Authentification

All files from this thread

File Name	File Size		Posted by	Date
phorum-5.0.21-auth.patch	4.4 KB	open | download	bpiwowar	12/10/2005	Read message

Hi,

I have decided to update the forum website from phorum 3 to phorum 5. However, I had to hack the former in order to plug in my own authentification module. Apparently, I will have to do the same with phorum 5.

I know that on the "modules" forum there is a thread about plugging in one's own authentification system. However, I am not satisfied with these solutions as they also imply that everything has to be duplicated. I am also not satistified by simply modifying the include/users.php as it implies that everything (including user/group privileges on forum itself) has to be handled by the external module.

I eventually modified the users.php and include/db/mysql.php to fit my needs; however, this means also that I will have to do it again each time I upgrade phorum.

What I would like is a plug-in mechanismn at a lower level, that is in include/db/mysql.php directly.

The only assumption is that user_id (and maybe group_id) is handled by a custom module.

For instance,
(1) adding a filter in phorum_db_user_save that tells which fields are to be handled by phorum itself; then calling (if it exists) a custom save procedure that completes the save. Also, if the user does not exist in the phorum database this should be handled properly.
(2) in phorum_db_user_get would be modified to call a custom function to complete the information of phorum tables. Here again, if the user is not found in the phorum database, it has to be handled properly (ie, default values)

This mechanism can be reproduced for the groups.

The advantages are:
- no duplication of information
- it is much easier to plug-in a custom authentification module as only 2/3 simple functions have to be implemented (much easier that modifying the users.php file at least)
- upgrades do not break anything as default values are provided by these function if the field is not handled by the authentification module.

Also, I think there should be some options in phorum that could switch on/off the login/register/modify profile (or modify their URLs).

I would agree to do the modifications and then send a patch if you think this is a good idea.

Benjamin



Edited 1 time(s). Last edit at 07/13/2005 10:26PM by bpiwowar.

I would have to see the patch. Not sure I followed all of that.

Brian - Cowboy Ninja Coder - Personal Blog - Twitter

Sorry to have taken so long to answer...

The idea is to have a custom authentification procedure BUT to be able to manage forum permissions + groups from the interface.

I have now created a patch which solves my problems; I modified only two php files:
- include/users.php
- include/db/mysql.php

I updated the default templates: if the variable NOAUTH is set to true, there is no login/logoff options.

In the patch, you can find a custom authentification module (which has a new hook - auth - called by include/users.php)


Please tell me where I can send the patch.

You can attach it here to your post.

Brian - Cowboy Ninja Coder - Personal Blog - Twitter

How? I did not find any "attach" option.
Should I include it directly in the body of the message?

Benjamin

On the post form there is a big blue link that says "Attach a file ..."

Brian - Cowboy Ninja Coder - Personal Blog - Twitter

Edited 1 time(s). Last edit at 12/10/2005 04:27PM by brianlmoon.

Hi Brian,

Quote
brianlmoon
On the post form there is a big blue link that says "Attach a file ..."

...not on this forum there is: only "Preview" and "Post message"

check it again ;).

thats the sake of being admin ... you have all permissions already.

---

Thomas Seifert

Done

Note that there is a 10K limit and a restriction on types to php, tpl, diff or patch... I uploaded it with a "patch" extension but it is a "patch.gz" file.

The patch is against version 5.0.21 of phorum.

Benjamin

Hi Benjamin,

Your idea sounds really good. I would be happy to help develop this feature with you if the Phorum dev team thinks it would be a good addition. I'll start looking over your code.

Skye



Edited 2 time(s). Last edit at 12/12/2005 07:20PM by spoier.