Adding a custom authentication module

From Achievo/ATK Wiki

There are a number of different security modules available in atk - you can find them atk/security. We can easily add another, for example I added one to authenticate against a REST service. They all extend the class auth_interface, so this is a good place to start.

To avoid having to upload your custom class in atk/security and potentially lose it when you upgrade ATK, you can place the authentication class in your own module. For example if we have a helloworld module that provides an additional authentication method, it would be in the file:

 modules/helloworld/security/class.auth_rest.inc

I implemented a custom authentication module using REST, and it looked a bit like this:

atkimport ('atk.security.auth_interface');
 
class auth_rest extends auth_interface
{
  var $m_rightscache = array();
 
  function validateUser($user, $passwd)
  {
    if ($user=="") return AUTH_UNVERIFIED; // can't verify if we have no userid
 
    $attr = < the attributes of the result of the call to the REST service >
    if($attr['status'] == 'ok') {
        return AUTH_SUCCESS;
    } elseif ($attr['status'] == 'error') {
        $error_attr = $xml->error->attributes();
        if($error_attr['code'] == 'LoginError') {
            return AUTH_UNVERIFIED;
        } elseif($error_attr['code'] == 'BlockedUserError') {
            return AUTH_LOCKED;
        }
 
    }
 
  }
 
  function canMd5()
  {
    return false;
  }
 
}

To use this class, the $config_authentication variable needs to be set to match the new class you made. To use the example above we can do:

  $config_authentication = "module.helloworld.security.auth_rest";

(Note, for authentication methods in the atk/security directory, it would suffice to say:

  $config_authentication = "rest";