Proposal for Aura.Authentication

[galactic-void]

Aura.Authentication

Aura.Authentication should provide a unified interface to authentication a user with local or remote authentication systems such as SQL, Htpasswd, Twitter, Facebook, etc.

• Will validate a set of credentials and return on success a basic but extendable User object.
• Will not save state. Adapters that use third party systems may temporally save state to complete the authentication.
• Will not manage, create, edit or delete a user from an authentication system.

  Usage

$manager = new Manager([
    'twitter' => function () { return new TwitterAdapter(new User, new OAuth2('key', 'secret')); },
    'ini'     => function () { return new IniAdapter(new User, 'path/to/ini'); }
]);

// Ini example:

// Assume for the example $_POST looks like this:
$_POST = ['username' => 'john', 'password' => '12345'];

if ($user = $manage->authenticate('ini', $_POST)) {
    echo 'User authenticated';
} else {
    echo 'Authentication failed";
}

// Twitter example:

if ($user = $manage->authenticate('twitter')) {
    echo 'User authenticated';
} else {
    echo 'Authentication failed";
}

Adapters

• Ini
• Htpasswd
• Mail
• Closure

These adapters will come later when their dependencies can be met:

• Twitter
• Facebook
• Google
• Github

The idea behind the Closure adapter is to provide a way to preform SQL authentication without having to specify a database library, table and columns.

The Closure adapter will pass to the anonymous function the array $opts from the method Closure::authenticate($opts). The anonymous function should return an array to populate the User object or false if authentication failed.

$adapter = new ClosureAdapter(new User, function ($opts) use ($pdo) {
    $password = md5($opts['password']);
    $sth = $pdo->prepare('SELECT username, full_name, email, url AS uri FROM users WHERE username = :user AND password = :pass');
    $sth->execute(['user' => $opts['username'], 'pass' => $password]);

    return $sth->fetch(\PDO::FETCH_ASSOC);
));

Classes

Manager

class Manager
{   
    /**
     * 
     * @param array $adapters List of available authentication adapters. Format:
     * adapter_name => function () { return new Adapter(...); },
     * 
     */
    public function __construct(array $adapters);

    /**
     * 
     * Set an authentication adapter.
     *
     * @param string $name
     * 
     * @param Aura\Authentication\Adapter\AuthenticationInterface $adapter
     *
     */
    public function setAdapter($name, AuthenticationInterface $adapter);
    /**
     * 
     * Authenticate a user using `$adapter`.
     * 
     * @param string $adapter Adapter name.
     * 
     * @throws Aura\Authentication\Exception If the adapter was not found.
     * 
     * @return boolean
     * 
     */
    public function authenticate($adapter_name, array $opts = []);

User

class User
{
    /**
     * 
     * @var string
     * 
     */
    protected $username  = null;

    /**
     * 
     * @var string
     * 
     */
    protected $full_name = null;

    /**
     * 
     * @var string
     * 
     */
    protected $email     = null;

    /**
     * 
     * @var string
     * 
     */
    protected $uri       = null;

    /**
     * 
     * @var string
     * 
     */
    protected $avatar    = null;

    /**
     *
     * Magic __get.
     *
     * @param string $key
     *
     * @return mixed
     *
     */
    public function __get($key);

    /**
     *
     * Magic __clone, reset the properties.
     *
     */
    public function __clone();

    /**
     *
     * Magic __sleep, return a list of properties to be serialised.
     *
     * @return array
     *
     */
    public function __sleep();

    /**
     *
     * Populate this object with values from an array.
     *
     * @param array $set
     * 
     * @throws Aura\Authentication\Exception If the username property was not set.
     *
     */
    public function setFromArray(array $set);
}

AdapterInterface

interface AuthenticationInterface
{
    /**
     * 
     * Authentication a user.
     * 
     * @param array $opts A list of optional parameters to pass to 
     * the authentication adapter.
     * 
     * @return boolean
     * 
     */
    public function authenticate(array $opts);
}

[harikt]

Aura.Auth , seems good for its short ;) .

[harikt]

@galactic-void magic quotes makes it slower I guess . What do you feel ? Why not introduce get and set for the property ?