Path

ez components / documentation / api reference / trunk / authentication

eZ Components trunk

Authentication: ezcAuthenticationTokenFilter

[ Tutorial ] [ Rfcs ] [ Security ] [ Class tree ] [ Element index ] [ ChangeLog ] [ Credits ]

Class: ezcAuthenticationTokenFilter

Filter to authenticate against a server generated token. [source]
Some uses for this filter:
  • CAPTCHA tests
  • security token devices (as used by banks)
The following example shows how to create a CAPTCHA test. The example is divided into 2 parts: the initial request (where the user sees the CAPTCHA image and enters the characters he sees in a form) and the follow-up request (after the user submits the form).
  • on the initial request: 
     1.  // generate a token and save it in the session or in a file/database
 2.   $pattern "1234567890abcdefghijklmnopqrstuvwxyz";
 3.  $token  "";
 4.  for$i 1$i <= $i++ )
 5.  {
 6.      $token .= $pattern{rand036 )};
 7.  }
 8.  $encryptedToken sha1$token );
 9.  
10.  // save the $encryptedToken in the session
11.   session_start();
12.  $_SESSION['encryptedToken'$encryptedToken;
13.  
13.  // also generate a distorted image which contains the symbols from $token and use it
  • on the follow-up request: 
     1.  // load the $encryptedToken as it was generated on a previous request
 2.   session_start();
 3.  $encryptedToken = isset$_SESSION['encryptedToken'$_SESSION['encryptedToken'null;
 4.  
 5.  // also load the value entered by the user in response to the CAPTCHA image
 6.   $captcha = isset$_POST['captcha'$_POST['captcha'null;
 7.  
 8.  $credentials new ezcAuthenticationIdCredentials$captcha );
 9.  $authentication new ezcAuthentication$credentials );
10.  $authentication->addFilternew ezcAuthenticationTokenFilter$encryptedToken'sha1' ) );
11.  if !$authentication->run() )
12.  {
13.      // CAPTCHA was incorrect, so inform the user to try again, eventually
14.      // by generating another token and CAPTCHA image
15.   }
16.  else
17.  {
18.      // CAPTCHA was correct, so let the user send his spam or whatever
19.   }

Parents

ezcAuthenticationFilter
   |
   --ezcAuthenticationTokenFilter

Constants

STATUS_TOKEN_INCORRECT = 1 Token is not the same as the provided one.

Inherited Constants

From ezcAuthenticationFilter:
ezcAuthenticationFilter::STATUS_OK    Successful authentication.

Properties

callback read/write  $function
The encryption function to use on the user credentials in order to compare it with the stored token.
string read/write  $token
The token to check against.

Inherited Member Variables

From ezcAuthenticationFilter:
protected  ezcAuthenticationFilter::$options

Method Summary

public ezcAuthenticationTokenFilter __construct( $token, $function, [$options = null] )
Creates a new object of this class.
public int run( $credentials )
Runs the filter and returns a status code when finished.

Inherited Methods

From ezcAuthenticationFilter :
public ezcAuthenticationFilterOptions ezcAuthenticationFilter::getOptions()
Returns the options of this class.
public abstract int ezcAuthenticationFilter::run()
Runs the filter and returns a status code when finished.
public void ezcAuthenticationFilter::setOptions()
Sets the options of this class to $options.

Methods

__construct

ezcAuthenticationTokenFilter __construct( string $token, callback $function, [ezcAuthenticationTokenOptions $options = null] )
Creates a new object of this class.

Parameters

Name Type Description
$token string A string value generated by the server
$function callback The encryption function to use when comparing tokens
$options ezcAuthenticationTokenOptions Options for this class

run

int run( ezcAuthenticationCredentials $credentials )
Runs the filter and returns a status code when finished.

Parameters

Name Type Description
$credentials ezcAuthenticationCredentials Authentication credentials

Redefinition of

Method Description
ezcAuthenticationFilter::run() Runs the filter and returns a status code when finished.

Last updated: Thu, 08 Jan 2009