Geek Answers Handbook

Is CFLogin replacement necessary or am I missing something?

I'm seriously thinking about switching from CF8 cflogin because it is tied to the server that generated the login. In a load-balanced environment, you are stuck in sticky sessions if you are not performing a custom implementation.

Does anyone have a source that mimics CFLogin, which is written and managed from a client area? Perhaps even a design that goes well with renaming will replace the role of isuserin [any].

What should I think about when I consider writing a replacement for CFLogin?

+4
source share
2 answers

Here is a basic cflogin approach using variables stored in the CLIENT scope. We use a similar approach for non-sticky sessions in our server cluster behind our load balancer.

This code should work in Application.cfc onRequestStart() :

 <!--- handle login *post* ---> <cfif structKeyExists(FORM, "pageaction") and FORM.pageAction eq "adminlogin"> <!--- attempt to log user in ---> <cfif loginSuccessful> <!--- Set client variables for session management ---> <cfset CLIENT.lastHit = now() /> <cfset CLIENT.loggedIn = 1 /> <!--- redirect to home page ---> <cfelse> <!--- redirect to login page with message ---> </cfif> <!--- all other requests, except for the login page ---> <cfelseif structKeyExists(CLIENT, "lasthit") and structKeyExists(COOKIE, "cfid") and structKeyExists(CLIENT, "cfid") and listLast(CGI.SCRIPT_NAME, "/") neq "login.cfm"> <!--- Check for timeout ---> <cfif (datediff("n", CLIENT.lastHit, now()) lte 10) and (CLIENT.loggedIn is 1) and (CLIENT.cfid is COOKIE.cfid)> <!--- record last hit ---> <cfset CLIENT.lastHit = now() /> <cfelse> <!--- timeout! redirect to login page ---> <cflocation URL="http://mydomain/login.cfm" addtoken="false" /> </cfif> </cfif>

There is custom role material, but I hope this helps as a starting point.

+2
source

I configured the CF login wizard through Dreamweaver for portability and using the db table for authentication and role management. Because of this, I can use it either as a single-user login, or several accounts. I never used cflogin and never needed. I just drop the files into the directory, configure the login credentials, and that’s it. Works perfect every time.

0
source

More articles:


All Articles