Skip to content

Commit d2a86cb

Browse files
author
Greg Bowler
committed
Update example after refactoring AuthUri
1 parent 4d4e841 commit d2a86cb

File tree

1 file changed

+11
-20
lines changed

1 file changed

+11
-20
lines changed

README.md

Lines changed: 11 additions & 20 deletions
Original file line numberDiff line numberDiff line change
@@ -13,46 +13,37 @@ With the following PHP code below, you can display a log in button that, when cl
1313
```php
1414
<?php
1515
use Authwave\Authenticator;
16-
use Authwave\Token;
1716
require __DIR__ . "/vendor/autoload.php";
1817

1918
// These constants can be loaded from your application's configuration
2019
// or environment variables, and must be created within Authwave.
2120
define("CLIENT_KEY", "1234567890abcdef");
2221
define("CLIENT_SECRET", "aaaa-bbbb-cccc-dddd-eeee-ffff");
2322

24-
// Persist a Token in the session to handle the remote authentication flow.
25-
$token = $_SESSION["authwave-token"] ?? new Token(CLIENT_KEY, CLIENT_SECRET);
26-
$_SESSION["authwave-token"] = $token;
27-
2823
// Construct the Authenticator class as soon as possible, as this handles the
29-
// Authentication steps passed via the query string from Authwave.
24+
// Authentication steps passed bia the query string from the remote provider.
3025
$auth = new Authenticator(
31-
$token,
32-
"example.com",
33-
$_SERVER["REQUEST_URI"]
26+
CLIENT_KEY, // See above
27+
CLIENT_SECRET, // See above
28+
$_SERVER["REQUEST_URI"], // Redirect URI for after login completes
29+
new SessionContainer($_SESSION) // Object-oriented session wrapper
3430
);
3531

3632
// Handle authentication login/logout action via the querystring:
3733
if(isset($_GET["login"])) {
38-
// Redirect the user agent to the auth uri, which is a location on the remote
39-
// provider. The remote provider will in turn redirect the user agent back to
40-
// the return URI (set as 3rd parameter of Authenticator's constructor), at
41-
// which point the user will be considered authenticated.
42-
header("Location: " . $auth->getAuthUri(), true, 303);
43-
exit;
34+
// This will redirect the user agent to the auth uri, which is a location on the
35+
// remote provider. The remote provider will in turn redirect the user agent
36+
// back to the return URI (set as 3rd parameter of Authenticator's constructor),
37+
// at which point the user will be considered authenticated.
38+
$auth->login();
4439
}
4540
elseif(isset($_GET["logout"])) {
46-
// To log out, simply remove the Token from the session and reload the page.
47-
unset($_SESSION["authwave-token"]);
48-
header("Location: " . $_SERVER["REQUEST_URI"]);
49-
exit;
41+
$auth->logout();
5042
}
5143

5244
// Authentication is handled by Authwave, so you can trust "isLoggedIn"
5345
// as a mechanism for protecting your sensitive information.
5446
if($auth->isLoggedIn()) {
55-
$email = $auth->getEmail();
5647
echo <<<HTML
5748
<p>You are logged in as <strong>{$auth->getEmail()}</strong></p>
5849
<p><a href="?logout">Log out</a></p>

0 commit comments

Comments
 (0)