Geek Answers Handbook

Joomla 1.7 Authentication from an external application

My goal is to verify that the Joomla username and password are valid from my external application. It is not necessary that the user logs in to the system, just that their account exists. I decided to create my own authentication plugin based on Joomla authentication (JOOMLA_PATH / plugins / authentication / joomla). I just changed the name:

<?php /** * @version $Id: joomla.php 21097 2011-04-07 15:38:03Z dextercowley $ * @copyright Copyright (C) 2005 - 2011 Open Source Matters, Inc. All rights reserved. * @license GNU General Public License version 2 or later; see LICENSE.txt */ // No direct access defined('_JEXEC') or die; jimport('joomla.plugin.plugin'); /** * Joomla Authentication plugin * * @package Joomla.Plugin * @subpackage Authentication.Webservice * @since 1.5 */ class plgAuthenticationWebservice extends JPlugin { /** * This method should handle any authentication and report back to the subject * * @access public * @param array Array holding the user credentials * @param array Array of extra options * @param object Authentication response object * @return boolean * @since 1.5 */ function onUserAuthenticate($credentials, $options, &$response) { jimport('joomla.user.helper'); $response->type = 'Webservice'; // Joomla does not like blank passwords if (empty($credentials['password'])) { $response->status = JAUTHENTICATE_STATUS_FAILURE; $response->error_message = JText::_('JGLOBAL_AUTH_EMPTY_PASS_NOT_ALLOWED'); return false; } // Initialise variables. $conditions = ''; // Get a database object $db = JFactory::getDbo(); $query = $db->getQuery(true); $query->select('id, password'); $query->from('#__users'); $query->where('username=' . $db->Quote($credentials['username'])); $db->setQuery($query); $result = $db->loadObject(); if ($result) { $parts = explode(':', $result->password); $crypt = $parts[0]; $salt = @$parts[1]; $testcrypt = JUserHelper::getCryptedPassword($credentials['password'], $salt); if ($crypt == $testcrypt) { $user = JUser::getInstance($result->id); // Bring this in line with the rest of the system $response->email = $user->email; $response->fullname = $user->name; if (JFactory::getApplication()->isAdmin()) { $response->language = $user->getParam('admin_language'); } else { $response->language = $user->getParam('language'); } $response->status = JAUTHENTICATE_STATUS_SUCCESS; $response->error_message = ''; } else { $response->status = JAUTHENTICATE_STATUS_FAILURE; $response->error_message = JText::_('JGLOBAL_AUTH_INVALID_PASS'); } } else { $response->status = JAUTHENTICATE_STATUS_FAILURE; $response->error_message = JText::_('JGLOBAL_AUTH_NO_USER'); } } }

I added another file to my authentication access plugin, I called it test_auth.php and it looks something like this:

 <?php define('_JEXEC', 1 ); define('JPATH_BASE', 'C:\xampp\htdocs\joomla'); define( 'DS', DIRECTORY_SEPARATOR ); require_once ( JPATH_BASE .DS.'includes'.DS.'defines.php' ); require_once ( JPATH_BASE .DS.'includes'.DS.'framework.php' ); include("Webservice.php"); $credentials = array( 'username' => 'test', 'password' => 'test'); $options = array(); $response = array(); $auth = new plgAuthenticationWebservice(); $auth->onUserAuthenticate($credentials, $options, &$response); var_dump($response);

But when I call it, it gets the following errors:

Warning: Missing argument 1 for JPlugin :: __ construct () called in C: \ XAMPP \ HTDOCS \ Joomla \ Plugins \ authentication \ Webservice \ test_auth.php on line 25 and is defined in C: \ xampp \ htdocs \ joomla \ libraries \ joomla \ plugin \ plugin.php on line 57
Fatal error: calling attach () member function for non-object in C: \ xampp \ htdocs \ joomla \ libraries \ joomla \ base \ observer.php on line 41

What am I doing wrong? I think that I could host all php scripts outside and independently of joomla and work with require_once (JPATH_BASE.DS.'includes'.DS.'defines.php) etc. Or I could write a plug-in, install it using the extension manager and would not struggle with the inaccessible joomla structure. But actually it will not work unless I specify define.php and framework.php.

I think a tutorial on creating a plugin in Joomla 1.7 would be helpful.

+4
source share
1 answer

OK, I completely dropped my first attempt.

Instead, I now use JOOMLA_ROOT / libraries / joomla / user / authentication.php (bundled with JOOMLA_ROOT / libraries / joomla / application / application.php).

Now my test_auth.php looks like this:

 <?php define('_JEXEC', 1 ); define('DS', DIRECTORY_SEPARATOR); define('JPATH_BASE', dirname(__FILE__) . DS . '..' . DS . '..' . DS . '..'); // assuming we are in the authorisation plugin folder and need to go up 3 steps to get to the Joomla root require_once (JPATH_BASE .DS. 'includes' .DS. 'defines.php'); require_once (JPATH_BASE .DS. 'includes' .DS. 'framework.php'); require_once (JPATH_BASE .DS. 'libraries' .DS. 'joomla'. DS. 'user' .DS. 'authentication.php'); $mainframe =& JFactory::getApplication('site'); $mainframe->initialise(); $credentials = array( 'username' => 'test', 'password' => 'test'); $options = array(); $authenticate = JAuthentication::getInstance(); $response = $authenticate->authenticate($credentials, $options); if ($response->status === JAUTHENTICATE_STATUS_SUCCESS) { echo('<br />It works<br />'); } var_dump($response);

For any improvements, I would be deeply grateful!

EDIT: I rejected the installation of the plugin. This is a simple external script that will not be called from Joomla itself. I just moved it to a new folder in the Joomla root directory.

+4
source

More articles:


All Articles