Skip to content

appflower/afGuardPlugin

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

69 Commits
config
config
 
 
lib
lib
 
 
modules
modules
 
 
templates
templates
 
 
README
README
 
 

Repository files navigation

afGuard plugin
==============

This plugin was born from sfGuardPlugin.
It is modified to be compatible for applications using AppFlowerPlugin.

What you need to use it ?

Your symfony application should have AppFlowerPlugin already installed.
Next you should install afGuardPlugin in your project - you can just copy its
files or clone git repository from github git://github.com/appflower/afGuardPlugin.git

As always you should rebuild model and sql, running:
./symfony propel:build-model
./symfony propel:build-sql
./symfony cc

Now you should initiate proper database structure with (thiw will delete all your data:O):
./symfony propel:insert-sql

This will drop and re-create all your tables. If you don't want to do that, you may also 
paste the SQL into Studio's DB Query tool and execute the query.

Change settings.yml like:
all:
  .settings:
    .enabled_modules: [default, ..., afGuardAuth]
  .actions:
    login_module: afGuardAuth
    login_action: signin
    secure_module: afGuardAuth
    secure_action: insufficientCredentials

Copy the following files from the Plugin dir to your appllication:

config/pages/security.xml to apps/frontend/config/pages/security.xml
modules/pages/actions/securityAction.class.php to apps/frontend/modules/pages/actions

Make sure that you ProjectConfiguration class implements AppFlowerApplication interface correctly.
If you use Propel 1.6 you can do it by adding following method to configuration class:
   function getAppFlowerUserQuery()
   {
      return afGuardUserQuery::create();
   }

Change you apps/frontend/lib/myUser.class.php to extend afGuardSecurityUser instead of sfBasicSecurityUser

You should also change implementation of AppFlowerSecurityUser interface. Since
you have already installed AppFlowerPlugin before you probably have myUser::getAppflowerUser() method like below:

    public function getAppFlowerUser()
    {
        return new AppFlowerAnonymousUser;
    }

You should change it to:

    public function getAppFlowerUser()
    {
        $guardUser = $this->getGuardUser();
        if ($guardUser) {
            return $guardUser;
        } else {
            return new AppFlowerAnonymousUser;
        }
    }


You should also enable (in settings.yml) more modules like: afGuardUser, afGuardGroup to manage users and groups through AF interface.
all:
  .settings:
    .enabled_modules: [defaul, ..., afGuardAuth, afGuardUser, afGuardGroup, afGuardPermission]

After this you can access them using url: http://yourapp/#/afGuardUser/list

If you want to use "remember me" functionality change security filer in your apps/frontend/config/filters.yml:
security:
  class: afGuardBasicSecurityFilter

That's it. Now it's time enable the security layer and secure your application.
You probably want to have default 404 page not secured so users won't have to log in to see 404 page.

You should load up your app and open:

http://yourapp/#/pages/security

This is the security dashboard, which allows you to manage permissions, users and groups. You should create at least one user (admin).

Detailed usage instructions can be found here:

http://www.appflower.com/cms/practical_users

This will secure your application, you'll have to login from now on to access it.

Another feature you might want to use is captcha.
You just need to install sfCaptchaPlugin (from AppFlower repository). After this when user fails to log in few times - captcha files will be added to login form to protect against brute force login attacks.
Captcha feature is using APC

About

AppFlower port of sfGuardPlugin

Resources

Readme
Activity
Custom properties

Stars

2 stars

Watchers

8 watching

Forks

2 forks
Report repository

Releases

2 tags

Packages

No packages published

Contributors 7

Languages