Integrating Smart Report Engine With A Session-Based Login System
Before we begin, if you haven’t already done so, you might want to read Basic usage example. This post will help you understand how to start using Smart Report Engine.
Using Smart Engine, you can integrate it with your project’s session-based login system to protect your private reports and redirect unauthorized report access to your project’s existing login page.
Assumptions:
For the sake of this example, let’s assume the following about the login system which we want to integrate with:
- It has a login page, “some-login-page-URL.”
- It divides users into groups.
- Each group has Id, name, and permissions associated with it. In this example, we will use the group name for simplicity.
- The groups that can access your report are “admins” and” sales.”
- It uses sessions, and when a user is successfully signed-in, your login system saves his “user_id” and “group” in session as $_SESSION[‘user_id’] & $_SESSION[‘group’].
- The session name used by the login system is “project1”.
- The system has a logout page, “some-logout-page-URL.”
Report Options
In this tutorial, we will show how easy it is to integrate Smart Report Engine with the login system described above. All we need to do is to set the following options in the report:
- It’s a private report.
- It should redirect any unauthorized access to the login page of the system.
- Before allowing any access to the report, the engine should check the session for the following criteria:
- It has a key with the name “user_id.”
- It has a “group” that is equal “sales” or “admins.”
- If the user tries to logout from the report, the system should redirect them to a particular logout page.
We will start by showing the code in a native PHP project and then in a Laravel project.
1- Case of a native PHP Project
In a native PHP Project, the code will be something like the following:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 | use SRE\Engine\CustomEngine;use SRE\Engine\ReportOptions;require_once "../sre_bootstrap.php"; $report = new ReportOptions(SRE_PRIVATE_REPORT); $report->select_tables(array("items")) ->select_all_fields() ->security_init("some_login_page_url","some_logout_page_url","project1") ->security_check_session_saved_user_key("user_id") ->security_check_session_saved_group_key("group", array("sales", "admins")) ->set_grouping(array("product_name")) ->format_image_column("photo"); $engine = new CustomEngine($report); $report_path = $engine->create_report(); if ($report_path) { echo "Report created successfully! To visit your report please <a href='" . $report_path . "' /> click here </a> "; } |
2- Case of Laravel Project
We will put the report generation logic in a service. It will be something like the following:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 | namespace App\Services;use Sre\SmartReportingEngine\src\Engine\Constants;use Sre\SmartReportingEngine\src\Engine\CustomEngine;use Sre\SmartReportingEngine\src\Engine\ReportOptions;class ReportService { public function generatePublicReport() { $report = new ReportOptions(Constants::SRE_PRIVATE_REPORT); $report->select_tables(array("items")) ->select_all_fields() ->security_init("some_login_page_url","some_logout_page_url","project1") ->security_check_session_saved_user_key("user_id") ->security_check_session_saved_group_key("group", array("sales", "admins")) ->set_grouping(array("product_name")) ->format_image_column("photo"); $engine = new CustomEngine($report); $report_path = $engine->create_report(); return $report_path; }} |
In the above code, we first set the options we want for our report using the “$report” object, which is an instance of the “ReportOptions” Class.
Report Options
Following are the report options:
- Setting the report as a “Rrivate_Report.”
A private report can be accessed if the user is successfully signed in to the login system and has permission to access this report. To set this report as private, we pass the SRE_PRIVATE_REPORT flag to the constructor of the ReportOptions class. Please note that all flags used in the Smart Report Engine start with “SRE_.”
- Setting the login and logout pages.
To integrate with the login system, we pass the login page, logout page, and the session name to the “security_init” method.
- Checking the “user_id” Key
In the above code, we tell the engine that before allowing any visit to this private report, it needs to check that a “user_id” key exists in the session. Therefore we pass “user_id” to the security_check_session_saved_user_key method.
- Checking the “group” Key
In the above code, we tell the engine that before allowing any visits to this private report, it should do the following session validations :- A “group” key exists in the session.
- The value of the “group” key should be either “sales” or “admins.”
To apply the above session validations, we pass the key “group” and an array containing only “sales” and “admins” to the security_check_session_saved_group_key method.
If any of the session validations fail, the system should redirect the user to the login page, which we pass to the security_init method.
Then after defining all the options for the report using an instance of type ReportOptions, we will pass this instance to the constructor of the CustomEngine class. By doing this, we create a new object of CustomEngine, which we will use to call the “create_report” method to generate the report and return its URL.
Summary
- Using Smart Report Engine, you can create private reports that integrate with any session-based login system. To do this, you should do the following:
- Pass the “SRE_PRIVATE_REPORT” flag to the constructor of the ReportOptions class.
- Pass your system’s login page, log out page, and session name to the “security_init” method.
- Tell the report what session verifications to perform by calling one or more of the “security_check_session_” methods. In this example, we called the following methods:
- “security_check_session_saved_user_key” to verify that the session has a key with the name “user_id.”
- “security_check_session_saved_group_key” to verify that the session has a key with the name “group,” which has a value of a group allowed to access the report.
