message ...");
    }


    $this->user = $user;

    // Create an array of data to persist to the session and / or cookie
    $toPersist = array($user->getId(), $user->getPersistCode());

    // Set sessions
    $this->session->put($toPersist);

    if ($remember)
    {
        $this->cookie->forever($toPersist);
    }

    // The user model can attach any handlers
    // to the "recordLogin" event.
    $user->recordLogin();
}



回答2:


You can save the company/active or not status on the Users table and later on your login controller, you can pass to the $credentials array the additional fields you want to check on the process.

Something like this must do the job:

// Set login credentials
$credentials = array(
    'email'    => Input::get('email'),
    'password' => Input::get('password'),
    'company'  => 1,
);

// Authenticate user
Sentry::authenticate($credentials, Input::get('remember-me', 0));


来源:https://stackoverflow.com/questions/19495087/adding-more-constrain-in-sentry-2-authentication-processs

标签
laravel
laravel-4
cartalyst-sentry
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!