Version 0.0.1 Created by Evan Coury
NOTE: This is a work-in-progress. The features listed may be incomplete or entirely missing.
EdpUser is a user registration and authentication module for Zend Framework 2, which can utilize either Doctrine2 or Zend\Db. It provides the foundations for adding user authentication and registration to your ZF2 site. It is built to be very simple and easily to extend.
- Authenticate via username, email, or both (can opt out of the concept of username and use strictly email) [COMPLETE]
- User registration [COMPLETE]
- Forms protected against CSRF [COMPLETE]
- Registration form protected with CAPTCHA [IN PROGRESS] (Needs more options)
- Out-of-the-box support for Doctrine2 and Zend\Db [IN PROGRESS]
- Robust event system to allow for extending [IN PROGRESS]
- Support for additional authentication mechanisms via plugins (Google, Facebook, LDAP, etc) [INCOMPLETE]
- Optional E-mail address verification [INCOMPLETE]
- Forgot Password [INCOMPLETE]
- Zend Framework 2
- EdpCommon (latest master).
- SpiffyDoctrine (optional).
- Install the EdpCommon ZF2 module.
cd path/to/project/modules
git clone git://github.com/EvanDotPro/EdpCommon.git
- Enable EdpCommon in your
application.config.php
modules array.
- Install and configure the SpiffyDoctrine ZF2 module per the installation instructions.
- Install the EdpUser ZF2 module.
cd path/to/project/modules
git clone git://github.com/EvanDotPro/EdpUser.git
- Enable EdpUser in your
application.config.php
modules array.
- Create the
user
table in your database via the Doctrine CLI:cd path/to/SpiffyDoctrine/bin
./doctrine orm:schema:update --dump-sql
(Import the schema into your DB)
Navigate to http://yourproject/user and you should land on a login page.
-
Install the EdpCommon ZF2 module.
cd path/to/project/modules
git clone git://github.com/EvanDotPro/EdpCommon.git
- Enable EdpCommon in your
application.config.php
modules array.
-
Install the EdpUser ZF2 module.
cd path/to/project/modules
git clone git://github.com/EvanDotPro/EdpUser.git
- Enable EdpUser in your
application.config.php
modules array.
-
Create the
user
table in your database. (The chema is located in./EdpUser/data/schema.sql
) -
Add the following to your
Application/configs/module.config.php
:// Application/configs/module.config.php array( 'di' => array( 'instance' => array( 'alias' => array( 'masterdb' => 'PDO', 'edpuser_pdo' => 'masterdb', 'edpuser_user_mapper' => 'EdpUser\Mapper\UserZendDb', ), 'masterdb' => array( 'parameters' => array( 'dsn' => 'mysql:dbname=CHANGEME;host=CHANGEME', 'username' => 'CHANGEME', 'passwd' => 'CHANGEME', 'driver_options' => array(PDO::MYSQL_ATTR_INIT_COMMAND => 'SET NAMES \'UTF8\''), ), ), ), ), );
Navigate to http://yourproject/user and you should land on a login page.
The EdpUser module has some options to allow you to quickly customize the basic functionality. Options are defined in your Application module config like this:
// Application/configs/module.config.php
array(
'edpuser' => array(
'user_model_class' => 'EdpUser\Model\User',
'password_hash_algorithm' => 'sha512',
'enable_username' => false,
'enable_display_name' => false,
'require_activation' => false,
'login_after_registration' => false,
'registration_form_captcha' => true,
),
)
The following options are available:
- user_model_class - Name of Entity class to use. Useful for using your own
entity class instead of the default one provided. Default is
EdpUser\Model\User
. - password_hash_algorithm - Name of the hashing algorithm to use for hashing.
Checked against valid algorithms for PHP's
hash()
function. Examples includesha1
,sha224
,sha256
,sha384
,sha512
,md5
. Default issha512
. Note: This value can also be a valid PHP callback, or name of a static method such asMyClass::hashPassword
. - enable_username - Boolean value, enables username field on the registration
form, and allows users to log in using their username OR email address.
Default is
false
. - enable_display_name - Boolean value, enables a display name field on the
registration form. Default value is
false
. - require_activation - Boolean value, require that the user verify their email
address to 'activate' their account. Default value is
false
. (Note, this doesn't actually work yet, but defaults an 'active' field in the DB to 0.) - login_after_registration - Boolean value, automatically logs the user in
after they successfully register. Default value is
false
. - registration_form_captcha - Boolean value, determines if a captcha should
be utilized on the user registration form. Default value is
true
. (Note, right now this only utilizes a weak Zend\Text\Figlet CAPTCHA, but I have plans to make all Zend\Captcha adapters work.)
Sometimes you may want to override the default user entity with your own. With EdpUser, this is very easy.
First, create your extended User entity:
// Application/src/Application/EdpUser/Model/User.php
namespace Application\EdpUser\Model;
use Doctrine\ORM\Mapping as ORM,
EdpUser\ModelBase\UserBase;
/**
* @ORM\Entity
* @ORM\Table(name="user")
*/
class User extends UserBase
{
/**
* You can add more stuff to the User entity here.
*/
}
Next, tell EdpUser to utilize your new entity class:
// Application/configs/module.config.php
return array(
'edpuser' => array(
'user_model_class' => 'Application\EdpUser\Model\User',
),
),
If you're using Doctrine2, you'll also need to override the EdpUser entity path:
// Application/configs/module.config.php
return array(
'di' => array(
'instance' => array(
'doctrine_driver_chain' => array(
'parameters' => array(
'drivers' => array(
'edpuser_annotationdriver' => array(
'class' => 'Doctrine\ORM\Mapping\Driver\AnnotationDriver',
'namespace' => 'Application\EdpUser\Model',
'paths' => array(__DIR__ . '/../src/Application/EdpUser/Model'),
),
),
),
),
),
),
),
if ($this->getLocator()->get('edpuser-user-service')->getAuthService()->hasIdentity()) {
//...
}
$user = $this->getLocator()->get('edpuser-user-service')->getAuthService()->getIdentity();
return array('user' => $user);
Note: getIdentity()
returns an instance of EdpUser\Entity\User
.
$this->getLocator()->get('edpuser-user-service')->getAuthService()->clearIdentity();