Difference between revisions of "User login.pl"

From EPrints Documentation
Jump to: navigation, search
(Added actually file name in bold. Tidied up code formatting.)
 
Line 1: Line 1:
 
[[Category:Authentication]]
 
[[Category:Authentication]]
  
==Synopsis==
+
'''user_login.pl''' contains configuration for how to check whether and who a user should be logged in as using a function defined under '''$c->{check_user_password}'''.
 +
 
 +
==Example==
  
 
  $c->{check_user_password} = sub {
 
  $c->{check_user_password} = sub {
  my( $repo, $username, $password ) = @_;
+
  my( $repo, $username, $password ) = @_;
 
    
 
    
  return $ok ? $username : undef;
+
  return $ok ? $username : undef;
 
  };
 
  };
  
Line 14: Line 16:
  
 
==User masquerading==
 
==User masquerading==
 
{{Version|since=3.2.4}}
 
  
 
This tweak for check_user_password enables administrators to log into a system as any other user by using a special "/[username]" postfix to their normal username.
 
This tweak for check_user_password enables administrators to log into a system as any other user by using a special "/[username]" postfix to their normal username.
  
 
  $c->{check_user_password} = sub {
 
  $c->{check_user_password} = sub {
  my( $repo, $u, $password ) = @_;
+
  my( $repo, $u, $password ) = @_;
 
   
 
   
  my( $username, $alias ) = split /\//, $u;
+
  my( $username, $alias ) = split /\//, $u;
 
    
 
    
  ... normal authentication for $username
+
  ... normal authentication for $username
 
   
 
   
  if( $alias && $user->get_type eq "admin" )
+
  if( $alias && $user->get_type eq "admin" )
  {
+
  {
    $user = $repo->user_by_username( $alias );
+
    $user = $repo->user_by_username( $alias );
    $username = defined $user ? $user->value( "username" ) : undef;
+
    $username = defined $user ? $user->value( "username" ) : undef;
  }
+
  }
 
   
 
   
  return $username;
+
  return $username;
 
  }
 
  }

Latest revision as of 08:16, 31 January 2022


user_login.pl contains configuration for how to check whether and who a user should be logged in as using a function defined under $c->{check_user_password}.

Example

$c->{check_user_password} = sub {
  my( $repo, $username, $password ) = @_;
 
  return $ok ? $username : undef;
};

LDAP Authentication

See LDAP.

User masquerading

This tweak for check_user_password enables administrators to log into a system as any other user by using a special "/[username]" postfix to their normal username.

$c->{check_user_password} = sub {
  my( $repo, $u, $password ) = @_;

  my( $username, $alias ) = split /\//, $u;
 
  ... normal authentication for $username

  if( $alias && $user->get_type eq "admin" )
  {
    $user = $repo->user_by_username( $alias );
    $username = defined $user ? $user->value( "username" ) : undef;
  }

  return $username;
}