0
Using httpAuthFilter you can add a single-user application-wide HTTP authentication. Here's how it works:
all:
auth:
Realm: Password required
username: MyUsername
password: MyPassword
/apps/myApp/config/filters.yml (add after security filter):
httpAuthFilter:
Class: HttpAuthFilter
/apps/myApp/lib/filters/httpAuthFilter.class.php:
<?php
class httpAuthFilter extends sfFilter
{
public function execute($filterChain)
{
if($this->isFirstCall()) {
if(!isset($_SERVER['PHP_AUTH_USER']) or
($_SERVER['PHP_AUTH_USER'] == sfConfig::get('app_auth_username') && $_SERVER['PHP_AUTH_PW'] == sfConfig::get('app_auth_password')) == false) {
$this->sendHttpAuthHeaders();
}
}
$filterChain->execute();
}
public function sendHttpAuthHeaders()
{
header('WWW-Authenticate: Basic realm="' . SfConfig::get('app_auth_realm') . '"');
header('HTTP/1.0 401 Unauthorized');
exit();
}
}
all:
auth:
Realm: Password required
username: MyUsername
password: MyPassword
/apps/myApp/config/filters.yml (add after security filter):
httpAuthFilter:
Class: HttpAuthFilter
/apps/myApp/lib/filters/httpAuthFilter.class.php:
<?php
class httpAuthFilter extends sfFilter
{
public function execute($filterChain)
{
if($this->isFirstCall()) {
if(!isset($_SERVER['PHP_AUTH_USER']) or
($_SERVER['PHP_AUTH_USER'] == sfConfig::get('app_auth_username') && $_SERVER['PHP_AUTH_PW'] == sfConfig::get('app_auth_password')) == false) {
$this->sendHttpAuthHeaders();
}
}
$filterChain->execute();
}
public function sendHttpAuthHeaders()
{
header('WWW-Authenticate: Basic realm="' . SfConfig::get('app_auth_realm') . '"');
header('HTTP/1.0 401 Unauthorized');
exit();
}
}