User login.pl

From EPrints Documentation
Revision as of 08:16, 31 January 2022 by Drn@ecs.soton.ac.uk (talk | contribs) (Added actually file name in bold. Tidied up code formatting.)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search


user_login.pl contains configuration for how to check whether and who a user should be logged in as using a function defined under $c->{check_user_password}.

Example

$c->{check_user_password} = sub {
  my( $repo, $username, $password ) = @_;
 
  return $ok ? $username : undef;
};

LDAP Authentication

See LDAP.

User masquerading

This tweak for check_user_password enables administrators to log into a system as any other user by using a special "/[username]" postfix to their normal username.

$c->{check_user_password} = sub {
  my( $repo, $u, $password ) = @_;

  my( $username, $alias ) = split /\//, $u;
 
  ... normal authentication for $username

  if( $alias && $user->get_type eq "admin" )
  {
    $user = $repo->user_by_username( $alias );
    $username = defined $user ? $user->value( "username" ) : undef;
  }

  return $username;
}