Actions

Difference between revisions of "Authentication plugins"

From LimeSurvey Manual

Line 2: Line 2:
  
 
To make creating your own authentication plugin easier, you should extend the abstract [https://github.com/LimeSurvey/LimeSurvey/blob/2.05/application/libraries/PluginManager/AuthPluginBase.php AuthPluginBase] class.
 
To make creating your own authentication plugin easier, you should extend the abstract [https://github.com/LimeSurvey/LimeSurvey/blob/2.05/application/libraries/PluginManager/AuthPluginBase.php AuthPluginBase] class.
 +
 +
There are 4 events you can subscribe to:
 +
 +
== beforeLogin ==
 +
This is called first, and can possibly disable the loginform, for example when webserver authentication is used and we trust on that. To do this, use ''$this->setAuthPlugin()''
 +
 +
== newLoginForm ==
 +
Here you can add your own elements to the form. You should add your username/password elements, but could also add a domain selector or anything else you need. This will only be shown when the selected authentication method was chosen on the selector that is added when more then one plugin is present. When your authentication plugin does not need a form, and can not be selected as an option (like webserver authentication) you should not add a form element here.
 +
<syntaxhighlight lang="php">
 +
$this->getEvent()                  // Get the current event
 +
    ->getContent($this)          // Get the content for this plugin
 +
    ->addContent(CHtml::tag(      // And add some content to it
 +
        'li',
 +
        array(),
 +
        "<label for='user'>"  . gT("Username") . "</label><input name='user' id='user' type='text' size='40' maxlength='40' value='' />"))
 +
    ->addContent(CHtml::tag(
 +
        'li',
 +
        array(),
 +
        "<label for='password'>"  . gT("Password") . "</label><input name='password' id='password' type='password' size='40' maxlength='40' value='' />"));
 +
</syntaxhighlight>
 +
 +
== afterLoginFormSubmit ==
 +
When the form for this plugin was submitted, this event is called. Here you can handle setting the values to the plugin.
 +
 +
== newUserSession ==
 +
This is where the real authentication takes place. You should use $this->setAuthFailure($code, $message) for a failure and $this->setAuthSuccess($oUser) for a successful attempt.
 +
 
[[Category:Plugins]]
 
[[Category:Plugins]]

Revision as of 15:18, 11 June 2013

An authentication plugin has some additional requirements over a regular plugin. Here we list the requirements.

To make creating your own authentication plugin easier, you should extend the abstract AuthPluginBase class.

There are 4 events you can subscribe to:

beforeLogin

This is called first, and can possibly disable the loginform, for example when webserver authentication is used and we trust on that. To do this, use $this->setAuthPlugin()

newLoginForm

Here you can add your own elements to the form. You should add your username/password elements, but could also add a domain selector or anything else you need. This will only be shown when the selected authentication method was chosen on the selector that is added when more then one plugin is present. When your authentication plugin does not need a form, and can not be selected as an option (like webserver authentication) you should not add a form element here.

$this->getEvent()                  // Get the current event
     ->getContent($this)           // Get the content for this plugin
     ->addContent(CHtml::tag(      // And add some content to it
         'li', 
         array(), 
         "<label for='user'>"  . gT("Username") . "</label><input name='user' id='user' type='text' size='40' maxlength='40' value='' />"))
     ->addContent(CHtml::tag(
         'li', 
         array(), 
         "<label for='password'>"  . gT("Password") . "</label><input name='password' id='password' type='password' size='40' maxlength='40' value='' />"));

afterLoginFormSubmit

When the form for this plugin was submitted, this event is called. Here you can handle setting the values to the plugin.

newUserSession

This is where the real authentication takes place. You should use $this->setAuthFailure($code, $message) for a failure and $this->setAuthSuccess($oUser) for a successful attempt.