PHP authentication on Google Cloud

By Anonymous
How to set up an authentication module on Google Cloud  with PHP.


Step 1: Create your list of admin users
Go to https://console.cloud.google.com/iam-admin/iam/project?project=<your_project_name>&authuser=0 and add users and assign roles to them. I used my work Gmail account as an admin user, and my personal Gmail as an ordinary user.
Step 2. specify resources for login
In your app.yaml file, specify which resources you want to be restricted to authenticated users, and which are admin-only.
- url: /
  script: index.php
  login: required
  secure: always
# this requires login but is available to all users

- url: /admin
  script: admin/index.php
  login: admin
  secure: always  
# this requires login and is only available to admin users
Step 3. Add authentication PHP to your header include
This is the code for my normal user pages:
    <?php

    use google\appengine\api\users\User;
    use google\appengine\api\users\UserService;

    $user = UserService::getCurrentUser();
    if (isset($user)) {
      $authmessage = sprintf('Logged in as %s | <a href="%s">Log out</a>',
                   $user->getNickname(),
                   UserService::createLogoutUrl('/'));
    } else {
      $authmessage = sprintf('<a href="%s">Log in or register</a>',
                   UserService::createLoginUrl('/'));
    } 

    if (isset($user) && UserService::isCurrentUserAdmin()) {
        $admin = TRUE;
    } else {
        $admin = FALSE;
    }
?>
And this is the PHP in my admin header include:
<?php
use google\appengine\api\users\User;
use google\appengine\api\users\UserService;

$user = UserService::getCurrentUser();
if (isset($user)) {
  $authmessage = sprintf('Logged in as %s | <a href="%s">Log out</a>',
               $user->getNickname(),
               UserService::createLogoutUrl('/'));
} else {
  $authmessage = sprintf('<a href="%s">Log in or register</a>',
               UserService::createLoginUrl('/'));
} 

if (isset($user) && UserService::isCurrentUserAdmin()) {
    $admin = TRUE;
} else {
    echo 'Sorry, you are not authorised to access this page.';
} 
?>
Step 4. Add login / logout links to your header include
In your HTML for the normal header, add the following:
    <?php 
                        echo $authmessage; 
                        if($admin == TRUE) {
                            echo ' | <a href="/admin">Admin</a>'; 
                            }
                    ?>
and in your HTML for the admin header, add the following:
<?php 
                    echo $authmessage; 
                    if($admin == TRUE) {
                        echo ' | <a href="/">App</a>'; 
                        }
                ?>
Documentation

Comments

Post a Comment

Popular posts from this blog

We're in Onstream

By Anonymous
The pilot phase of the Brookes ID project was announced in the latest issue of Onstream , the staff magazine of Oxford Brookes University: Brookes ID (Individual Development) is an inclusive co-curricular framework which has been created with students and is a PESE (Programme to enhance the Student Experience) project. It recognises and rewards student engagement and commitment beyond their programme of study and is aligned to the Brookes Guiding Principles. As part of the Brookes ID initiative a new app has been launched which will run this semester as a pilot, leading up to the official launch of Brookes ID expected in September 2017. The Brookes ID app has been developed by the project team (Professor Alison Honour ADSE, Dr Bob Champion PLSE, Lindsay Williams PLSE, Yvonne Aburrow) and the Student Experience team in OBIS, in partnership with students. It monitors the extra and co-curricular activities of students and rewards them with ‘achievements’. Initially the number of activiti...
Read more

Agile methodology in the wild

By Anonymous
Image
Agile methodologies like Scrum sound amazingly efficient when presented by people who have implemented them in a non-hostile environment. But conditions are not always perfect, and things can sometimes go wrong. One of the key features of agile project methodologies is that they have different types of meetings . Each different type of meeting has a very specific function. They can become tedious and unproductive if they deviate from the prescribed form and function. With that in mind, let's look at the different types of meeting, how they are meant to work, and what can go wrong. Three Amigos     © Copyright  Peter Trimming  and licensed for  reuse  under this  Creative Commons Licence . Three Amigos This is a relatively new type of meeting in the agile toolkit, and was developed in 2013 . Essentially, this is a meeting during which the business analyst (BA) presents the requirements and tests for a new feature. The Three Amigos (BA, developer, and QA...
Read more