[phplib] session+auth vs user From: giancarlo pinerolo (giancarlo <email protected>)
Date: 08/29/01

It is interesting studying other app frameworks.
 phpGroupware
http://sourceforge.net/project/showfiles.php?group_id=7305

justs makes everything into session. It has a few
interchageable auth methods, included PHP_AUTH, POP3, LDAP, XMLRPC
(and pam?, I read it somewhere). They don't seem 'stackable'.
I read is in the works to offers services, eg the calendar, to
remotely logged in users/apps.

Most data is loaded/dumped to tables every time.
The persistance there (phplib's User), is a wrapper of auth, it seems,
that says it has to be cached. Haven't checked if the user portion of
the session data has different expiry, as in phplib.
All Session 'user' data can be encrypted with mcrypt

phpNuke approach, I think, is save everything in session, included
username and passwd, base64 encrypted. Dunno about expiration.

I am really wondering if the User stuff makes any sense. I am used to
it, an to have it separate, because it 'lasts' differently than
session,
in the end makes it simpler by design...
Does it makes sense to have different expiries per app? To me yes.
I'd rather think of multiple 'XXX_User' recs, with the same key,
that could be merged in any case.

Do you have any opinion on auth/user/perm redesign?

- Gian

here is the apps_loader function of phpgroupware, to give an idea.

...... phpgroupware .........

   
/*************************************************************************\
    * Functions for appsession data and session
cache *
   
\*************************************************************************/
    function read_repositories()
    {
      global $phpgw, $phpgw_info;
      $phpgw->acl->acl($this->account_id);
      $phpgw->accounts->accounts($this->account_id);
      $phpgw->preferences->preferences($this->account_id);
      $phpgw->applications->applications($this->account_id);

      $this->user = $phpgw->accounts->read_repository();
      $this->user['acl'] = $phpgw->acl->read_repository();
      $this->user['preferences'] =
$phpgw->preferences->read_repository();
      $this->user['apps'] =
$phpgw->applications->read_repository();
      // <email protected>($this->data['user']['apps']);

      $this->user['domain'] = $this->account_domain;
      $this->user['sessionid'] = $this->sessionid;
      $this->user['kp3'] = $this->kp3;
      $this->user['session_ip'] = $this->getuser_ip();
      $this->user['session_lid'] =
$this->account_lid.'@'.$this->account_domain;
      $this->user['account_id'] = $this->account_id;
      $this->user['account_lid'] = $this->account_lid;
      $this->user['userid'] = $this->account_lid;
      $this->user['passwd'] = $this->passwd;
      $this->hooks = $phpgw->hooks->read();
    } 

-- 
Abbestellen mit Mail an:   phplib-unsubscribe <email protected>
Kommandoliste mit Mail an: phplib-help <email protected>