Actions

J1.5 talk

Difference between revisions of "Creating an Authentication Plugin for Joomla"

From Joomla! Documentation

(Invalid link)
Line 67: Line 67:
  
 
Fixed.  Thanks.  [[User:Chris Davenport|Chris Davenport]] 23:45, 16 November 2009 (UTC)
 
Fixed.  Thanks.  [[User:Chris Davenport|Chris Davenport]] 23:45, 16 November 2009 (UTC)
 +
 +
== Possible error in code ==
 +
 +
This section looks like it contains an error.
 +
 +
        if (!$result) {
 +
            $response->status = JAUTHENTICATE_STATUS_FAILURE;
 +
            $response->error_message = 'User does not exist';
 +
        }
 +
        // to authenticate, the username must exist in the database, and the password should be equal
 +
        // to the reverse of the username (so user joeblow would have password wolbeoj)
 +
        if($result && ($username == strrev( $password )))
 +
        {
 +
            $email = JUser::getInstance($result); // Bring this in line with the rest of the system
 +
            $response->email = $email->email;
 +
            $response->status = JAUTHENTICATE_STATUS_SUCCESS;
 +
        }
 +
        else
 +
        {
 +
            $response->status = JAUTHENTICATE_STATUS_FAILURE;
 +
            $response->error_message = 'Invalid username and password';
 +
        }
 +
 +
If I am not completely mistaken the last else will override the User does not exist error as there is no return in that if block?

Revision as of 10:00, 8 March 2010

A google search on 'joomla onauthenticate example' returns this tutorial so I suspect many people tasked with configuring a Joomla! 1.5 system to authenticate a user login against a database external to Joomla's will no doubt arrive here and use the code presented as a starting point to implementing their own auth plugin. At least that is what happend to me!

In this tutorial it says that the example is based on example.php, which can be found in the plugins/authentication directory of your Joomla installation.

After scratching my head and wondering if I could be any dumber than I already am, I noted the following differences between the code in the tutorial and the code in the plugins/authentication/example.php file in my Joomla 1.5.13 installation.

In fact, the code is so different that it may explain why I have had so much trouble implementing the simple process of authenticating against a table in another MySQL database on the same machine.

Would someone be so kind as to confirm that these differences are problematic or deconfuse me on this issue? Please bear in mind that I'm a perl guy drowning in php.

There are two issues:

1. The constructors for the plugin are defined differently.

Tutorial:

function plgAuthenticationMyauth(& $subject) {

   parent::__construct($subject);

}

example.php:

function plgAuthenticationExample(& $subject, $config) {

 parent::__construct($subject, $config);

}

2. The definitions of the parameters that onAuthenticate expects are different.

Tutorial:

The onAuthenticate() method is the method that will be called when the system is trying to use your plugin to authenticate the user. This method will be passed three parameters: the username, the password, and a reference to an object of type JAuthenticationResponse

/**

    * This method should handle any authentication and report back to the subject
    * This example uses simple authentication - it checks if the password is the reverse
    * of the username (and the user exists in the database).
    *
    * @access    public
    * @param    string    $username    Username for authentication
    * @param    string    $password    Password for authentication
    * @param    object    $response    Authentication response object
    * @return    boolean
    * @since 1.5
    */

function onAuthenticate( $username, $password, &$response )

example.php:

/**

* This method should handle any authentication and report back to the subject
*
* @access      public
* @param       array   $credentials    Array holding the user credentials
* @param       array   $options                Array of extra options
* @param       object  $response               Authentication response object
* @return      boolean
* @since       1.5
*/

function onAuthenticate( $credentials, $options, &$response )

Invalid link

The link to http://api.joomla.org/Joomla-Framework/User/JAuthenticationResponse.html is not displayed correctly.

Fixed. Thanks. Chris Davenport 23:45, 16 November 2009 (UTC)

Possible error in code

This section looks like it contains an error.

       if (!$result) {
           $response->status = JAUTHENTICATE_STATUS_FAILURE;
           $response->error_message = 'User does not exist';
       }
       // to authenticate, the username must exist in the database, and the password should be equal
       // to the reverse of the username (so user joeblow would have password wolbeoj)
       if($result && ($username == strrev( $password )))
       {
           $email = JUser::getInstance($result); // Bring this in line with the rest of the system
           $response->email = $email->email;
           $response->status = JAUTHENTICATE_STATUS_SUCCESS;
       }
       else
       {
           $response->status = JAUTHENTICATE_STATUS_FAILURE;
           $response->error_message = 'Invalid username and password';
       }

If I am not completely mistaken the last else will override the User does not exist error as there is no return in that if block?