composer.json dev

README.md

@@ -14,7 +14,8 @@ PwsServer is a web application skeleton in silex2 managing web services through
 
 ### Install
 
-The package can be installed using [ Composer ](https://getcomposer.org/).
+The package can be installed using [ Composer ](https://getcomposer.org/).  
+
 ```
 composer require meta-tech/pws-server
 ```
@@ -23,20 +24,23 @@ Or add the package to your `composer.json`.
 
 ```
 "require": {
-    "meta-tech/pws-server" : "~1.0"
+    "meta-tech/pws-server" : "^1.0"
 }
 ```
 
-## Usage
+### Usage
 
-managing controllers & routing in application  
+see [ MetaTech\Silex\Provider\ControllerServiceProvider ](https://github.com/meta-tech/silex-controller-service) 
-cf [ MetaTech\Silex\Provider\ControllerServiceProvider ](https://github.com/meta-tech/silex-controller-service)
+to managing controllers & routing in application
 
 ```php
 namespace MetaTech\PwsServer;
 
 use MetaTech\Silex\Application as App;
 use MetaTech\Silex\Provider\ControllerServiceProvider as CtrlProvider;
+use MetaTech\Silex\Provider\UserProvider;
+use MetaTech\Db\PdoWrapper;
+use MetaTech\Db\Profile;
 use MetaTech\PwsAuth\Authenticator;
 use MetaTech\PwsServer\Ctrl\Test;
 use MetaTech\PwsServer\Ctrl\WebService;
@@ -44,22 +48,20 @@ use MetaTech\PwsServer\Ctrl\OtherWebService;
 
 class Application extends App
 {
-    /*!
-     * @method      setServices
-     * @protected
-     */
     protected function setServices()
     {
         $app = $this;
         $app['ws.authenticator'] = function ($app) {
             return new Authenticator($app['config']['pwsauth']);
         };
+        $app['pdo'] = function ($app) {
+            return new PdoWrapper(new Profile($app['config']['db']['default']));
+        };
+        $app['user.provider'] = function ($app) {
+            return new UserProvider($app['pdo']);
+        };
     }
 
-    /*!
-     * @method      routingDefinition
-     * @protected
-     */
     protected function routingDefinition()
     {
         $this->register(new CtrlProvider(Test::class           , [$this], '/'));
@@ -72,11 +74,9 @@ class Application extends App
 Controller example :
 
 ```php
-<?php
-
 use Silex\ControllerCollection;
 use Symfony\Component\HttpFoundation\Request;
-use MetaTech\Silex\Ws\Controller;
+use MetaTech\PwsServer\Ws\Controller;
 
 class WebService extends Controller
 {
@@ -99,10 +99,70 @@ class WebService extends Controller
 }
 ```
 
-Authentication mecanism is already provided by the `MetaTech\Silex\Ws\Controller`  parent class
+`pwsAuth` Authentication mecanism is already provided by the `MetaTech\Silex\Ws\Controller`  parent class
-& the `MetaTech\Silex\Ws\Authentication` handler (in meta-tech/silex-core package)
+& the `MetaTech\Silex\Ws\Authentication` handler (in [ meta-tech/silex-core](https://github.com/meta-tech/silex-core) package)
 
-See OtherWebService to see another controller and deep routes inside rooting /ws entry point
+Check `OtherWebService` to see another controller and deep routes inside rooting /ws entry point.
+The main différence consist in no calling the parent routing method, however the pwsauth authentication
+still be active.
+
+The project now implement the `checkUser` method via a `userProvider`  
+It use a `MetaTech\Silex\Ws\Authentication` and `MetaTech\Silex\Ws\Controller` subclasses :
+
+```php
+namespace MetaTech\PwsServer\Ws;
+
+use Symfony\Component\HttpFoundation\Session\Session;
+use Symfony\Component\Security\Core\Encoder\PasswordEncoderInterface;
+use MetaTech\PwsAuth\Authenticator;
+use MetaTech\Silex\Ws\Authentication as BaseAuthentication;
+use MetaTech\Silex\Provider\UserProvider;
+
+class Authentication extends BaseAuthentication
+{
+    protected $userProvider;
+
+    public function __construct(Session $session, Authenticator $authenticator, PasswordEncoderInterface $passEncoder = null, UserProvider $userProvider)
+    {
+        parent::__construct($session, $authenticator, $passEncoder);
+        $this->userProvider = $userProvider;
+    }
+
+    public function checkUser($login, $password, $key, PasswordEncoderInterface $passEncoder = null)
+    {
+        $done = false;
+        try {
+            if (!is_null($passEncoder)) {
+                $user = $this->userProvider->loadUserByUsername($login);
+                $salt = $this->authenticator->getUserSalt($login);
+                $done = $user->key == $key && $passEncoder->encodePassword($password, $salt) == $user->getPassword();
+            }
+        }
+        catch(\Exception $e) {
+            //~ var_dump($e->getTraceAsString());
+        }
+        return $done;
+    }
+}
+```
+the controller :
+
+```php
+namespace MetaTech\PwsServer\Ws;
+
+use Silex\Application;
+use MetaTech\Silex\Ws\Controller as BaseController;
+use MetaTech\PwsServer\Ws\Authentication;
+
+class Controller extends BaseController
+{
+    public function __construct(Application $app = null)
+    {
+        $this->session = $app['session'];
+        $this->handler = new Authentication($this->session, $app['ws.authenticator'], $app['security.encoder.pbkdf2'], $app['user.provider']);
+    }
+}
+```
 
 
 ### Test uris :
@@ -119,11 +179,6 @@ access through pws-client :
 * servername/ws/isauth
 
 
-### @todo
-
-subclassing `MetaTech\Silex\Ws\Authentication` to give checkUser db implementation example
-
-
 ### License
 
 The project is released under the MIT license, see the LICENSE file.

composer.json

@@ -17,6 +17,6 @@
         }
     },
     "require": {
-        "meta-tech/silex-core" : "~1.0"
+        "meta-tech/silex-core" : "@dev"
     }
 }

config/db.yml

@@ -0,0 +1,7 @@
+default :
+    driver   : pdo_mysql
+    host     : db
+    dbname   : pwsserver
+    user     : dev
+    password : mysql
+    charset  : utf8

config/security.yml

@@ -0,0 +1,12 @@
+security.firewalls  :
+    dev:
+        pattern: ^/(_(profiler|wdt)|css|images|js)/
+        security: false
+
+    main:
+        pattern: ^/ws
+        anonymous: true
+
+security.params     :
+    sleep               : 3
+

schema/170315-init-users.sql

@@ -0,0 +1,13 @@
+CREATE TABLE `users` (
+  `id` smallint(4) unsigned NOT NULL AUTO_INCREMENT,
+  `name` varchar(30) NOT NULL,
+  `username` varchar(32) NOT NULL,
+  `password` varchar(255) NOT NULL,
+  `key` varchar(255) DEFAULT NULL,
+  `roles` varchar(255) NOT NULL,
+  PRIMARY KEY (`id`),
+  UNIQUE KEY `UNIQ_6E736E72F85E0677` (`username`)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8 AUTO_INCREMENT=1;
+
+-- user dev : foo
+INSERT INTO `users` (`id`, `name`, `username`, `password`, `key`, `roles`) VALUES ('', 'Meta-Tech', 'dev', 'EZJ4em8bQ409UiPU+LpfJ5IWpiTkT2lSzMkVEl3IP5A0TDRV+RZS1Q==', 'ed830045da9861d29c46f36b4f4b1a4d4b223408667c52428370e51b615e8769', 'ROLE_ADMIN');

src/MetaTech/PwsServer/Application.php

@@ -11,6 +11,9 @@ namespace MetaTech\PwsServer;
 
 use MetaTech\Silex\Application as App;
 use MetaTech\Silex\Provider\ControllerServiceProvider as CtrlProvider;
+use MetaTech\Silex\Provider\UserProvider;
+use MetaTech\Db\PdoWrapper;
+use MetaTech\Db\Profile;
 use MetaTech\PwsAuth\Authenticator;
 use MetaTech\PwsServer\Ctrl\Test;
 use MetaTech\PwsServer\Ctrl\WebService;
@@ -35,6 +38,12 @@ class Application extends App
         $app['ws.authenticator'] = function ($app) {
             return new Authenticator($app['config']['pwsauth']);
         };
+        $app['pdo'] = function ($app) {
+            return new PdoWrapper(new Profile($app['config']['db']['default']));
+        };
+        $app['user.provider'] = function ($app) {
+            return new UserProvider($app['pdo']);
+        };
     }
 
     /*!

src/MetaTech/PwsServer/Ctrl/OtherWebService.php

@@ -12,7 +12,7 @@ namespace MetaTech\PwsServer\Ctrl;
 use Silex\Application;
 use Silex\ControllerCollection;
 use Symfony\Component\HttpFoundation\Request;
-use MetaTech\Silex\Ws\Controller;
+use MetaTech\PwsServer\Ws\Controller;
 /*!
  * @package     MetaTech\PwsServer\Ctrl
  * @class       OtherWebService

src/MetaTech/PwsServer/Ctrl/WebService.php

@@ -12,7 +12,7 @@ namespace MetaTech\PwsServer\Ctrl;
 use Silex\Application;
 use Silex\ControllerCollection;
 use Symfony\Component\HttpFoundation\Request;
-use MetaTech\Silex\Ws\Controller;
+use MetaTech\PwsServer\Ws\Controller;
 
 /*!
  * @package     MetaTech\PwsServer\Ctrl

src/MetaTech/PwsServer/Ws/Authentication.php

@@ -0,0 +1,68 @@
+<?php
+/*
+ * This file is part of the silex-core package.
+ *
+ * (c) meta-tech.academy
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+namespace MetaTech\PwsServer\Ws;
+
+use Symfony\Component\HttpFoundation\Session\Session;
+use Symfony\Component\HttpFoundation\JsonResponse;
+use Symfony\Component\Security\Core\Encoder\PasswordEncoderInterface;
+use MetaTech\PwsAuth\Authenticator;
+use MetaTech\Silex\Ws\Authentication as BaseAuthentication;
+use MetaTech\Silex\Provider\UserProvider;
+
+/*!
+ * @package     MetaTech\PwsServer\Ws
+ * @class       Authentication
+ * @author      a-Sansara
+ * @date        2017-03-15 10:42:42 CET
+ */
+class Authentication extends BaseAuthentication
+{
+    /*! @protected @®ar MetaTech\PwsAuth\Authenticator $authenticator */
+    protected $userProvider;
+
+    /*!
+     * @constructor
+     * @public
+     * @param       Symfony\Component\HttpFoundation\Session\Session                    $session
+     * @param       MetaTech\PwsAuth\Authenticator                                      $authenticator
+     * @param       Symfony\Component\Security\Core\Encoder\PasswordEncoderInterface    $passEncoder
+     * @param       MetaTech\Silex\Provider\UserProvider                                $userProvider
+     */
+    public function __construct(Session $session, Authenticator $authenticator, PasswordEncoderInterface $passEncoder = null, UserProvider $userProvider)
+    {
+        parent::__construct($session, $authenticator, $passEncoder);
+        $this->userProvider = $userProvider;
+    }
+
+    /*!
+     * @method      checkUser
+     * @public
+     * @param       str                                                                 $login
+     * @param       str                                                                 $password
+     * @param       str                                                                 $key
+     * @param       Symfony\Component\Security\Core\Encoder\PasswordEncoderInterface    $passEncoder
+     * @return      bool
+     */
+    public function checkUser($login, $password, $key, PasswordEncoderInterface $passEncoder = null)
+    {
+        $done = false;
+        try {
+            if (!is_null($passEncoder)) {
+                $user = $this->userProvider->loadUserByUsername($login);
+                $salt = $this->authenticator->getUserSalt($login);
+                $done = $user->key == $key && $passEncoder->encodePassword($password, $salt) == $user->getPassword();
+            }
+        }
+        catch(\Exception $e) {
+            //~ var_dump($e->getTraceAsString());
+        }
+        return $done;
+    }
+}

src/MetaTech/PwsServer/Ws/Controller.php

@@ -0,0 +1,37 @@
+<?php
+/*
+ * This file is part of the pws-server package.
+ *
+ * (c) meta-tech.academy
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+namespace MetaTech\PwsServer\Ws;
+
+use Silex\Application;
+use Silex\ControllerCollection;
+use Symfony\Component\HttpFoundation\Request;
+use MetaTech\Silex\Ws\Controller as BaseController;
+use MetaTech\PwsServer\Ws\Authentication;
+
+/*!
+ * @package     MetaTech\PwsServer\Ctrl
+ * @class       Controller
+ * @extends     MetaTech\Silex\Ws\Controller
+ * @author      a-Sansara
+ * @date        2017-03-15 10:41:57 CET
+ */
+class Controller extends BaseController
+{
+    /*!
+     * @constrcutor
+     * @public
+     * @param       Silex\Application   $app
+     */
+    public function __construct(Application $app = null)
+    {
+        $this->session = $app['session'];
+        $this->handler = new Authentication($this->session, $app['ws.authenticator'], $app['security.encoder.pbkdf2'], $app['user.provider']);
+    }
+}