Fetching User Data From Tokens
The Trongate_tokens
class, part of the Trongate Tokens module, is essential for handling token-related operations in the Trongate framework. This class includes methods for generating, validating, retrieving, and managing tokens. Below is an overview of the key methods available:
Key Methods Overview
The methods listed below are found inside the 'Trongate Tokens' module. These methods are crucial for various token-related operations, including generating tokens, fetching user data, and destroying tokens. The table below summarizes each method:
Method | Description |
---|---|
_attempt_get_valid_token() | This method attempts to validate and return a token based on optional user level(s) condition. It checks for a valid token in HTTP headers, cookies, and session storage. |
_destroy() | This method destroys tokens from session, cookies, and HTTP headers, and deletes them from the database. |
_delete_old_tokens() | This method deletes old tokens from the database. Optionally, tokens can be deleted for a specific user ID. |
_get_user_id() | Retrieves the Trongate User ID based on a provided token or checks session, cookies, and page headers if no token is provided. |
_get_user_obj() | Gets the Trongate User Object based on a token, session, cookies, or page headers. |
_get_user_level() | Retrieves the user level associated with the given token or the current user token. |
_generate_token() | Generates a token based on provided data and sets it as a cookie or session value if specified. |
regenerate() | Regenerates a token with a new expiration date. It validates the old token and new expiration date before updating the database. |
Fetching The Trongate User ID
The Trongate User ID is a unique identifier assigned to each record in the trongate_users
database table, represented as an integer. This ID is integral to Trongate's token-based authorization and authentication system. Each user within a Trongate application is assigned a distinct Trongate User ID, ensuring that the ID is unique across the user base. Consequently, the Trongate User ID serves as a reliable means of identifying any authorized user of a Trongate application, regardless of their user level. Therefore, the ability to fetch a user’s Trongate User ID is highly valuable for managing user-specific operations and ensuring accurate identification within the application.
To fetch a user's Trongate User ID, load up the trongate_tokens module and invoke the _get_user_id() method. For example:
$this->module('trongate_tokens');
$this->trongate_tokens->_get_user_id();
The _get_user_id() method is a crucial function within the trongate_tokens module for retrieving user information. It is designed to fetch the Trongate User ID, which is an essential element in user identification and management.
Here are some key points to understand about this method:
- Optional Token Parameter: The method can accept a 'Trongate token' as an argument. If a token is provided, the method attempts to return the Trongate User ID associated with that specific token. This is useful when you have a token that you want to validate or query directly.
- Fallback Mechanism: If no token is provided, the method will automatically search for a valid token from alternative sources, such as session data, cookies, or page headers. This fallback mechanism ensures that user identification can still occur even if the token is not explicitly supplied.
- Return Value: The method returns an integer representing the Trongate User ID if a valid token is found. If no valid token is located, it returns a boolean of
false
. This dual return value helps handle cases where the token might be invalid or absent, providing a clear distinction between a successful user ID retrieval and a failed attempt.
Fetching The Trongate User Object
The Trongate User Object is a comprehensive representation of a user's information within a Trongate application. This object can be crucial for various user-related operations, such as displaying user-specific data, managing user permissions, or performing user-specific actions. Understanding how to fetch and utilize the Trongate User Object allows you to effectively handle user data and maintain robust application functionality.
To fetch the Trongate User Object, load the trongate_tokens module and invoke the _get_user_obj() method. Here’s an example of how to use this method:
$this->module('trongate_tokens');
$this->trongate_tokens->_get_user_obj();
This method attempts to fetch a valid token from either session data or a cookie stored on the end user's device. If a valid token is found, the returned value will be an object representing the user's information. If no valid token is found, the method will return a boolean with the value of false.
Understanding The User Object
The user object returned by invoking _get_user_obj() includes the following properties:
- trongate_user_code - The value of this property corresponds to the 'code' column in the
trongate_users
table. - user_level_id - Contains the value that matches the 'id' column from the
trongate_user_levels
table. - user_level - Represents the value stored in the 'level_title' column of the
trongate_user_levels
table. - token - The validated token of the user, corresponding to the value in the 'token' column of the
trongate_tokens
table. - trongate_user_id - Contains the user's Trongate User ID, matching the 'id' column of the
trongate_users
table. - expiry_date - A Unix timestamp representing the expiration date and time of the token.
Below is an example of the data structure returned by the _get_user_obj() method, presented as a JSON string for clarity:
{
"trongate_user_code": "dytcGEc47h6VCmYmrJLwH5CPx8GMWcKa",
"user_level_id": "1",
"user_level": "admin",
"token": "r8Ex_25FoYFSsrJTn3wezn6wzW8XRLkf",
"trongate_user_id": "1",
"expiry_date": "1629508409"
}
Fetching A User Level
The User Level represents a user's role or access level within a Trongate application. This role is essential for controlling access to various parts of the application and for applying role-based permissions. Understanding how to retrieve the user level associated with a token allows you to tailor the user experience and enforce permissions effectively.
To fetch the user level associated with a token, call the _get_user_level() method after loading the trongate_tokens module. Here’s a practical example:
$this->module('trongate_tokens');
$user_level = $this->trongate_tokens->_get_user_level($token);
echo $user_level; // outputs something like 'admin'
The _get_user_level() method plays a key role in retrieving user roles from tokens, allowing applications to adapt dynamically based on user permissions.
Here are some important aspects of the _get_user_level() method:
- Optional Token Parameter: This method accepts a 'Trongate token' as an optional parameter. If a token is provided, the method retrieves the user level associated with that specific token. This is beneficial for querying user levels directly when the token is known.
- Fallback to Current User: If no token is provided, the method attempts to fetch a token from session data and/or cookies. This fallback ensures that you can still retrieve the user level for the currently authenticated user without explicitly passing a token.
- Return Value: The method returns a string representing the user level title if the token is valid. If no valid token is found or the user level cannot be determined, it returns
false
. This return type helps clearly differentiate between a successful retrieval of the user level and a failure to retrieve it.
Example Usage
Below is an example demonstrating how to use the _get_user_level() method to fetch and display a user's level:
$this->module('trongate_tokens');
$user_level = $this->trongate_tokens->_get_user_level();
echo $user_level; // This will output the user level, such as 'admin'