User Authentication with patUser (part 1) - Breaking It Down (
Page 5 of 7 )
Let's take a closer look at the code to see how this
works.
1. The first step is to include the patUser class in your
script:
<?php
include("../include/patUser.php");
?>
patUser uses the patDbc class to connect to the user
database, and the patTemplate engine to render its pages - so let's include
those as well here:
<?php
include("../include/patDbc.php"); include("../include/patTemplate.php");
?>
2. Next, the database layer needs to be initialized. This is
accomplished by creating an instance of the patDbc class and providing it with
the access parameters needed to connect to the MySQL database holding the user
data. This object instance is stored in the PHP variable $db.
<?php
$db = new patMySqlDbc("localhost", "db111", "us111", "secret");
?>
3. Once the database connection has been initialized, the
patTemplate engine also needs to be initialized. Here too, an instance of the
patTemplate class is created, and provided with the location of the directory
containing patUser's templates.
<?php
$tmpl = new patTemplate();
$tmpl->setBasedir("../templates");
?>
If you look in this directory, you'll see two templates,
named "patUserLogin.tmpl" and "patUserUnauthorized.tmpl". The first of these
templates contains the login box that is displayed whenever the system requires
user credentials, while the second contains a generic "access denied" page that
is displayed when an attempt is made to access a restricted page without
appropriate privileges. Both these templates are included as part of the patUser
distribution, and you are free to make changes to them so that they fit into the
look and feel of your application.
4. Once both template engine and
database connection are awake, it's time to initialize the patUser class itself.
<?php
$u = new patUser(true);
?>
The "true" argument to the class constructor tells patUser to
use PHP's session management capabilities to store user data in the
session.
Once the object instance has been initialized, the methods
setAuthDbc() and setTemplate() are used to connect it to the database connection
and template engine respectively. patUser will use this information to send
queries to the database and render page templates as needed.
<?php
$u->setAuthDbc($db);
$u->setTemplate($tmpl);
?>
The four steps above are fairly standard for all scripts
using the patUser class, and so it's a good idea to encapsulate them into a
single function, say init(), and call that function at the start of every script
so as to eliminate unnecessary repetition. A single init() function reduces
redundancy, and also makes changes easier.
Once all the formalities are
concluded, the requireAuthentication() method may be called to verify the user's
credentials.
<?php
$u->requireAuthentication("displayLogin");
?>
This method tells patUser that what follows is a restricted
page, and access should only be allowed if appropriate user credentials are
available. In case these credentials are not available in the session, patUser
will automatically display the contents of the "patUserLogin.tmpl" template,
usually a login box. Once user credentials have been submitted, patUser will
internally verify them and either permit access or display an error
message.
The actual mechanics of the authentication are performed
internally and automatically by the requireAuthentication() method, and you
don't really need to worry about it - although if you're really interested, feel
free to pop open the class file and inspect the code.
By encapsulating
the business logic of user verification into a single function, patUser makes
life much easier for the harried application developer - all that's needed is to
add a single function call at the top of all such sensitive pages, and patUser
automatically takes care of the rest.