Please upgrade here. These earlier versions are no longer being updated and have security issues.
HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.
EntryController SignIn and Auth method suggestions
Hi, I've just plugged my vanilla 2.0.3 on a simple db user domain.
(I hope to release this addon before the end of the week
)
It works but when coding my plugin some questions arise :
1) In the EntryController->SignIn method
shouldn't it be something like
Because when someone enable an additional authenticator from a plugin in the dashboard/authentication page, everything goes fine on this screen and the changes are reflected in the config file but the authenticator is not called when we use the default sign in form (which is just perfect in my case, I just check username/email and password in SimpleDB and then update my corresponding vanilla user data for common fields from simpledb or autoadd a new one if it's the first time my user log in, and I think it could be the same whith any external ref like LDAP or another database).
To bypass this I have done this in my plugin
2) in the EntryController->Auth method
This code seems to force to have a view 'yourschemealias.php' in vanilla_root_folder/applications/dashboard/views/entry/auth which is not good in order to produce standalone plugin (but I maybe missed something, if so I need to know how to properly override this view in a plugin).
I have done the following to have a standalone plugin :
I Think that it would be better if the View was grab with something like
and in Gdn_Authenticator -> GetAuhtView something like
Thanks in advance for your feedback and opinions about that
David
(I hope to release this addon before the end of the week

It works but when coding my plugin some questions arise :
1) In the EntryController->SignIn method
public function SignIn() {
$this->Auth('password');
}
shouldn't it be something like
public function SignIn() {
$this->Auth(Gdn::Config('Garden.Authenticator.DefaultScheme', 'password'));
}
Because when someone enable an additional authenticator from a plugin in the dashboard/authentication page, everything goes fine on this screen and the changes are reflected in the config file but the authenticator is not called when we use the default sign in form (which is just perfect in my case, I just check username/email and password in SimpleDB and then update my corresponding vanilla user data for common fields from simpledb or autoadd a new one if it's the first time my user log in, and I think it could be the same whith any external ref like LDAP or another database).
To bypass this I have done this in my plugin
public function EntryController_SignIn_Create(&$Sender){
$Sender->Auth(Gdn::Config('Garden.Authenticator.DefaultScheme', 'password'));
}
2) in the EntryController->Auth method
// Set up controller
$this->View = 'auth/'.$Authenticator->GetAuthenticationSchemeAlias();
This code seems to force to have a view 'yourschemealias.php' in vanilla_root_folder/applications/dashboard/views/entry/auth which is not good in order to produce standalone plugin (but I maybe missed something, if so I need to know how to properly override this view in a plugin).
I have done the following to have a standalone plugin :
public function EntryController_Render_Before(&$Sender) {
$CurrentScheme = Gdn::Config('Garden.Authenticator.DefaultScheme', 'password');
if(($CurrentScheme == 'simpledb') && isset($Sender->View)
&& ($Sender->View == 'auth/simpledb')){
$Sender->View = $this->GetView('simpledb.php');
}
}
I Think that it would be better if the View was grab with something like
// Set up controller
$this->View = $Authenticator->GetAuthView($AuthenticationSchemeAlias);
and in Gdn_Authenticator -> GetAuhtView something like
$this->GetAuthenticator($AuthenticationSchemeAlias)->GetAuthView();
Thanks in advance for your feedback and opinions about that

David
Tagged:
0
Comments
I hear what you're saying though, about making this more pluggable, and I'll be working on that for the next release.
Vanilla Forums COO [GitHub, Twitter, About.me]