Also, since you've generalized the function a little bit (which is perfectly fine, just isn't as "drop in" anymore), you can't just blindly exit if the user isn't authenticated. After all, anonymous access is perfectly feasible.
The way the function is written implies that it's something the user would define themself, replacing adapterObject* with their own implementation. Can we inject those through parameters so that this sort of code could be also packaged?
Here's the next iteration:
Code: Select all
// no access control built in
// returns whether or not a user is authenticated,
// and registers appropriate persistence if they are
function authtools_quick_authenticate($data_adapter = false, $session_adapter = false)
{
$controller = new AuthTools_AuthController();
// give the credentials to the auth controller
$credentials = new AuthTools_Credentials_Auto();
$controller->setCredentials($credentials);
// likewise we need some to check the credentials against
$controller->setDataAdapter($data_adapter);
// determining which commands to execute is inside the controller
// authentication is NOT binary! but we'll make it so in this case
$authentication_status = $controller->isAuthenticated();
$is_authenticated = $authentication_status->toBool();
// we need to stash in session
if (!$session_adapter) {
$session_adapter = new AuthTools_Session_Auto();
}
// tell the app about the current authentication status
// NOT the authorization status
$session_adapter->setAuthenticationStatus($authentication_status);
return $is_authenticated; // for trivial scripts
}Code: Select all
function authtools_quick_authorize($request, $data_adapter, $session_adapter, $output_adapter) {
$access = new AuthTools_AccessController();
$access->setRequest($request);
$access->setDataAdapter($data_adapter);
$access->setSessionAdapter($session_adapter);
// in this case, the object contains useful info on whether or not
// it's flat out forbidden, or please login.
$authorization_state = $access->isAuthorized();
$is_authorized = $authorization_state->toBool();
if (!$is_authorized) {
// could send to login page, or just say forbidden
$forward = $authorization_state->forward();
echo $forward->render();
exit;
}
// is authorized
return true;
}