PHPackages                             tobias/zend-authentication-doctrine - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Authentication &amp; Authorization](/categories/authentication)
4. /
5. tobias/zend-authentication-doctrine

ActiveLibrary[Authentication &amp; Authorization](/categories/authentication)

tobias/zend-authentication-doctrine
===================================

Use Zend\\Authentication with Doctrine

08PHP

Since Jul 3Pushed 6y agoCompare

[ Source](https://github.com/tobias-trozowski/zend-authentication-doctrine)[ Packagist](https://packagist.org/packages/tobias/zend-authentication-doctrine)[ RSS](/packages/tobias-zend-authentication-doctrine/feed)WikiDiscussions master Synced yesterday

READMEChangelogDependenciesVersions (1)Used By (0)

Zend Authentication Doctrine
============================

[](#zend-authentication-doctrine)

[![Build Status](https://camo.githubusercontent.com/cd1ee82fa1008ac804ce3085526473752161616990034c8d35f0566dc6f722bd/68747470733a2f2f7472617669732d63692e636f6d2f746f626961732d74726f7a6f77736b692f7a656e642d61757468656e7469636174696f6e2d646f637472696e652e737667)](https://travis-ci.com/tobias-trozowski/zend-authentication-doctrine)

Inspired and based on the famous [DoctrineModule](https://github.com/doctrine/DoctrineModule).

Authentication through Doctrine is fully supported by this package through an authentication adapter, and a specific storage implementation that relies on the database. Most of the time, those classes will be used in conjunction with `Zend\Authentication\AuthenticationService` class.

### Simple example

[](#simple-example)

In order to authenticate a user (or anything else) against Doctrine, the following workflow is used:

1. Set configuration that contains options about the entity that is authenticated (credential property, identity property…). It is not necessary to create a separate authentication adapter, this will be automatically created by this package based on the defined configuration.
2. Create a storage adapter. If the authentication succeeds, the identifier of the entity will be automatically stored in session.
3. Create a `Zend\Authentication\AuthenticationService`instance that contains both the authentication adapter and the storage adapter.

#### Authentication factory

[](#authentication-factory)

The first task is to configure the Authentication by adding the `authentication` key to the `doctrine` key in your config file (we assume here that the entity we want to authentication is simply called `Application\Entity\User`):

```
// in your module.config.php:

return [
    'doctrine' => [
        'authentication' => [
            'orm_default' => [
                'object_manager' => 'Doctrine\ORM\EntityManager',
                'identity_class' => 'Application\Entity\User',
                'identity_property' => 'email',
                'credential_property' => 'password',
            ],
        ],
    ],
];
```

Here are some explanations about the keys:

- the `object_manager` key can either be a concrete instance of a `Doctrine\Common\Persistence\ObjectManager` or a single string that will fetched from the Service Manager in order to get a concrete instance. If you are using DoctrineORMModule, you can simply write 'Doctrine\\ORM\\EntityManager' (as the EntityManager implements the class `Doctrine\Common\Persistence\ObjectManager`).
- the `identity_class` contains the FQCN of the entity that will be used during the authentication process.
- the `identity_property` contains the name of the property that will be used as the identity property (most often, this is email, username…). Please note that we are talking here of the PROPERTY, not the table column name (although it can be the same in most of the cases).
- the `credential_property` contains the name of the property that will be used as the credential property (most often, this is password…).

The authentication accept some more options that can be used :

- the `object_repository` can be used instead of the `object_manager` key. Most of the time you won't deal with the one, as specifying the `identity_class` name will automatically fetch the `object_repository` for you.
- the `credential_callable` is a very useful option that allow you to perform some custom logic when checking if the credential is correct. For instance, if your password are encrypted using Bcrypt algorithm, you will need to perform specific logic. This option can be any callable function (closure, class method…). This function will be given the complete entity fetched from the database, and the credential that was given by the user during the authentication process.

Here is an example code that adds the `credential_callable` function to our previous example :

```
// in your module.config.php:

return [
    'doctrine' => [
        'authentication' => [
            'orm_default' => [
                'object_manager' => 'Doctrine\ORM\EntityManager',
                'identity_class' => 'Application\Entity\User',
                'identity_property' => 'email',
                'credential_property' => 'password',
                'credential_callable' => function (User $user, $passwordGiven) {
                    return my_awesome_check_test($user->getPassword(), $passwordGiven);
                },
            ],
        ],
    ],
];
```

Here is another example that uses a controller method as the *credential\_callable* callback. Note that the controller method must be declared *public static*.

```
// in your module.config.php:

return [
    'doctrine' => [
        'authentication' => [
            'orm_default' => [
                'object_manager' => 'Doctrine\ORM\EntityManager',
                'identity_class' => 'Application\Entity\User',
                'identity_property' => 'email',
                'credential_property' => 'password',
                'credential_callable' => 'Application\Controller\UserController::verifyCredential'
            ],
        ],
    ],
];

// in UserController.php

public static function verifyCredential(User $user, $inputPassword)
{
    return password_verify($inputPassword, $user->getPassword());
}
```

#### Creating the AuthenticationService

[](#creating-the-authenticationservice)

Now that we have configured the authentication, we still need to tell Zend Framework how to construct a correct `Zend\Authentication\AuthenticationService` instance. For this, add the following code in your Module.php class:

```
namespace Application;

use Zend\Authentication\AuthenticationService;

class Module
{
    public function getServiceConfig()
    {
        return [
            'factories' => [
                'Zend\Authentication\AuthenticationService' => function ($serviceManager) {
                    // If you are using DoctrineORMModule:
                    return $serviceManager->get('doctrine.authenticationservice.orm_default');

                    // If you are using DoctrineODMModule:
                    return $serviceManager->get('doctrine.authenticationservice.odm_default');
                },
            ],
        ];
    }
}
```

Please note that I am using here a `Zend\Authentication\AuthenticationService` name, but it can be anything else (`my_auth_service`…). However, using the name `Zend\Authentication\AuthenticationService` will allow it to be recognised by the ZF2 [Identity view helper](https://framework.zend.com/manual/2.4/en/modules/zend.view.helpers.identity.html).

In ZF3, you can inject the `Zend\Authentication\AuthenticationService` into your controller factories as in the example below:

```