Auth
The Pebble\Auth
class is used to authenticate users using the database table auth
. The Auth instance is created using a Pebble\DB
object and an array of cookie settings
.
The cookie settings could look something like this:
config/Auth.php ->
<?php
return
[
'cookie_path' => '/',
'cookie_secure' => true,
'cookie_domain' => $_SERVER['SERVER_NAME'] ?? '',
'cookie_http' => true
];
The following example shows a test of all methods:
examples/auth/index.php ->
<?php
require_once "../../vendor/autoload.php";
use Pebble\Service\AuthService;
// Or use AppBase class
$auth = (new AuthService())->getAuth();
// Just for printing what is going on
function debug($message) {
echo $message . "<br />";
}
// Generate a User
$email = 'test@tester.com';
$password = 'strong1234';
$user = $auth->getByWhere(['email' => $email]);
// No user create a user
if (!$user) {
try {
$auth->create($email, $password);
debug("create. User with email $email created");
} catch (Exception $e) {
debug($e->getMessage());
}
}
// Check if verified
if ($auth->isVerified($email)) {
debug("isVerified. User account is verified");
if (!$auth->isAuthenticated()) {
debug("isAuthenticated. User is not authenticated. User has no valid auth cookie");
// Wrong password
$row = $auth->authenticate($email, 'wrong_password');
if (!$row) {
debug("authenticate. Error authenticating. Wrong email og password");
}
// Correct password
$row = $auth->authenticate($email, $password);
if ($row) {
debug("authenticate. User with email $row[email] is authenticated. ");
$auth->setCookie($row, 10);
debug("setCookie. Auth cookie has been set. User will be in session for the next 10 seconds");
// $auth->setCookie($row, 0);
// 0 or null will be a session cookie. This expires when the browser closes.
}
} else {
$auth_id = $auth->getAuthId();
debug("isAuthenticated. User's auth ID: $auth_id");
}
} else {
$row = $auth->getByWhere(['email' => $email]);
// User account will be verified by passing the 'random' value connection to the account
$auth->verifyKey($row['random']);
debug("User has been verified");
}
// Update a user password
// $auth->updatePassword($row['id'], 'new super password');
// Log user out of all devices
// $auth->unlinkAllCookies($row['id']);
// Log user out of this device
// $auth->unlinkCurrentCookie();
You may run this example:
php -S localhost:8000 -t examples/auth
And go to http://localhost:8000