Login workflow and example for Expressive 3

MichaelB · May 29, 2018, 1:45pm

Hi,

I started a new project with Expressive 3. I need authentication with a login page, users in a database, … basic things at this time.

I found only one example of login process that @samsonasik made (https://samsonasik.wordpress.com/2018/01/12/create-login-functionality-in-expressive-3/) but i cannot apply all to expressive 3 final version.

It use things like that in handle… $response = $handler->handle($request);

Is someone can explain me the flow or have a up to date example that work with the current expressive version?

Thanks!

samsonasik · May 29, 2018, 3:52pm

I’ve updated the post to use latest compatible expressive components.

MichaelB · May 30, 2018, 6:53am

Thanks for your update @samsonasik ! But i still have problem (password_verify in UserRepository /PdoDatabase line 68 return false) and have a question for you…

In the table “users” the password is hashed, so when a user try login, enter his username and password (raw) in the form…

Where is the treatment for “hashing” the password entered to be compared with the hash in the database?

Thanks!

froschdesign · May 30, 2018, 7:07am

In the user repository Zend\Expressive\Authentication\UserRepository\PdoDatabase:

github.com

zendframework/zend-expressive-authentication/blob/master/src/UserRepository/PdoDatabase.php#L85


      
                  );
              }
              $stmt->bindParam(':identity', $credential);
              $stmt->execute();
          
              $result = $stmt->fetchObject();
              if (! $result) {
                  return null;
              }
          
              if (password_verify($password ?? '', $result->{$this->config['field']['password']} ?? '')) {
                  return ($this->userFactory)(
                      $credential,
                      $this->getUserRoles($credential),
                      $this->getUserDetails($credential)
                  );
              }
              return null;
          }
          
          /**

See also: PHP: password_verify - Manual

MichaelB · May 30, 2018, 7:30am

My mistake… i didn’t understood well the password_verify function… i thought it compare only value…
I just created a new hash with password_hash(), add in database and now all is fine for this step!

Thanks @samsonasik and @froschdesign!

samsonasik · December 27, 2018, 12:59pm

I updated my zend expressive blog posts about authentication and authorization with latest zend-expressive-authentication/authorization ^1.0 compatible components:

Laxman_Thapa · February 11, 2019, 9:31pm

Hi, I am following https://samsonasik.wordpress.com/2018/01/12/create-login-functionality-in-expressive-3/ for authentication. however I got Zend \ ServiceManager \ Exception \ ServiceNotCreatedException (2054) Service with name "Zend\Expressive\Authentication\UserRepository\PdoDatabase" could not be created. Reason: SQLSTATE[HY000] [2054] The server requested authentication method unknown to the client
screnshot:
http://prntscr.com/mfxmkl

samsonasik · February 16, 2019, 12:43pm

That seems related to your database settings, see PHP with MySQL 8.0+ error: The server requested authentication method unknown to the client - Stack Overflow

Topic		Replies	Views
Zend Expressive Authentication with doctrine Mezzio expressive , authentication	4	1270	January 3, 2022
Expressive Zend-Authentication Module and Expressive Authorization Module Usage example with expressive skeleton Mezzio expressive	10	2469	January 13, 2018
How to add 2FA in the authentication process of Expressive app? Mezzio authentication	3	1804	December 17, 2019
Zend expressive 3 + OAuth2 Server + Authentication Mezzio expressive , authentication	2	1279	April 15, 2019
Session injection via constructor Mezzio expressive , session	6	1759	October 16, 2017

Login workflow and example for Expressive 3

Related Topics