Authentication Example?
ctodd
login tools into an application? Seems as if I should be able to
reference them from my test application.
Chris
Alan Pinstein
The built-in "login" module is for login only. There is no sign-up,
since everyone does that their own way anyway. To use it in a login/
signup page, I'd recommend building your own signup module then using
WFModuleView to include the "existing members log in here" kinda thing.
However, if you're just testing log in, that's perfect, you can just
go to http://your-server/login to see it work.
Also, in case you hadn't noticed it, you can "require login" for a
given module by adding a "checkSecurity()" function like so:
> function checkSecurity (WFAuthorizationInfo $authInfo)
> {
> if ($authInfo->isLoggedIn() and $authInfo->isAdmin())
> return WFAuthorizationManager::ALLOW;
> return WFAuthorizationManager::DENY;
> }
As far as the code goes, here's an example:
Go here:
http://4.mydx.showcasere.com/webapp/idx/idx/12657
and click on "Save Search". That will bring up a "register" module
that does what I explained above.
Here's the Login Delegate class and setup:
> // in AppDelegate::initialize()
> $ac = WFAuthorizationManager::sharedAuthorizationManager();
> $ac->setDelegate(new ShowcaseClientLogin);
>
> class ShowcaseClientLogin
> {
> function login($username, $password, $passIsToken)
> {
> $origPW = $password; // keep copy for logging purposes
> try {
> // can log in with CLIENT_ID or EMAIL;
> $hostAgentId = MyWebApplicationDelegate::hostAgentId();
> if (is_numeric($username))
> {
> $client = ClientPeer::retrieveByPK($username);
> // make sure client id belongs to this host agent
> if ($client->getAgentId() != $hostAgentId)
> {
> $client = NULL;
> }
> }
> else
> {
> $client = ClientPeer::retrieveByEmail($hostAgentId,
> $username);
> }
> if (!$passIsToken)
> {
> $password = md5($password);
> }
> if ($client and $password === $client->getPassMd5())
> {
> $authInfo = new ShowcaseClientAuthorizationInfo;
> $authInfo->setUserid($client->getClientId());
> return $authInfo;
> }
> else
> {
> WFLog::logToFile('auth.log', "Invalid client login:
> $username");
> }
> } catch (Exception $e) {
> throw($e);
> }
>
> return NULL;
> }
>
> function loginInvocationPath()
> {
> return 'client/register/register';
> }
>
> function loginMessage()
> {
> return 'Sign into your MyDX Client Center for access to
> advanced features.';
> }
>
> function usernameLabel()
> {
> return 'Email Address';
> }
>
> function shouldEnableForgottenPasswordReset() { return true; }
>
> function resetPassword($username)
> {
> // lookup user
> $client = ClientPeer::retrieveByEmail
> (MyWebApplicationDelegate::hostAgentId(), $username);
> if (!$client) throw( new WFException("Could not locate an
> account for \"{$username}\".") );
>
> // pick new password and email it to client
> $client->resetPassword();
> }
>
> function defaultLogoutContinueURL()
> {
> // go to agent home page on client logout
> return 'http://' . HostAgent::sharedHostAgent()-
> >getDomainName();