Forum Moderators: coopster
I know there are a number of authentication classes out there but as a learning exercise I'm building my own but I wondered if anyone could help me.
Now say I had an authentication class that is included on every page, what is the best way of ensuring that it is only started once per user.
For instance on a header file I might do the require statement and create the new auth object if one exists. Then I check if it has been initialized like so.
if(!$auth ){
$auth = new auth($options);
$auth->start();
echo "created new instance";
}
The problem I'm having is that, even after I login. Every page I visit would still say "created new instance". Is there a way that I could use this but only create the auth object once and then validate properties of that to ensure the login is correct? I thought about a singleton pattern, but then the properties would be the same for every person wouldn't they?
I want to be able to set the properties when someone logs in and check them during another auth function.
e.g.
$auth->validate();
I hope that makes sense. As it stands I can login and the login works until I logout, but I just feel like I'm missing something as the object gets created each time, yet the validation of properties still works..
At the start of each page check to ensure that the numbers match and if they don't kick em out.
e.g $auth->rand = 123456 when they login and so does the session. however everytime they hit a new page $auth->rand seems to get reset.
I'll have a play around more but thanks for the reply
public function login($usr, $pwd)
{
// check the login credentials
// if all is well, populate()
}
public function validate()
{
// using the SESSION['userid'], validate the user
// if all is well, populate()
}
private method populate($userData)
{
// stuff your class properties and SESSION with $userData
}
