Blog Documentation Book a Demo
Please upgrade here. These earlier versions are no longer being updated and have security issues.
HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.

PHP AUTH login

carephhcarephh
edited October 2011 in Vanilla 2.0 - 2.8
Hey guys,

Im brand new to the Vanilla universe. Im having a version of Vanilla2 installed on a .htaccess protected website. What i would like to do is to use the $_SERVER['PHP_AUTH_USER'] to automatically authenticate the users with, when they enter the forum.

How would you suggest to do this?
Tagged:

Answers

  • ToddTodd Vanilla Staff
    edited October 2011
    I recommend writing a plugin.

    1. Create a Gdn_Dispatcher_BeforeDispatch_Handler($Sender) function.
    2. Check make sure a user isn't already signed in: 
    if (Gdn::Session()->UserID > 0) return;
    2. Check $_SERVER['PHP_AUTH_USER']
    3. Look up that user in the user table: 
    Gdn::UserModel()->GetByUsername(...)
    4. If the user doesn't exist then insert the user: 
    $UserID = Gdn::UserModel()->InsertForBasic(
       $User, 
       FALSE, 
       array('ValidateEmail' => FALSE, 'NoConfirmEmail' => TRUE));
    5. Start the session as the user: 
    Gdn::Session()->Start($UserID, TRUE)
  • BassEncodingBassEncoding New
    edited May 2013

    I did that, but the Gdn::Session()->Start($UserID, TRUE); returns null and don't do nothing :s
    Thanks for helping

    <?php
// Define the plugin:
$PluginInfo['HTTPAuth'] = array(
   'Description' => 'HTTP / HTACCESS auto login',
   'Version' => '1.0',
   'Author' => "Maxime",
   'AuthorEmail' => '***@gmail.com',
   'AuthorUrl' => ''
);

class AuthentificationHttpPlugin extends Gdn_Plugin
{
        public function Gdn_Dispatcher_BeforeDispatch_Handler($Sender)
        {
                //We check that the user isn't already logged
                if (Gdn::Session()->UserID > 0) return; 

                //We check the htaccess login
                $httpusername = (string) $_SERVER['PHP_AUTH_USER'];
                echo('http username = ' . $httpusername);

                //We check if the user exists
                if(!Gdn::UserModel()->GetByUsername($httpusername))
                {
                        echo "<p> User doesnt exists </p>";
                        //If not, we create it
                        $UserID = Gdn::UserModel()->InsertForBasic(
                                $username,
                                FALSE,
                                array('ValidateEmail' => FALSE, 'NoConfirmEmail' => TRUE));
                }
                else
                {
                        echo "<p> User exists </p>";
                        $UserID = $httpusername;
                }

                var_dump(Gdn::Session()->Start($UserID, TRUE)); //Returns NULL
        }
}
?>
  • BassEncodingBassEncoding New

    Sorry for code format, I try but I don't find how to format it fine...

  • BassEncodingBassEncoding New
    edited May 2013

    Nobody have an idea of why the Gdn::Session()->Start() doesn't works ? I did search in existing plugins about a redirection to do after the Session->Start(), but I didn't find anything working :/

  • ToddTodd Vanilla Staff

    Gdn::Session()->Start() doesn't return anything, but sets the cookie. Try dumping Gdn::Session()->User after that.

  • BassEncodingBassEncoding New

    Thanks so much for reply !

    Gdn::Session()->Start($UserID, true);
    var_dump(Gdn::Session()->User);

    returns a bool(false) :/

Sign In or Register to comment.