New UserInterface

Author: ezimuel

docs/book/v1/intro.md

@@ -23,17 +23,30 @@ interface UserInterface
 {
     /**
      * Get the unique user identity (id, username, email address or ...)
-     *
-     * @return string
      */
-    public function getIdentity(): string;
+    public function getIdentity() : string;
+
+    /**
+     * Set the user identity
+     */
+    public function setIdentity(string $identity) : void
+    {
+        $this->identity = $identity;
+    }
 
     /**
      * Get all user roles
      *
      * @return string[]
      */
-    public function getUserRoles() : array;
+    public function getRoles() : array;
+
+    /**
+     * Set the user's roles
+     *
+     * @param string[] $roles
+     */
+    public function setRoles(array $roles) : void;
 }
 ```
 
@@ -42,6 +55,33 @@ if a user has been authenticated or not, e.g. it can be used to verify the
 authorization level of a user (for this scope, it is consumed by
 [zend-expressive-authorization](https://github.com/zendframework/zend-expressive-authorization)).
 
+## Default User class
+
+We provided a default user class, implemented by `Zend\Authentication\DefaultUser`.
+This class is a basic implementation of `UserInterface`. This default class
+can be changed by configuration, using the service alias `Zend\Authentication\UserInterface`.
+By default, the alias points to `DefaultUser` in the ConfigProvider class.
+
+```php
+// src/ConfigProvider.php
+    // ...
+    public function getDependencies() : array
+    {
+        return [
+            // ...
+            'aliases' => [
+                // ...
+                UserInterface::class => DefaultUser::class
+            ]
+        ];
+    }
+    // ...
+```
+
+You can change it using a custom `UserInterface` implementation or extending
+the `DefaultUser` class if you will.
+
+
 ## Usage in the route
 
 The `AuthenticationMiddleware` can be used to authenticate a route. You just
@@ -75,26 +115,18 @@ Basic Access Authentication* adapter and the *htpasswd* file as the user
 repository.
 
 ```php
-// ConfigProvider.php
-
-use Zend\Expressive\Authentication\AuthenticationInterface;
-use Zend\Expressive\Authentication\UserRepositoryInterface;
-
-class ConfigProvider
-{
+// src/ConfigProvider.php
     // ...
-
     public function getDependencies() : array
     {
         return [
+            // ...
             'aliases' => [
+                // ...
                 AuthenticationInterface::class => Basic\BasicAccess::class,
                 UserRepositoryInterface::class => UserRepository\Htpasswd::class
-            ],
-            // ...
+            ]
         ];
     }
-
     // ...
-}
 ```

src/ConfigProvider.php

@@ -25,7 +25,8 @@ public function __invoke() : array
     public function getAuthenticationConfig() : array
     {
         return [
-            /* Values will depend on user repository and/or adapter.
+            /*
+             * Values will depend on user repository and/or adapter.
              *
              * Example: using htpasswd UserRepositoryInterface implementation:
              *
@@ -58,11 +59,15 @@ public function getDependencies() : array
                 // AuthenticationInterface::class => Basic\BasicAccess::class,
                 // Provide an alias for the UserRepository adapter based on your application needs.
                 // UserRepositoryInterface::class => UserRepository\Htpasswd::class
+                UserInterface::class => DefaultUser::class
             ],
             'factories' => [
                 AuthenticationMiddleware::class => AuthenticationMiddlewareFactory::class,
                 UserRepository\Htpasswd::class => UserRepository\HtpasswdFactory::class,
                 UserRepository\PdoDatabase::class => UserRepository\PdoDatabaseFactory::class
+            ],
+            'invokables' => [
+                DefaultUser::class => DefaultUser::class
             ]
         ];
     }

src/DefaultUser.php

@@ -0,0 +1,37 @@
+<?php
+/**
+ * @see       https://github.com/zendframework/zend-expressive-authentication for the canonical source repository
+ * @copyright Copyright (c) 2017 Zend Technologies USA Inc. (https://www.zend.com)
+ * @license   https://github.com/zendframework/zend-expressive-authentication/blob/master/LICENSE.md New BSD License
+ */
+
+declare(strict_types=1);
+
+namespace Zend\Expressive\Authentication;
+
+class DefaultUser implements UserInterface
+{
+    protected $identity;
+
+    protected $roles = [];
+
+    public function setIdentity(string $identity) : void
+    {
+        $this->identity = $identity;
+    }
+
+    public function getIdentity() : string
+    {
+        return $this->identity;
+    }
+
+    public function setRoles(array $roles) : void
+    {
+        $this->roles = $roles;
+    }
+
+    public function getRoles() : array
+    {
+        return $this->roles;
+    }
+}

src/UserInterface.php

@@ -11,15 +11,25 @@
 
 interface UserInterface
 {
+    /**
+     * Set the user's identity
+     */
+    public function setIdentity(string $identity) : void;
+
     /**
      * Get the unique user identity (id, username, email address or ...)
      */
     public function getIdentity() : string;
 
+    /**
+     * Set the user's roles
+     */
+    public function setRoles(array $roles) : void;
+
     /**
      * Get all user roles
      *
      * @return string[]
      */
-    public function getUserRoles() : array;
+    public function getRoles() : array;
 }

src/UserRepository/Htpasswd.php

@@ -20,17 +20,20 @@
  */
 class Htpasswd implements UserRepositoryInterface
 {
-    use UserTrait;
-
     /**
      * @var string
      */
     private $filename;
 
+    /**
+     * @var UserInterface
+     */
+    private $user;
+
     /**
      * @throws Exception\InvalidConfigException
      */
-    public function __construct(string $filename)
+    public function __construct(string $filename, UserInterface $user)
     {
         if (! file_exists($filename)) {
             throw new Exception\InvalidConfigException(sprintf(
@@ -39,6 +42,7 @@ public function __construct(string $filename)
             ));
         }
         $this->filename = $filename;
+        $this->user = $user;
     }
 
     /**
@@ -61,10 +65,12 @@ public function authenticate(string $credential, string $password = null) : ?Use
         }
         fclose($handle);
 
-        return $found
-            && password_verify($password === null ? '' : $password, $hash)
-                ? $this->generateUser($credential)
-                : null;
+        if ($found && password_verify($password === null ? '' : $password, $hash)) {
+            $this->user->setIdentity($credential);
+            $this->user->setRoles($this->getRolesFromUser($credential));
+            return $this->user;
+        }
+        return null;
     }
 
     /**

src/UserRepository/HtpasswdFactory.php

@@ -11,6 +11,7 @@
 
 use Psr\Container\ContainerInterface;
 use Zend\Expressive\Authentication\Exception;
+use Zend\Expressive\Authentication\UserInterface;
 
 class HtpasswdFactory
 {
@@ -26,7 +27,9 @@ public function __invoke(ContainerInterface $container) : Htpasswd
                 Htpasswd::class
             ));
         }
-
-        return new Htpasswd($htpasswd);
+        return new Htpasswd(
+            $htpasswd,
+            $container->get(UserInterface::class)
+        );
     }
 }

src/UserRepository/PdoDatabase.php

@@ -21,8 +21,6 @@
  */
 class PdoDatabase implements UserRepositoryInterface
 {
-    use UserTrait;
-
     /**
      * @var PDO
      */
@@ -33,10 +31,16 @@ class PdoDatabase implements UserRepositoryInterface
      */
     private $config;
 
-    public function __construct(PDO $pdo, array $config)
+    /**
+     * @var UserInterface
+     */
+    private $user;
+
+    public function __construct(PDO $pdo, array $config, UserInterface $user)
     {
         $this->pdo = $pdo;
         $this->config = $config;
+        $this->user = $user;
     }
 
     /**
@@ -66,9 +70,12 @@ public function authenticate(string $credential, string $password = null) : ?Use
             return null;
         }
 
-        return password_verify($password, $result->{$this->config['field']['password']})
-            ? $this->generateUser($credential, $this->getRolesFromUser($credential))
-            : null;
+        if (password_verify($password, $result->{$this->config['field']['password']})) {
+            $this->user->setIdentity($credential);
+            $this->user->setRoles($this->getRolesFromUser($credential));
+            return $this->user;
+        }
+        return null;
     }
 
     /**

src/UserRepository/PdoDatabaseFactory.php

@@ -12,6 +12,7 @@
 use PDO;
 use Psr\Container\ContainerInterface;
 use Zend\Expressive\Authentication\Exception;
+use Zend\Expressive\Authentication\UserInterface;
 
 class PdoDatabaseFactory
 {
@@ -52,7 +53,8 @@ public function __invoke(ContainerInterface $container) : PdoDatabase
                 $pdo['username'] ?? null,
                 $pdo['password'] ?? null
             ),
-            $pdo
+            $pdo,
+            $container->get(UserInterface::class)
         );
     }
 }