GiveUpAlready.com - Authentication with Zend framework 2 and Doctrine 2

My latest development project (Fall of empires: Intergalatic) is being built using the brand new Zend framework 2 and Doctorine ORM due to the youth of the former I was unable to find any documentation on how to setup authentication in zend framework 2 using the doctrine 2 authenication adapter, so to save others on scouring the code for clues on how to do it here it is.

Step 1
You will need to define your user entity. The relevant part of my entity is as follows:

PHP Code:


/**
 * Class Player
 * @ORM\Entity
 */
class Player
{
    /**
     * @var integer
     * @ORM\Id @ORM\GeneratedValue @ORM\Column(type="integer", name="player_id")
     */
    protected $playerId;

    /**
     * @var string
     * @ORM\Column(type="string")
     */
    protected $username = '';

    /**
     * @var string
     * @ORM\Column(type="string")
     */
    protected $password = '';

    public function getPassword()
    {
        return $this->password;
    }

    public function setPassword($plaintextPassword, $salt)
    {
        $this->password = crypt($plaintextPassword, '$5$rounds=5000$'.$salt.'$');
        return $this;
    }

    public static function hashPassword($player, $password)
    {
        return ($player->getPassword() === crypt($password, $player->getPassword()));
    }
}

This user model (named player in my system) defines a username property (the players IDENTITY) and a password property (the players CREDENTIAL) i've also shown the setter and getter for password and a static function hashPassword. This method is used by doctrine to compare the supplied password to the users password and should return either a boolean or the hash of $password. In my code, we use the crypt function to hash the password and compare it against the users password ourselves, returning a boolean.

Step 2
We need to setup the dependancy manager inside zend to give us back a properly configured Authenication service in our controller. (This is the bit I couldn't find any documentation on) A quick read through the code in the doctrine ORM module and a bit of experimentation suggested that the structure of the config should be as follows:

PHP Code:


    'doctrine' => array(
        'driver' => array(
            'application_models' => array(
                'class' =>'Doctrine\ORM\Mapping\Driver\AnnotationDriver',
                'cache' => 'array',
                'paths' => array(__DIR__ . '/../src/Application/Model')
            ),
            'orm_default' => array(
                'drivers' => array(
                    'Application\Model' => 'application_models'
                )
            )
        ),
        'authentication' => array(
            'orm_default' => array(
                //should be the key you use to get doctrine's entity manager out of zf2's service locator
                'objectManager' => 'Doctrine\ORM\EntityManager',
                //fully qualified name of your user class
                'identityClass' => 'Application\Model\Player',
                //the identity property of your class
                'identityProperty' => 'username',
                //the password property of your class
                'credentialProperty' => 'password',
                //a callable function to hash the password with
                'credentialCallable' => 'Application\Model\Player::hashPassword'
            ),
        ),
    ),

The config block should be placed inside your module.config file. You have probably already setup the driver section, it is the authentication section that is important. I have commented each property with a brief description. It's important to note that the credential property must either be public, accessable via a magic __get method or have a get<Name> method defined in your class.

Step 3
Once that is all setup, you are ready to authenticate your user in your controller. For berevity I have not included any of the form setup or handling.

PHP Code:


        $auth = $this->getServiceLocator()->get('doctrine.authenticationservice.orm_default');
        $auth->getAdapter()->setIdentityValue($username);
        $auth->getAdapter()->setCredentialValue($password);
        $result = $auth->authenticate();

Step 4
Its not much use getting your user to login if you can't later find out who is logged in, the following lines of code will return the user entity to your application.

PHP Code:


        $auth = $this->getServiceLocator()->get('doctrine.authenticationservice.orm_default');
        $player = $auth->getIdentity();

3 Comments

Doctor Rock - 1st January 2014, 04:35 PM
- Reply
Silly man, just use drupal, so easy!

Carnage - 4th January 2014, 07:51 AM
- Reply
Originally Posted by Doctor Rock

Silly man, just use drupal, so easy!

Drupal is only really suitable if you are creating a content based site. For anything requiring a lot of custom code Zend framework 2 and Doctrine 2 make a very good base.

Doctor Rock - 4th January 2014, 09:33 AM
- Reply
Originally Posted by Carnage

Drupal is only really suitable if you are creating a content based site. For anything requiring a lot of custom code Zend framework 2 and Doctrine 2 make a very good base.

*my post*

*your head*

Menu

Top Authors

Authentication with Zend framework 2 and Doctrine 2

Message