Authentication 约姆拉·奥努塞拉特
在Joomla源代码中,我发现了一个方法caledAuthentication 约姆拉·奥努塞拉特,authentication,joomla,authorization,Authentication,Joomla,Authorization,在Joomla源代码中,我发现了一个方法caledonUserAuthenticate,该方法在API中找不到(通过google),但其功能类似于。。。所以,在登录/密码检查之后,我需要通过这个函数运行更多的代码。因此,我有true/false——根据它,我需要完全设置用户的授权。即使用户的登录/密码正确,但我的代码返回false->授权失败 我正在尝试类似于: functionon UserAuthenticate($credentials,$options,&$response){
onUserAuthenticate
,该方法在API中找不到(通过google),但其功能类似于。。。所以,在登录/密码检查之后,我需要通过这个函数运行更多的代码。因此,我有true/false
——根据它,我需要完全设置用户的授权。即使用户的登录/密码正确,但我的代码返回false->授权失败
我正在尝试类似于:
functionon UserAuthenticate($credentials,$options,&$response){
jimport('joomla.user.helper');
$username=mysql_real_escape_string($credentials['username']);
$password=mysql_real_escape_string(md5($credentials['password']));
//my code returns $result
if($result!=NULL){
$response->status=JAUTHENTICATE_STATUS_SUCCESS;
$response->error_message='';
}
else{
$response->status=JAUTHENTICATE_STATUS_FAILURE;
$response->error_message=JText::_('JGLOBAL_AUTH_INVALID_PASS');
}
}
您可以在自定义登录表单中尝试此操作-
$app = JFactory::getApplication();
$data = array();
$data['return'] = '';
$data['username'] = JRequest::getVar('username', '', 'method', 'username');
$data['password'] = JRequest::getString('password', '', 'post', JREQUEST_ALLOWRAW);
// Get the log in options.
$options = array();
// Get the log in credentials.
$credentials = array();
$credentials['username'] = $data['username'];
$credentials['password'] = $data['password'];
// Perform the log in.
$error = $app->login($credentials, $options);
if (!JError::isError($error)) {
$response->status=JAUTHENTICATE_STATUS_SUCCESS;
$response->error_message='';
}else{
$response->status=JAUTHENTICATE_STATUS_FAILURE;
$response->error_message=JText::_('JGLOBAL_AUTH_INVALID_PASS');
}
onUserAuthenticate是一个事件而不是一个方法。您使用插件来监听Joomla事件,在这种情况下,用户插件通常会监听这些事件。当事件发生时,您的代码将运行。
如果您想在函数“onUserAuthenticate”上验证解决方案,您应该自己检查用户凭据是否有效,并使用以下代码执行此操作:
function onUserAuthenticate($credentials, $options, &$response)
{
$response->type = 'Joomla';
// Joomla does not like blank passwords
if (empty($credentials['password'])) {
$response->status = JAuthentication::STATUS_FAILURE;
$response->error_message = JText::_('JGLOBAL_AUTH_EMPTY_PASS_NOT_ALLOWED');
return false;
}
// Initialise variables.
$conditions = '';
// Get a database object
$db = JFactory::getDbo();
$query = $db->getQuery(true);
$query->select('id, password');
$query->from('#__users');
$query->where('username=' . $db->Quote($credentials['username']));
$db->setQuery($query);
$result = $db->loadObject();
if ($result) {
$parts = explode(':', $result->password);
$crypt = $parts[0];
$salt = @$parts[1];
$testcrypt = JUserHelper::getCryptedPassword($credentials['password'], $salt);
if ($crypt == $testcrypt) {
$user = JUser::getInstance($result->id); // Bring this in line with the rest of the system
$response->email = $user->email;
$response->fullname = $user->name;
$response->status = JAuthentication::STATUS_SUCCESS;
$response->error_message = '';
print_r("You login correct Sir");
die();
} else {
print_r("you enter wrong credential");
die();
$response->status = JAuthentication::STATUS_FAILURE;
$response->error_message = JText::_('JGLOBAL_AUTH_INVALID_PASS');
}
} else {
print_r("you enter blank credential");
die();
$response->status = JAuthentication::STATUS_FAILURE;
$response->error_message = JText::_('JGLOBAL_AUTH_NO_USER');
}
return true;
}
检查
$result
的值。它是空的还是有一些值?Irfan,您的解决方案将程序置于一个无休止的循环中。onUserAuthenticate转到login,login转到onUserAuthenticate。