服务器端的 CURL HTTP 身份验证
我正在使用 Zend 构建 Web 服务,我必须在向用户发送响应之前对其进行身份验证.用户将使用 curl 向服务器页面发送请求,并以 curl_setopt($curl, CURLOPT_USERPWD, 'key:pass');
I am building a web service with Zend and i have to authenticate the users before sending them response. The user will send a request to a server page, using curl, passing his credentials in the form of curl_setopt($curl, CURLOPT_USERPWD, 'key:pass');
我使用 Zend 框架,因此服务器端页面表示为:
Iam using Zend framework and so the server side page is denoted like:
http://www.example.com/app_name/public/controller/action/parameter
这里是用户请求的总代码(client.php):
Here is the total code for user's request (client.php):
<?php
$curl = curl_init('http://www.example.com/app/public/user/add/1');
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_USERPWD, 'username:password');
curl_setopt($curl, CURLOPT_HTTPAUTH, CURLAUTH_ANY);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($curl, CURLOPT_USERAGENT, 'Sample Code');
$response = curl_exec($curl);
$resultStatus = curl_getinfo($curl);
if($resultStatus['http_code'] == 200) {
echo $response;
} else {
echo 'Call Failed '.print_r($resultStatus);
}
?>
现在我想要的是,我必须能够在服务器端(在我的 Zend 控制器中)检索用户名和密码,以便我可以验证数据库中的用户凭据并相应地发送响应.那么如何在另一个页面中进行身份验证?
Now what i want is that, i must be able to retrieve the username and password at the server side (in my zend controller), so that i can verify the user credentials from database and send the response accordingly. So how can i do authentication in another page?
推荐答案
Zend Framework 有一个现成的组件来处理 HTTP 身份验证.
Zend Framework has a ready-made component for handling HTTP authentication.
在
- http://framework.zend.com/manual/en/zend.auth.adapter.http.html
如果你不想使用它,你仍然可以走老派"的方式,如
If you don't want to use that, you can still go the "old-school" way, as described in
- http://php.net/manual/en/features.http-auth.php
并手动检查 $_SERVER['PHP_AUTH_USER'] 和 $_SERVER['PHP_AUTH_PW']
相关文章