You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: README.md
+62
Original file line number
Diff line number
Diff line change
@@ -148,6 +148,68 @@ class MyAuthorizer implements AuthorizerInterface, RequestAwareInterface
148
148
}
149
149
```
150
150
151
+
## Exception Aware Auhtorizers
152
+
153
+
Authorizers can be set to be exception aware. Such authorizers have `handleException()` method that should be called on authorization exception. This is useful if you need to handle error in a particular way (redirect user to an external SSO for example), or if you want to implement some extra measures of protections (like brute force login protection, as demonstrated below):
154
+
155
+
```php
156
+
<?php
157
+
158
+
namespace MyApp;
159
+
160
+
use ActiveCollab\Authentication\Authorizer\AuthorizerInterface;
161
+
use ActiveCollab\Authentication\Authorizer\ExceptionAware\ExceptionAwareInterface;
162
+
use Exception;
163
+
164
+
class InvalidPasswordException extends Exception
165
+
{
166
+
}
167
+
168
+
class MyAuthorizer implements AuthorizerInterface, ExceptionAwareInterface
169
+
{
170
+
/**
171
+
* {@inheritdoc}
172
+
*/
173
+
public function verifyCredentials(array $credentials)
174
+
{
175
+
if ($this->shouldCoolDown($credentials)) {
176
+
return null;
177
+
}
178
+
179
+
if ($this->checkUserPassword($credentials['password'])) {
180
+
// Proceed with auth
181
+
} else {
182
+
throw new InvalidPasswordException('Password not valid.');
183
+
}
184
+
}
185
+
186
+
/**
187
+
* {@inheritdoc}
188
+
*/
189
+
public function handleException(array $credentials, $error_or_exception)
190
+
{
191
+
if ($error_or_exception instanceof InvalidPasswordException) {
private function shouldCoolDown(array $credentials)
197
+
{
198
+
// Return true if incorrect password is entered multiple times, so user needs to wait before they can proceed.
199
+
}
200
+
201
+
private function logPasswordFailure(array $credentials, $error)
202
+
{
203
+
// Log
204
+
}
205
+
206
+
private function checkUserPassword(array $credentials)
207
+
{
208
+
// Check if user password is OK.
209
+
}
210
+
}
211
+
```
212
+
151
213
## Transports
152
214
153
215
During authentication and authorization steps, this library returns transport objects that encapsulate all auth elements that are relevant for the given step in the process:
0 commit comments