This Custom Authentication Process can be used to override the current login systems and can be extended to external authentication APIs.
To include a Custom Authentication Process in your answerspace you first need to create two mADL interactions.
Interaction Name | Type | Description |
---|---|---|
loginstatus | mADL | Used to return True or False if user is logged in using$t->getSessionValue() Function |
loginprompt | mADL | Used to display a custom login screen |
Code Block | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|
| ||||||||||
// TODO: instead of pulling from $t->getSessionValue(), contact (web) service
// always return false if the user is not logged in
$account = $t->getSessionValue('account');
if (empty($account) || !is_array($account)) {
return false;
} else {
return $account;
}
/* example successful return
return array(
'username' => 'user01',
'name' => 'Bob', // [optional]
'groups' => array() // Interaction Group IDs
);
*/ |
...
Code Block | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|
| ||||||||||
$account = $t->runLoginStatusInteraction(); $users = array( 'ron' => 'blah', 'louise' => 'blah', 'ray' => 'blah' ); $userGroups = array( 'ron' => array(20015, 1, 2), 'louise' => array(20015, 1), 'ray' => array(20015) ); // TODO: replace all $t->(s|g)etSessionValue() invocations with calls to your own authentication (web) service $html = ''; $error = ''; $status = ''; // debug; //$html .= '<b>$account</b>' . gettype($account) . '<pre>' . print_r($account, true) . '</pre>'; //$html .= '<b>$_POST</b>' . gettype($_POST) . '<pre>' . print_r($_POST, true) . '</pre>'; if (!empty($_POST)) { // received login details, process login if (isset($_POST['username'], $_POST['password'])) { $username = trim($_POST['username']); $password = trim($_POST['password']); // checking to see if login data is valid if (array_key_exists($username, $users) && $users[$username] === $password) { $account = array( 'username' => $username, // used internally, displayed if no "name" 'name' => ucwords($username), // displayed if defined [optional] 'groups' => $userGroups[$username] // array of Interaction Group IDs for access control ); $t->setSessionValue('account', $account); } else { // invalid login, scrubbing session $error = 'invalid username and/or password'; $t->setSessionValue('account', null); $account = null; } } } // check to see if we need to log out if (isset($_GET['logout'])) { $t->setSessionValue('account', null); $account = null; $status = 'successfully logged out'; } if (empty($account)) { // not logged in, so asking for user for login details $html .= '<center><form action="?" method="POST" style="display: inline-block; width: auto; text-align: right; margin: 2em auto;">'; $html .= '<label>Username: <input type="text" name="username" required /></label><br />'; $html .= '<label>Password: <input type="password" name="password" required /></label>'; $html .= '<p><input type="submit" name="submit" value="login" /></p>'; $html .= '</form></center>'; } else { // logged in, so showing user status and prompting for logout if (isset($account['name'], $account['username']) && $account['username'] !== $account['name']) { $name = $account['name'] . ' (' . $account['username'] . ')'; } else { $name = $account['name']; } $html .= '<center>'; $html .= '<p>You are currently logged in as ' . $name . '.</p>'; $html .= '<form action="?" method="GET" style="display: inline-block; width: auto; margin: 2em auto;">'; $html .= '<p><input type="submit" name="logout" value="log out" /></p>'; $html .= '</form>'; $html .= '</center>'; } // show messages $html .= '<center><p style="color: #a00;">' . $error . '</p>'; $html .= '<p style="color: #0a0;">' . $status . '</p></center>'; return $html; |
...
Additionally you will need to configure the answerSpace Security settings.
For more detail see the Creating A Custom Login Process Guide