Skip to content

User

Jump to bottom Edit New page
AlexFloppy edited this page Jan 28, 2015 · 11 revisions

##Description

Implemented default user's functionality such as registration, authorization, password recovery, acl (BjyAuthorize). It's also allows to manage users by grid. Module User is a required module.

##Global settings Mail settings required for registration and password recovery.

'mail' => array(
   'transport' => array(
      'options' => array(
         'host'              => '%host%',
         'port'              => '%port%',
      ),
   ),
   'message' => array(
      'headers' => array(
         'PROJECT' => '%project%',
         'EMAILS'  => '%mail%'
      ),
      'from' => array ('admin@zfury.com')
   )
)

##ACL (BjyAuthorize) There are three existing role - guest, user, admin. It's configured in bjyauthorize.global.php

For manage permissions for each controller/action manage module.config.php of each module 'bjyauthorize' section Examples:

'bjyauthorize' => array(
   'guards' => array(
      'BjyAuthorize\Guard\Controller' => array(

         // access for all roles to Application\Controller\Index
         array(
            'controller' => 'Application\Controller\Index',
            'roles' => array(),
         ),

         // access only for admin for controller User\Controller\Management
         array(
            'controller' => 'User\Controller\Management',
            'roles' => array('admin'),
         ),

         // access only for geust to login,recover-password actions for controller User\Controller\Auth
         array(
            'controller' => 'User\Controller\Auth',
            'action' => array('login', 'recover-password'),
            'roles' => array('guest'),
         ),
      ),
   ),
),

##Entities User can be signed up using login/password or by social network profile (facebook/twitter). Also, a few providers can by assigned to each user. For this purposes used two entities: ###Users

  • id - entity primary key
  • email - unique user email
  • displayName - user name
  • role - user role
  • confirm - user hash for confirm registration or change password
  • status - user status ['active', 'inactive', 'unconfirmed']
  • created - created timestamp
  • updated - last updated timestamp

userId - link to users table provider - provider name, "equals" for login/pass foreignKey - foreign key, user login for login/pass; twitter id; etc token - token to access, hash for login/pass tokenSecret - secret token, salt of hash for login/pass (by default) tokenType - can be "request" or "access"

###Auth

  • userId - link to users table
  • provider - provider name, "equals" for login/pass
  • foreignKey - foreign key, user login for login/pass; twitter id; etc
  • token - token to access, hash for login/pass
  • tokenSecret - secret token, salt of hash for login/pass (by default)
  • tokenType - can be "request" or "access"
  • created - created timestamp
  • updated - last updated timestamp

##Authorization by twitter/facebook Just add to config:

'facebook' => array(
   'appId' => '%appId%',
   'appSecret' => '%appSecret%',
),
'twitter' => array(
   'siteUrl' => 'https://api.twitter.com/oauth',
   'authorizeUrl' => 'https://api.twitter.com/oauth/authenticate',
   'consumerKey' => '%consumerKey%',
   'consumerSecret' => '%consumerSecret%',
   'httpClientOptions' => array(
      'adapter' => 'Zend\Http\Client\Adapter\Curl',
      'curloptions' => array(
         CURLOPT_SSL_VERIFYHOST => false,
         CURLOPT_SSL_VERIFYPEER => false
      )
   )
)

##Password recovery workflow User can recovery password by entering email. If email exist user get message with recovery-password hash-link, where he will be asked to enter new password and confirm password. After than user can by authorized with new password.

Add a custom footer
Add a custom sidebar

Clone this wiki locally