Skip to content

jeevan15498/Phalcon-Project-Demo

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

12 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Phalcon Project

https://github.com/jeevan15498/Phalcon-Project-Demo

Processing Topics

  • Bootstrap CSS framework use /layouts
  • include part of footer, header
  • ACL (get roles (admin, guest, user) from databases)
  • ajax post or get sample
  • 404 error for If controller or action not exits. (https://docs.phalcon.io/3.4/en/routing#not-found-paths)
  • multi-language support

Completed Topics

  • Bootstrap CSS framework use /layouts without use footer, header files

    User Types Routes Layout File
    Guest / app\views\layouts\guestLayout.volt
    User /admin app\views\layouts\userLayout.volt
    Admin /user app\views\layouts\adminLayout.volt
  • ACL (get roles (admin, guest, user) from databases)

    • https://docs.phalcon.io/3.4/en/tutorial-base#designing-a-sign-up-form
    • Design Login and Sign Up Template (User Role = 1, Admin Role = 2)
    • Create a new database in phpmyadmin phalcon-demo
    • Create a new database table users in the phalcon-demo database
      CREATE TABLE `users` (
      `id` int(11) NOT NULL AUTO_INCREMENT,
      `name` text NOT NULL,
      `email` text NOT NULL,
      `password` text NOT NULL,
      `role` text NOT NULL,
      `active` int(11) NOT NULL DEFAULT '0',
      `created` text NOT NULL,
      `updated` text NOT NULL,
      PRIMARY KEY (`id`)
      ) ENGINE=InnoDB AUTO_INCREMENT=0 DEFAULT CHARSET=latin1   
    • Set database in the phalcon app/config/config.php file
    • Create users model in phalcon shell 'phalcon create-model users --get-set --mapcolumn'
    • https://docs.phalcon.io/3.4/en/validation#validation
    • Update Validation Class Name in users model
    • Check Signup Form
    • Create Login Method in IndexController.php file
    • https://docs.phalconphp.com/en/3.3/session#start
  • Ajax post or get sample (API)

    • Firstly create a API Controller file using Phalcon DevTools: phalcon create-controller API

    • Read: https://docs.phalcon.io/3.4/en/routing#http-method-restrictions

    • Read: https://docs.phalcon.io/3.4/en/request

    • Read: https://docs.phalcon.io/3.4/en/response.html

    • Make API Controller

    • API Status Code

      Code Status Description
      200 OK The request was successfully completed.
      201 Created A new resource was successfully created.
      400 Bad Request The request was invalid.
      401 Unauthorized The request did not include an authentication token or the authentication token was expired.
      403 Forbidden The client did not have permission to access the requested resource.
      404 Not Found The requested resource was not found.
      405 Method Not Allowed The HTTP method in the request was not supported by the resource. For example, the DELETE method cannot be used with the Agent API.
      409 Conflict The request could not be completed due to a conflict. For example, POST ContentStore Folder API cannot complete if the given file or folder name already exists in the parent location.
      500 Internal Server Error The request was not completed due to an internal error on the server side.
      503 Service Unavailable The server was unavailable.
    • Test API on this Application https://insomnia.rest/

  • Putting the Access Control List in the Database - Step 1

    • Read: https://www.learnphalcon.com/post/show/9/putting-the-access-control-list-in-the-database---step-1
    • Create Four Database Tables
      1. dbrole
      CREATE TABLE `dbrole` (
          `role` varchar(40) NOT NULL,
          `description` varchar(160) NOT NULL,
          PRIMARY KEY (`role`)
      ) ENGINE=InnoDB DEFAULT CHARSET=latin1
      1. dbresource
      CREATE TABLE `dbresource` (
          `resource` varchar(40) NOT NULL,
          PRIMARY KEY (`resource`)
      ) ENGINE=InnoDB DEFAULT CHARSET=latin1
      1. dbaction
      CREATE TABLE `dbaction` (
          `resource` varchar(40) NOT NULL,
          `action` varchar(40) NOT NULL,
          PRIMARY KEY (`resource`,`action`)
      ) ENGINE=InnoDB DEFAULT CHARSET=latin1
      1. dbaccesscontrollist
      CREATE TABLE `dbaccesscontrollist` (
          `role` varchar(40) NOT NULL,
          `action` varchar(40) NOT NULL,
          `resource` varchar(40) NOT NULL,
          PRIMARY KEY (`role`,`action`,`resource`)
      ) ENGINE=InnoDB DEFAULT CHARSET=latin1
    • Insert User Role in the dbrole database table
    insert into dbrole values('Registered User', 'Registered User privileges, granted after sign in.');
    insert into dbrole values('Guest','Anyone browsing the site who is not signed in is considered to be a "Guest".');
    insert into dbrole values('Admin','Administrator - can do everything');
    • Create models for the dbrole, dbresource and dbaction tables but do a full scaffold on the dbaccesscontrollist table.
    phalcon model dbrole --get-set --namespace=security
    phalcon model dbresource --get-set --namespace=security
    phalcon model dbaction --get-set --namespace=security
    phalcon scaffold dbaccesscontrollist --get-set --ns-models=security
    • Open file /app/config/loader.php and Insert security Namespace
    $loader->registerNamespaces(
        [
            "security" => $config->application->modelsDir
        ]
    );
    • Then Update Dbaccesscontrollistcontroller.php File in the controller folder and create view file
  • Access Control List in the Database - Step 2

    • Now that the roles, resources, actions and access control list are stored in the database we need to modify the Security Plugin to use this information rather than hard-coding this information directly into the Security Plugin PHP file itself.
    • Read: https://www.learnphalcon.com/post/show/10/putting-the-access-control-list-in-the-database---step-2
    • Create new folder apps/plugins and Create SecurityPlugin.php File
    • Register Plugins Path in app\config\loader.php File
      $config->application->pluginsDir,
    • To get the Security Plugin working you need to add some code to the app/config/services.php file.
      use Phalcon\Mvc\Dispatcher as Dispatcher;
      use Phalcon\Events\Manager as EventsManager;
      $di->set('dispatcher', function () use ($di) {
          $eventsManager = new EventsManager;
          // Check if the user is allowed to access certain action using the SecurityPlugin
          $eventsManager->attach('dispatch:beforeDispatch', new SecurityPlugin);
          // Handle exceptions and not-found exceptions using NotFoundPlugin
          // $eventsManager->attach('dispatch:beforeException', new NotFoundPlugin);
          $dispatcher = new Dispatcher();
          $dispatcher->setEventsManager($eventsManager);
          return $dispatcher;
      });
    • Create new controller file ErrorsController.php and create view files
    • All roles should be able to access all actions of the Errors Controller all the time.
    • Update User Session Data and update \app\views\index\login.volt, app\views\index\signup.volt file
    • Insert User Logout method in index controller and given all user role permission
    • Update User Role in the database users table

Another Features

Create a model, controller and views with phalcon-tools.

https://www.learnphalcon.com/post/show/11/user-login---step-1

phalcon scaffold user --get-set

phalcon scaffold user --get-set --ns-models=namespaceName

Create MVC