Categories
How-To php WebApps

sfGuardPlugin: The Extra Documentation

Hey Folks,

The Symfony project has a section called sfGuardPlugin Extra Documentation.

It’s worth a read, especially the part about using the sfGuardUserProfile calls.

The docs haven’t been updated since March, so if something isn’t working, please refer to my previous blog post on installing the sfGuardPlugin.

I’d like to state that personally, there isn’t really the right way to do this. Sometimes you already have a table that has a username and password. You can skip using the sfGuardAuth password tables by doing the following:

  sf_guard_plugin:
    algorithm_callable: md5
    success_signin_url: @homepage
    profile_class: sfGuardUserProfile
    profile_field_name: account_id
    check_password_callable: [Account, checkPassword]

The important line here is check_password_callable, where you are telling symfony to use the Account table and to use your own checkPassword method.

Categories
How-To php WebApps

Installing sfGuardPlugin in symfony 1.1 — A Guide for the Perplexed

Like the verbally creative barfly, who is a dead ringer for a 21+ Juno, that you picked up during last call on a Friday night, symfony 1.1 starts to grow on you. Nevermind your friends, who found Erlang in some higher-scale, hipster, hippy hang out. They tell you it’s time to leave symfony 1.1. You’re perversely drawn to this framework and don’t mind racking up the future therapy bills.

God is dead, and so everything is permitted, unless you can install something like symfony 1.1’s sfGuardPlugin to add logins and login protection to web pages. Like the initiation rites into the Eleusinian mysteries or the Freemasons, not everything is articulated on how to do the install. But below, for the first time, it is.

Note: I use psymfony as an alias which really just means ‘php symfony’.

  • psymfony generate:app backend

Now you can start following the guide written on the symfony website. Below is just from my shell’s history log:

  • psymfony plugin:install sfGuardPlugin
  • psymfony propel:build-model
  • psymfony propel:build-sql
  • psymfony propel:insert-sql — this didn’t work for me so I ended up just doing: mysql -uusername -p < data/sql/plugins.sfGuardPlugin.lib.model.schema.sql
  • follow the instructions in the guide above for fixtures
  • psymfony propel:data-load frontend
  • psymfony propel:data-load backend
  • vim apps/frontend/config/settings.yml
  • vim apps/backend/config/settings.yml
  • psymfony cc

But you’re not done yet. Are you running into a propel connection error? Then you might have to edit some yaml files based on this blog post.

In my case, I ended up having to edit config/databases.yaml by adding the following below:

   propel:
     class:          sfPropelDatabase
     param:
       phptype: mysql
       host: localhost
       database: dev_starster
       username: writes
       password: some_wicked_sick_password
       dsn:          mysql://writes@localhost/dev_starster
       datasource: propel

Are we out of the woods yet?

Unfortunately, symfony 1.1 has a signout bug, where sessions are not entirely cleared. Thanks to this blog post, I was able to hack something together.

In apps/yourapp/modules/sfGuardAuth/actions/actions.class.php write:

public function executeSignout()
{
if (sfConfig::get('sf_environment') != 'test')
{
session_destroy();
session_write_close();
session_regenerate_id();
}
parent::executeSignout();
}

You might have to link the sf_guard_user table to an account table, if you want the account table to do the authorization instead. If so edit apps/modulename/config/app.yml by adding something that looks like this:

  sf_guard_plugin:
    algorithm_callable: md5
    success_signin_url: @homepage
    profile_class: sfGuardUserProfile
    profile_field_name: account_id
    check_password_callable: [Account, checkPassword]

In the lib/model/Account.php you should add code that looks like this:

  public static function checkPassword($username, $password) {
  	$c = new Criteria();
  	$c->add(AccountPeer::EMAIL, $username);
  	$c->add(AccountPeer::PASSWORD, md5($password));
  	$rac = AccountPeer::doSelect($c);
  	//print_r($rac) ; die();
  	if ($rac == TRUE) {
  		return TRUE;
  	} else {
  		return FALSE;
  	}
  }

Here is a list of links that made getting the plugin working possible: