Need modified Login Form Module: External User Validation

Everything to do with Joomla! 1.5 templates and templating.

Moderator: General Support Moderators

Forum rules
Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Locked
aehanson
Joomla! Apprentice
Joomla! Apprentice
Posts: 24
Joined: Sun Jun 13, 2010 10:51 am

Need modified Login Form Module: External User Validation

Post by aehanson » Sun Aug 29, 2010 5:10 pm

My organization uses Joomla to create the public facing part of our web presence. However, we manage our membership on a Z2 Systems NEON platform.

I need to be able to allow users on my Joomla site to log in (to allow them to access 'Members Only' features) but want the authentificaton to be something other than the user list maintained in the User Manager section. Here is a description of how I need the module to work:

1) Display the Username and Password field
2) When the Login button is selected, allow my own PHP code to determine whether or not the UserID/Password is valid
3) If it is, act much the way the standard Joomla Login Form module works today.... (i.e, Hide the login fields, display the "Log Out" button and display all of the "Registered User" features that are normally hidden

I'm a competant PHP programmer but not real familiar with how Joomla does things... looking at the code in the modules/mod_login/tmpl directory it was not real obvious to me how I would hack this up to do what I want. I'll go that route if I have to but first I thought I'd check with this forum for advise or (even better) knowledge of an existing module that would allow me to do this (I've looked around and have not found one...).

mpirkle
Joomla! Apprentice
Joomla! Apprentice
Posts: 18
Joined: Thu Dec 17, 2009 10:38 pm

Re: Need modified Login Form Module: External User Validatio

Post by mpirkle » Sun Sep 05, 2010 12:57 am

I appreciate your position, Joomla has many, many layers with few clues to track what's going on.

I think hacking mod_login should be fine (make a backup!), though of course there is always danger in deviating from the "clean" build. When new versions of Joomla come out there could be issues, etc.

<joomla install>/modules/mod_login/tmpl/default.php contains (most of the) html that is generated for the login module. You can see that it has a form that will be sent to com_user via the hidden input fields "option" and "task" at the end of the file. You have many options from here, not limited to:
1) Make your own component and have the form submit to yours instead of com_user
2) Hack com_user

I chose to preserve com_user, but made a duplicate of it with my own class names. Then I have com_login redirect to my component which writes to our custom database tables AND to the joomla user tables. It was a pretty long process, but I'm not the sharpest guy.

Oh, if you don't want to write to your own tables, you might consider just altering the authentication code. When com_user is passed the form data from the login module, the login function is called in the com_user controller: components/com_user/controller.php. In the login function you'll see the call to authenticate:
$error = $mainframe->login($credentials, $options);
$mainframe is of type JApplication if I remember correctly. For reference, here's a link to the JApplication login function:

http://api.joomla.org/__filesource/fsou ... .html#a523

The first 3 lines:
jimport( 'joomla.user.authentication');
$authenticate = & JAuthentication::getInstance();
$response = $authenticate->authenticate($credentials, $options);
Joomla grabs the JAuthentication class from libraries/joomla/user/authentication.php
which grabs the authentication plugin from plugins/authentication/joomla.php

Finally this file is where the actual authentication gets done, so you could put your own code in here. You could really intercept the process at any step, though some will require greater change to Joomla than others.

Anyway, I hope this is helpful!

aehanson
Joomla! Apprentice
Joomla! Apprentice
Posts: 24
Joined: Sun Jun 13, 2010 10:51 am

Re: Need modified Login Form Module: External User Validatio

Post by aehanson » Sun Sep 05, 2010 12:26 pm

Thank you for the very helpful response!

Digging around yesterday I also found a reference to an article on creating your own authentification plugin (link below). I have some reading to do!

http://docs.joomla.org/Tutorial:Creatin ... Joomla_1.5

aehanson
Joomla! Apprentice
Joomla! Apprentice
Posts: 24
Joined: Sun Jun 13, 2010 10:51 am

Re: Need modified Login Form Module: External User Validatio

Post by aehanson » Sun Sep 05, 2010 9:11 pm

Hi again!

Well, using the information in the http://docs.joomla.org/Tutorial:Creatin ... Joomla_1.5 article I was able to get something working, but I'm hoping somebody can help work around the last remaining problem.

What I did was create my own authentification plug-in. Now, if I create the Account from within Joomla first (using a random string for a password), this plug-in will get called when the existing Joomla authentification fails. My plug-in grabs the UserID and Password, validates it against my external system and (if the UserID and Password are found to be correct there) updates the password in the Joomla database.

What I cannot figure out is how to create my own record in the Joomla users table using SQL from within PHP. I can create the record, but Joomla does not see it from the User Manager when I log into the backend as Administrator. I cannot find anything in the user table to tell whether or not a user accound has been enabled, so I suspect that there is another entry hidden somewhere in Joomla (must be in another table somewhere) that I cannot find.

Can anybody tell me what I need to know to allow me to create a user account entirely from PHP using SQL so I don't have to manually create a gazillion accounts through the back end?

mpirkle
Joomla! Apprentice
Joomla! Apprentice
Posts: 18
Joined: Thu Dec 17, 2009 10:38 pm

Re: Need modified Login Form Module: External User Validatio

Post by mpirkle » Mon Sep 06, 2010 6:40 pm

Yeah, the secret is that there are actually 3 tables that com_user writes to:
#__users
#__core_acl_aro
#__core_acl_groups_aro_map

Here's an chunk of my add new user code. This is merely a fragment, but it should give you the idea.
//Store user in local Joomla User table
////////////////////////////////////////////////////////////////////////////////////////
$newuser = new JObject();
$newuser->id = null;
$newuser->name = null;
$newuser->username = null;
$newuser->email = null;
$newuser->password = null;
$newuser->usertype = null;
$newuser->block = null;
$newuser->sendEmail = null;
$newuser->gid = null;
$newuser->registerDate = null;
$newuser->lastvisitDate = null;
$newuser->activation = null;
$newuser->params =
'admin_language=
language=
editor=
helpsite=
timezone=-8';

// internal attributes of an object are ignored
// thanks to getProperties
foreach ($newuser->getProperties() as $k => $v)
{
if(isset( $user->$k ))
{
$newuser->$k = $user->$k;
}
}

$newuser->usertype = 'Registered';
$newuser->id = $newid;

if( $isNew )
{
if( $newActive == 'true' )
{
$newuser->block = 0;
}
else
{
$newuser->block = 1;
}

if (!$db->insertObject( $mainframe->getCfg('dbprefix').'users', $newuser, 'id' ))
{
$this->setError( $db->stderr());
return false;
}
}
else
{
if (!$db->updateObject( $mainframe->getCfg('dbprefix').'users', $newuser, 'id' ))
{
$this->setError( $db->stderr());
return false;
}

}

//Insert entry into core_acl_aro table
/////////////////////////////////////////////////////////////////////////////////////////////////////////
if( $isNew )
{
$newCoreEntry = new JObject();
$newCoreEntry->id = null;
$newCoreEntry->section_value = 'users';
$newCoreEntry->value = $newid;
$newCoreEntry->order_value = 0;
$newCoreEntry->name = $newuser->username;
$newCoreEntry->hidden = 0;

if (!$db->insertObject( $mainframe->getCfg('dbprefix').'core_acl_aro', $newCoreEntry, 'id' ))
{
$this->setError( $db->stderr());
return false;
}


//Insert entry into core_acl_groups_aro_map table
//////////////////////////////////////////////////////////////////////////////////////////////////////////
$newCoreConnector = new JObject();
$newCoreConnector->group_id = $newuser->gid;
$newCoreConnector->section_value = null;
$newCoreConnector->aro_id = $db->insertid();//$newid; //No! aro id is the id generated from the prior insertion


if (!$db->insertObject( $mainframe->getCfg('dbprefix').'core_acl_groups_aro_map', $newCoreConnector ))
{
$this->setError( $db->stderr());
return false;
}
}

aehanson
Joomla! Apprentice
Joomla! Apprentice
Posts: 24
Joined: Sun Jun 13, 2010 10:51 am

Re: Need modified Login Form Module: External User Validatio

Post by aehanson » Mon Sep 13, 2010 12:00 am

I just wanted to say 'thanks' again for all your invaluable help... my plugin is doing exactly what I want it to do!

mpirkle
Joomla! Apprentice
Joomla! Apprentice
Posts: 18
Joined: Thu Dec 17, 2009 10:38 pm

Re: Need modified Login Form Module: External User Validatio

Post by mpirkle » Mon Sep 13, 2010 12:23 am

Awesome! So glad to hear that it worked out!

User avatar
offhegoes
Joomla! Apprentice
Joomla! Apprentice
Posts: 31
Joined: Fri Aug 15, 2008 5:27 pm
Location: Bandar Baru Bangi, Selangor, Malaysia
Contact:

Re: Need modified Login Form Module: External User Validatio

Post by offhegoes » Mon Oct 18, 2010 8:53 am

Hi.. I can see a light in front of me after reading this thread about your success in customize the login module... I would like to ask you & the rest question about my trying into hacking this Joomla code, alright.. I would like to;

My current application:
Currently, I have created a SMS based application where all mobile user can submit their data through mobilephone. Once the SMS received at the server, the system will authenticate/check from the application database if the mobile number registered. If the mobile number already registered, then we just take the registered name. However, if they are not exist, we still allow them to submit the data and store it inside the database. The only different from the registered user, is they are allowed to view the data from the website/portal (intend to use Joomla), while non registered cannot view it. They can login using their mobile number, and then they will be redirect to the registration page, then as normal for registration process, they will create the username & password.

1. My login will have two ways, first through a normal login form with the username & password when they registered with the Joomla site.
2. Non Registered user, still can login using their mobile number. The mobile number will identify their data once they registered with the application (intent to be Joomla).

May be you can guide me on how to create this Registration, Logon flow.

I think I need to do;
1. Modify the user table to include more fields from my application.

Thanks
M Sopian H

mpirkle
Joomla! Apprentice
Joomla! Apprentice
Posts: 18
Joined: Thu Dec 17, 2009 10:38 pm

Re: Need modified Login Form Module: External User Validatio

Post by mpirkle » Mon Oct 18, 2010 7:05 pm

Sounds like an authentication plugin would suit your needs (see one of the links above for documentation). I haven't made one myself, but it should give you the control you need while maintaining modularity. Once you've made a plugin, you can control what the user sees depending on whether or not they are logged in by using the following:
(Thanks to brunoazevedo on this topic: http://forum.joomla.org/viewtopic.php?p=2114566)
$user =& JFactory::getUser();

if($user->id)
{
//do user logged in stuff
}
else
{
//do user not logged in stuff
}

As for extending the fields of com_user, I would recommend creating your own tables to contain additional fields.

Sorry I don't have time to give you a better answer!


Locked

Return to “Templates for Joomla! 1.5”