Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

This Custom Authentication Process can be used to override the current login systems and can be extended to external authentication APIs.

 To include a Custom Authentication Process in your answerspace you first need to create two mADL interactions.

Interaction Name

TypeDescription

loginstatus

mADLUsed to return True or False if user is logged in using
$t->getSessionValue() Function

loginprompt

mADLUsed to display a custom login screen

 

 

Code Block
themeRDark
languagephp
titleloginstatus
linenumberstrue
collapsetrue
 
 
// TODO: instead of pulling from $t->getSessionValue(), contact (web) service
// always return false if the user is not logged in
$account = $t->getSessionValue('account');
if (empty($account) || !is_array($account)) {
  return false;
} else {
  return $account;
}
/* example successful return
return array(
  'username' => 'user01',
  'name' => 'Bob', // [optional]
  'groups' => array() // Interaction Group IDs
);
*/

...

Code Block
themeRDark
languagephp
titleloginprompt (Array Based Sample)
linenumberstrue
collapsetrue
 
 $account = $t->runLoginStatusInteraction();
$users = array(
	'ron' => 'blah',
	'louise' => 'blah',
	'ray' => 'blah'
);
$userGroups = array(
	'ron' => array(20015, 1, 2),
	'louise' => array(20015, 1),
	'ray' => array(20015)
);
// TODO: replace all $t->(s|g)etSessionValue() invocations with calls to your own authentication (web) service
$html = '';
$error = '';
$status = '';
// debug;
//$html .= '<b>$account</b>' . gettype($account) . '<pre>' . print_r($account, true) . '</pre>';
//$html .= '<b>$_POST</b>' . gettype($_POST) . '<pre>' . print_r($_POST, true) . '</pre>';
if (!empty($_POST)) {
  // received login details, process login
  if (isset($_POST['username'], $_POST['password'])) {
    $username = trim($_POST['username']);
    $password = trim($_POST['password']);
    // checking to see if login data is valid
    if (array_key_exists($username, $users) && $users[$username] === $password) {
      $account = array(
        'username' => $username, // used internally, displayed if no "name"
        'name' => ucwords($username), // displayed if defined [optional]
        'groups' => $userGroups[$username] // array of Interaction Group IDs for access control
      );
      $t->setSessionValue('account', $account);
    } else { // invalid login, scrubbing session
 
      $error = 'invalid username and/or password';
      $t->setSessionValue('account', null);
      $account = null;
    }
  }
}
// check to see if we need to log out
if (isset($_GET['logout'])) {
  $t->setSessionValue('account', null);
  $account = null;  
  $status = 'successfully logged out';
}
if (empty($account)) {
 // not logged in, so asking for user  for login details
  $html .= '<center><form action="?" method="POST" style="display: inline-block; width: auto; text-align: right; margin: 2em auto;">';
  $html .= '<label>Username: <input type="text" name="username" required /></label><br />';
  $html .= '<label>Password: <input type="password" name="password" required /></label>';
  $html .= '<p><input type="submit" name="submit" value="login" /></p>';
  $html .= '</form></center>';
} else {
  // logged in, so showing user status and prompting for logout
  if (isset($account['name'], $account['username']) && $account['username'] !== $account['name']) {
    $name = $account['name'] . ' (' . $account['username'] . ')';
  } else {
    $name = $account['name'];
  }
  $html .= '<center>';
  $html .= '<p>You are currently logged in as ' . $name . '.</p>';
  $html .= '<form action="?" method="GET" style="display: inline-block; width: auto; margin: 2em auto;">';
  $html .= '<p><input type="submit" name="logout" value="log out" /></p>';
  $html .= '</form>';
  $html .= '</center>';
}
// show messages
$html .= '<center><p style="color: #a00;">' . $error . '</p>';
$html .= '<p style="color: #0a0;">' . $status . '</p></center>';
return $html;
 

...

 Additionally you will need to configure the answerSpace Security settings. 
 For more detail see the Creating A Custom Login Process Guide