承接 magicmaster0511/yii2-ldap-auth 相关项目开发

从需求分析到上线部署,全程专人跟进,保证项目质量与交付效率

邮箱:yvsm@zunyunkeji.com | QQ:316430983 | 微信:yvsm316

magicmaster0511/yii2-ldap-auth

Composer 安装命令:

composer require magicmaster0511/yii2-ldap-auth

包简介

Simple library to handle auth over LDAP in Yii 2 applications.

README 文档

README

Simple extension to handle auth over LDAP in Yii 2 applications.

This extension intended for applications that rely only on LDAP authentication and does not support access tokens.

Installation

composer require "magicmaster05111/yii2-ldap-auth"

Example of configuration and a use case

Considering yii2-app-basic:

Configure the component in your configuration file and change user identity class

'components' => [
    ...
    'ldapAuth' => [
        'class' => '\stmswitcher\Yii2LdapAuth\LdapAuth',
        'host' => 'your-ldap-hostname',
        'baseDn' => 'dc=work,dc=group',
        'searchUserName' => '<username for a search user>',
        'searchUserPassword' => '<password for a search user>',

        // optional parameters and their default values
        'ldapVersion' => 3,             // LDAP version
        'protocol' => 'ldaps://',       // Protocol to use
        'followReferrals' => false,     // If connector should follow referrals
        'port' => 636,                  // Port to connect to
        'loginAttribute' => 'uid',      // Identifying user attribute to look up for
        'ldapObjectClass' => 'person',  // Class of user objects to look up for
        'timeout' => 10,                // Operation timeout, seconds
        'connectTimeout' => 5,          // Connect timeout, seconds
    ],
    ...

    'user' => [
        'identityClass' => '\stmswitcher\Yii2LdapAuth\Model\LdapUser',
    ],
    ...
]

Update methods in LoginForm class

use stmswitcher\Yii2LdapAuth\Model\LdapUser;

...

public function validatePassword($attribute, $params)
{
    if (!$this->hasErrors()) {
        $user = LdapUser::findIdentity($this->username);

        if (!$user || !Yii::$app->ldapAuth->authenticate($user->getDn(), $this->password)) {
            $this->addError($attribute, 'Incorrect username or password.');
        }
    }
}

...

public function login()
{
    if ($this->validate()) {
        return Yii::$app->user->login(
            LdapUser::findIdentity($this->username),
            $this->rememberMe
                ? 3600*24*30 : 0
        );
    }
    return false;
}

Verify that user belongs to LDAP group

If you need also need to check if user is a member of certain LDAP group, use one more parameter for the authenticate function:

Yii::$app->ldapAuth->authenticate($user->getDn(), $this->password, 'cn=auth-user-group')

Now you can login with LDAP credentials to your application.

Using Access Control Filter

If you want to use the Access Control Filter, you can use the LdapManager class as an authentication manager:

return [
    'components' => [
        'authManager' => [
            'class' => 'stmswitcher\Yii2LdapAuth\LdapManager',
        ],
    ],
];

Next, specify the list of groups that need to be granted access to actions:

public function behaviors()
{
    return [
        'access' => [
            'class' => AccessControl::class,
            'rules' => [
                [
                    'allow' => true,
                    'roles' => ['group1', 'group2'],
                ],
            ],
        ],
    ];
}

统计信息

  • 总下载量: 59
  • 月度下载量: 0
  • 日度下载量: 0
  • 收藏数: 0
  • 点击次数: 4
  • 依赖项目数: 0
  • 推荐数: 0

GitHub 信息

  • Stars: 0
  • Watchers: 0
  • Forks: 6
  • 开发语言: PHP

其他信息

  • 授权协议: MIT
  • 更新时间: 2024-08-10

承接程序开发

PHP开发

VUE

Vue开发

前端开发

小程序开发

公众号开发

系统定制

数据库设计

云部署

网站建设

安全加固