From: Florent Bruneau <florent.bruneau@polytechnique.org>
Date: Sun, 27 Jul 2008 15:47:07 +0000 (+0200)
Subject: Add tokenAuth capability in PlSession.
X-Git-Tag: core/1.0.0~51
X-Git-Url: http://git.polytechnique.org/?a=commitdiff_plain;h=8bdb07ee8944d8ef3d37b733477834a64a897aa6;p=platal.git

Add tokenAuth capability in PlSession.

This is a new abstract method to implement. It manages 'RSS' auth based on a
user specific token. It returns a User object (as for checkAuth).

Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
---

diff --git a/classes/plsession.php b/classes/plsession.php
index b1ddcd8..f576f65 100644
--- a/classes/plsession.php
+++ b/classes/plsession.php
@@ -159,6 +159,17 @@ abstract class PlSession
      */
     abstract protected function startSessionAs($user, $level);
 
+    /** Check authentication with the given token.
+     *
+     * Token authentication is a light-weight authentication based on a user-specific token.
+     * This can be used for protocols that requires a 'cookie'-free authentication, such as
+     * RSS, iCal registration...
+     *
+     * This function returns a valid user object if authentication is successful, or null if
+     * token mismatch.
+     */
+    abstract public function tokenAuth($login, $token);
+
 
     /*** SUID management ***/