HTTPD Auth?

You have a suggestion for a future version of phpMyFAQ? Then post it here!

Moderator: Thorsten

Einon
Posts: 4
Joined: Wed Dec 02, 2009 12:46 pm

Re: HTTPD Auth?

Post by Einon »

Hi!

What's the status of HTTPd Auth? I added the auth part to .htaccess but nothing happens. Login box appears and I can log in with both the pass stored in htpass and the one stored in database.
For that to work I did this in index.php

Code: Select all

 if (!is_null($faqusername) && !is_null($faqpassword)) { 
     $user = new PMF_User_CurrentUser(); 
     if ($faqconfig->get('main.ldapSupport')) { 
         $authLdap = new PMF_Auth_AuthLdap(); 
         $user->addAuth($authLdap, 'ldap'); 
     } 
+    $authHttp = new PMF_Auth_AuthHttp(); 
+    $user->addAuth($authHttp, 'http'); 
     if ($user->login($faqusername, $faqpassword)) {
Another, perhaps related question: I would like to implement a custom auth modul, how can I persuade phpMyFAQ to use that ?

Thanks,
Einon
Thorsten
Posts: 15560
Joined: Tue Sep 25, 2001 11:14 am
Location: #phpmyfaq
Contact:

Re: HTTPD Auth?

Post by Thorsten »

Hi,

does it work with these two additional lines of code?

For custom auth classes please take a look into the folder inc/PMF_Auth/ and look at the files inside.

What kind of authentication do you want to add?

bye
Thorsten
phpMyFAQ Maintainer and Lead Developer
amazon.de Wishlist
Einon
Posts: 4
Joined: Wed Dec 02, 2009 12:46 pm

Re: HTTPD Auth?

Post by Einon »

Thorsten wrote:does it work with these two additional lines of code?
Not really...
With this additional two lines of code I can log in with both of my accounts (the one stored in htpass file using AuthHttp, and the other AuthDb I think...). The only problem is that login only works when I use the login form.
In my opinion AuthHttp should work in a way so that if I already pass credentials using the httpd's Auth system ($_SERVER['PHP_AUTH_USER'] variable) then phpMyFAQ should notice it and use that data to log me in automatically instead of using the form.
Thorsten wrote:For custom auth classes please take a look into the folder inc/PMF_Auth/ and look at the files inside.
What kind of authentication do you want to add?
I did. They do not seem like a difficult mechanism. As for what kind of auth do I want is still a question. We would like to integrate it with our website, so most likely it will be cookie based auth system.

bye,
Einon
Thorsten
Posts: 15560
Joined: Tue Sep 25, 2001 11:14 am
Location: #phpmyfaq
Contact:

Re: HTTPD Auth?

Post by Thorsten »

Hi,
Einon wrote:With this additional two lines of code I can log in with both of my accounts (the one stored in htpass file using AuthHttp, and the other AuthDb I think...). The only problem is that login only works when I use the login form.
In my opinion AuthHttp should work in a way so that if I already pass credentials using the httpd's Auth system ($_SERVER['PHP_AUTH_USER'] variable) then phpMyFAQ should notice it and use that data to log me in automatically instead of using the form.
you're right. I'll take a look at it how to improve this.

bye
Thorsten
phpMyFAQ Maintainer and Lead Developer
amazon.de Wishlist
Einon
Posts: 4
Joined: Wed Dec 02, 2009 12:46 pm

Re: HTTPD Auth?

Post by Einon »

Thorsten wrote:you're right. I'll take a look at it how to improve this.
Suggestion:
Add a new config option as to what authentication class (more advanced: ordered list of authentication classes) should be used.
Extend the Auth classes with a function that tries to guess if a user is logged in like checking cookie, checking php_auth_user, and if yes restore the user from session.
I would implement this myself providing you a patch, but simply at this moment I don't have time to learn OO PHP now.

Thank you!
Einon

I
Thorsten
Posts: 15560
Joined: Tue Sep 25, 2001 11:14 am
Location: #phpmyfaq
Contact:

Re: HTTPD Auth?

Post by Thorsten »

Hi,

yes, I'm also thinking about such a solution.

bye
Thorsten
phpMyFAQ Maintainer and Lead Developer
amazon.de Wishlist
Post Reply