|
|
Re: Proposed code change to add AUTO_LOGIN plugin hook |
Tue, 14 January 2014 12:43 |
|
Just to be sure, here's how I interpret that:
--- users.inc.t-orig 2014-01-14 11:08:47.608988091 -0500
+++ users.inc.t 2014-01-14 12:42:28.902660593 -0500
@@ -654,7 +654,12 @@
$sq = 0;
/* Fetch an object with the user's session, profile & theme info. */
- if (!($u = ses_get())) {
+ if (!($u = ses_get()) && defined('plugins')) {
+ /* Call auto-login plugins. */
+ $u = plugin_call_hook('AUTO_LOGIN');
+ }
+
+ if (!$u) {
/* New anon user. */
$u = ses_anon_make();
} else if ($u->id != 1 && (!$GLOBALS['is_post'] || sq_check(1, $u->sq, $u->id, $u->ses_id))) {
|
|
Re: Proposed code change to add AUTO_LOGIN plugin hook |
Tue, 14 January 2014 12:39 |
|
OK, maybe not. AUTHENTICATE is in 'login.php.t' and you want to authenticate users without going through the login dialogue.
Maybe just add the following so clutch out all plugins and commit:
if (defined('plugins')) {
|
|
Re: Proposed code change to add AUTO_LOGIN plugin hook |
Tue, 14 January 2014 12:31 |
|
No, the AUTHENTICATE hook occurs after the user has submitted login credentials into the login form. The purpose of this hook is to prevent the need for the login form altogether, to be used when user authentication can be done using some external factor (such as Basic auth that might be configured with a single sign-on solution).
|
|
Re: Proposed code change to add AUTO_LOGIN plugin hook |
Tue, 14 January 2014 12:23 |
|
Would it be possible to maybe use the AUTHENTICATE hook for this?
Quote:Authenticate users against an external source like an LDAP directory. Example implementation: Email_login.plugin and Ldap.plugin.
|
|
Proposed code change to add AUTO_LOGIN plugin hook |
Tue, 14 January 2014 11:26 |
|
This code change adds a new plugin hook named "AUTO_LOGIN" to allow automatic user login based on external authentication methods. We are currently using this in combination with a Basic Authentication configuration on the web server.
The plugin hook is only used if a saved session is not initially identifiable, and before an anonymous session is created.
Please review the code change below:
--- users.inc.t-orig 2014-01-14 11:08:47.608988091 -0500
+++ users.inc.t 2014-01-14 11:13:50.702268354 -0500
@@ -655,6 +655,11 @@
$sq = 0;
/* Fetch an object with the user's session, profile & theme info. */
if (!($u = ses_get())) {
+ /* Call auto-login plugins. */
+ $u = plugin_call_hook('AUTO_LOGIN');
+ }
+
+ if (!$u) {
/* New anon user. */
$u = ses_anon_make();
} else if ($u->id != 1 && (!$GLOBALS['is_post'] || sq_check(1, $u->sq, $u->id, $u->ses_id))) {
|
|