fiedsch/tokenlogin-bundle 问题修复 & 功能扩展

解决BUG、新增功能、兼容多环境部署,快速响应你的开发需求

邮箱:yvsm@zunyunkeji.com | QQ:316430983 | 微信:yvsm316

fiedsch/tokenlogin-bundle

Composer 安装命令:

composer require fiedsch/tokenlogin-bundle

包简介

Contao 4 Token Login Bundle

README 文档

README

What it is

A module to allow Login with a token alone (as opposed to username+password).

To achieve this we do the following: username and token are semantically swapped as

  • we can not have one username having multiple passwords.
  • but we can have different user names always having the same password! The token which technically is the username will serve as the password.

How it works -- changes to the regular login process

  1. Extend the regular login module (ModuleTokenlogin extends \Contao\ModuleLogin)
  2. Provide a special login form that takes care of the changes. This form will not have a password field.
  3. Set the (POST-)value for password so the regular login module will be happy.
  4. (You) register a method for the importUser hook that creates a new member. See below for an example.

What you have to provide

  • You have to implement the Hook importUser and create a new Member there.

  • You have to have a list of valid tokens somewhere to decide if a login attempt should be considered valid.

An Example:

// your bundle's config.php

$GLOBALS['TL_HOOKS']['importUser'][] = array('MyVendor\MyBundle\MyHooks', 'myImportUser'); 
namespace MyVendor\MyBundle;

use Fiedsch\TokenloginBundle\ModuleTokenlogin;
use Contao\MemberModel;
use Contao\Encryption;
use Contao\System;

class MyHooks {
    /**
     * We want our users that log in via token to be in a special member group.
     * This is this group's ID.
     * You would typically want to make that configurable.
     */
    const TOKENUSER_MEMBERGROUP_ID = 1;
    
    /**
     * @param string $strUsername The unknown username.
     * @param string $strPassword  The password submitted in the login form.
     * @param string $strTable The user model table, either tl_member (for front end) or tl_user (for back end).
     * @return bool true if the user was successfully imported, false otherwise
     */
    public function myImportUser($strUsername, $strPassword, $strTable) {
        // front end only!
        if ($strTable == 'tl_member') {
            return $this->importFromTokenlist($strUsername, $strPassword);
        }
        return false;
    }
    
    /**
     * @param $strUsername string The unknown username.
     * @param $strPassword string The password submitted in the login form.
     * @return bool true if the user was successfully imported, false otherwise
     */
    protected function importFromTokenlist($strUsername, $strPassword) {
        try {
            // (0) Check for our special situation (just an additional test for the paranoid)
            if ($strPassword !== ModuleTokenlogin::TOKENUSERPASSWORD) { return false; }
    
            // (1) Check if the token supplied in $strUsername is found in our database
            // or token list. If not found: return false
            //
            // TODO: implement/fit to your needs.
            //
            // Always assume true in this test!
            //
            // (2) If the token is valid, create new member record -- which does not 
            // exist as otherwise myImportUser would not have been called
            // 
            // Thoughts: (maybe TODOs)
            // ignore case in $strUsername as otherwise xyz123 and YXZ123 will be two different users
            // (only applies if the above lookup for the token was case insensitive)
            
            $newMember = new MemberModel();
            $newMember->allowLogin = true;
            $newMember->password = Encryption::hash($strPassword);
            $newMember->username = $strUsername;
            $newMember->login = true;
            $newMember->firstname = "Token";
            $newMember->lastname = "User";
            $newMember->email = sprintf("%s@example.com", $strUsername);
            $newMember->groups = [ self::TOKENUSER_MEMBERGROUP_ID ];
            $newMember->dateAdded = time();
            $newMember->save();
            
            System::log(sprintf("created new member for token %s", $newMember->username), __METHOD__, TL_ACCESS);
            
            // (3) purge old entries? This might be a good place.
            
            // (4) return true to indicate success
            return true;
        } catch (\Exception $ignored) {
            return false;
        }
    }
}

Implementing in App Bundle

Add "autoload" section to composer (or extend it if already present):

   "autoload": {
       "psr-4": {
           "AppBundle\\": "src/AppBundle/"
       }
   }

Add file app/Resources/contao/config/config.php containing the hook declaration:

  $GLOBALS['TL_HOOKS']['importUser'][] = array('AppBundle\AppHooks', 'importUser'); 

Add file src/AppBundle/AppHooks.php and implement importUser there (see example above as a guide, where you obviously have to change the namespace to AppBundle and the class name to AppHooks).

Run composer dump-autoload.

fiedsch/tokenlogin-bundle 适用场景与选型建议

fiedsch/tokenlogin-bundle 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 31 次下载、GitHub Stars 达 4, 最近一次更新时间为 2018 年 06 月 28 日, 在 PHP 生态内属于活跃度较高的组件。

我们在过去多个企业项目中使用过 fiedsch/tokenlogin-bundle 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。

围绕 fiedsch/tokenlogin-bundle 我们能提供哪些服务?
定制开发 / 二次开发

基于 fiedsch/tokenlogin-bundle 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。

BUG 修复 & 性能优化

线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。

项目外包 & 长期维护

承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。

yvsm@zunyunkeji.com QQ:316430983 微信:yvsm316 西安尊云信息科技 · 专注 PHP / Go / 分布式系统研发

统计信息

  • 总下载量: 31
  • 月度下载量: 0
  • 日度下载量: 0
  • 收藏数: 4
  • 点击次数: 2
  • 依赖项目数: 0
  • 推荐数: 0

GitHub 信息

  • Stars: 4
  • Watchers: 2
  • Forks: 0
  • 开发语言: PHP

其他信息

  • 授权协议: MIT
  • 更新时间: 2018-06-28