Automatic Login for a Single User (no CMS scripts)

peteswann

Joined: 2007-11-04
Posts: 2

Posted: Sun, 2007-11-04 21:23

Good afternoon,

I am trying to create an automatic login configuration that is slightly different than most others that I have seen mentioned on these forums, but I believe that the main concept is the same. I'm not using a CMS login management system, but rather writing my own little script to execute the login once a particular page is accessed.

I would like to set a login cookie for a single user based on the HTTP referer, in the sense that if the referer matches a particular site, then a user will be logged in. I have only one user account in the gallery installation (userid 7), which is what I would like to have logged in.

Right now, I'm not concerned with the referer script, or anything other than getting the login configured correctly. After spending hours reading through the forums and through the codex documentation, I have gotten this code put together so far:

$g2_Config['path'] = dirname(__FILE__) . '/gallery2';
$g2_Config['g2Uri'] = '/gallery2/';
$g2_Config['loginRedirect'] = '/autologin.php';
$g2_Config['embedUri'] = '/gallery2/main.php';
$g2_Config['uid'] = '7';

require_once( $g2_Config['path'] . '/embed.php');

$ret = GalleryEmbed::init(array(
	'g2Uri' => $g2_Config['g2Uri'],
	'embedUri' => $g2_Config['embedUri'],
	'activeUserId' => $g2_Config['uid'],
	'apiVersion' => array(1,0)
	));
GalleryCapabilities::set('login',true);
GalleryEmbed::done();
$g2moddata = GalleryEmbed::handleRequest();

In the end after executing the script, no cookie is set, no session is added to the SessionMap table in the database, and I am simply redirected to a login screen.

I think I'm very close, but can't seem to get over this last hurdle. I would appreciate any help you can provide!

Thanks,
Pete

valiant

Joined: 2003-01-04
Posts: 32509

Posted: Sun, 2007-11-04 23:25

the "activeUserId" parameter in GalleryEmbed functions is not referring to a Gallery user-id but to a user-id in your own user management / your own user database.

if you don't have a separate userbase, you don't want to use the activeUserId parameter.
i.e. remove the activeUSerId => line from your script. the new call would be:

$ret = GalleryEmbed::init(array(
'g2Uri' => $g2_Config['g2Uri'],
'embedUri' => $g2_Config['embedUri'],
'apiVersion' => array(1,0)
));

another note: you shouldn't ignore $ret. if $ret isn't null, there's an error.

finally, i don't understand the intent. you don't have another user-base, you just have the gallery user base. and you only want to login as admin (user id = 7). but there's another login page (autologin.php)?

--------------
Documentation: Support / Troubleshooting | Installation, Upgrade, Configuration and Usage

peteswann

Joined: 2007-11-04
Posts: 2

Posted: Mon, 2007-11-05 04:12

Thanks so much for your reply. If I am seeing things correctly in my database, the administrative user that I created upon installation is userid=6, and the second user that I created (member of Registered Users) is userid=7.

If I were to remove the ActiveUserId => line from the script, how will Gallery know what user to associate a session with?

Quote:

finally, i don't understand the intent. you don't have another user-base, you just have the gallery user base. and you only want to login as admin (user id = 7). but there's another login page (autologin.php)?

I realize that this sounds strange, but I want to share my gallery with members of a forum, but not with everyone else out on the Internet. The gallery and forum exist on different servers, and I have no way of accessing this forum's userbase, nor do I want to have each individual forum member re-register an account. If a link is clicked from the forum to my site, I can check the referer and if it matches, set a cookie to be logged in as a user. This method is the only one that I can think of that will accomplish my goal. I could share the username/password with everyone, but due to the skill level of some of the members, this might actually pose a problem.

I also believe that my intent for autologin.php as the loginRedirect page is incorrect; autologin.php is the page that contains my script to set the cookie, and then redirect to the gallery main page.

Using your suggestion in removing the ActiveUserId line, I am still redirected to the login page, with no cookie being issued and no session showing up in the database. I also looked at the $ret, and it does not appear to be null, for I am redirected to the login page instead of displaying the error if null.

Thanks again for your help, it is most certainly appreciated

- Pete

ozgreg

Joined: 2003-10-18
Posts: 1378

Posted: Wed, 2007-11-07 04:50

In short, without specifying the userid, unless Gallery2 already has an existing active session it will assume the session is for guest.

For me you have two paths, most forums set cookies, what I would be doing is look at the forum cookie, and see what information is in the forum cookie and use the cookie to log the person on or
hardcode the init call to a constant that way everyone is always logged in with the same "generic" user.
____________________________________
Wordpress / Gallery2 (WPG2) Plugin, WPG2 Downloads, WPG2 Documentation

capt_kirk

Joined: 2006-01-24
Posts: 492

Posted: Wed, 2007-11-07 12:50

Pete,

To build on what both Valiant and Ozgreg have said, you'll need to map your CMS user to the G2 user. Pick a CMS UID that is impossible for your CMS. I.E, if your CMS uses integers for UIDs, then use a string and vice versa. I'm going to assume that you're using integers, so try something like $g2_Config['uid'] = "auth_user";

You'll have to play with it some to get it to work, but try the Embedding:Integration "Create a user on the fly" HOWTO. Ozgreg uses a modified version of this in WPG2 to create users that don't exist. If you use your fictitious "auth_user" for $emAppUserId that should get you started. This will create a new user in G2 (I assume ID ==8) that you can then allow all authenticated CMS users to use.

You'll want to look at the GalleryEmbed API for details on isExternalIdMapped and createUser.

EDIT: Or you could create a very small php file that only uses GalleryEmbed::addExternalIdMapEntry to map your "auth_user" to your G2 user 7. Run it once to establish the mapping. Then you could keep your current code, using auth_user instead of 7 in $g2_Config['uid']. That would be a little more efficient, since you only really need to create the mapping once, instead of checking it for every user.

Kirk
____________________________________
G2Image Documentation, G2Image Demo Page, My Family Website

peteswann Joined: 2007-11-04 Posts: 2	Posted: Sun, 2007-11-04 21:23
	Good afternoon, I am trying to create an automatic login configuration that is slightly different than most others that I have seen mentioned on these forums, but I believe that the main concept is the same. I'm not using a CMS login management system, but rather writing my own little script to execute the login once a particular page is accessed. I would like to set a login cookie for a single user based on the HTTP referer, in the sense that if the referer matches a particular site, then a user will be logged in. I have only one user account in the gallery installation (userid 7), which is what I would like to have logged in. Right now, I'm not concerned with the referer script, or anything other than getting the login configured correctly. After spending hours reading through the forums and through the codex documentation, I have gotten this code put together so far: $g2_Config['path'] = dirname(__FILE__) . '/gallery2'; $g2_Config['g2Uri'] = '/gallery2/'; $g2_Config['loginRedirect'] = '/autologin.php'; $g2_Config['embedUri'] = '/gallery2/main.php'; $g2_Config['uid'] = '7'; require_once( $g2_Config['path'] . '/embed.php'); $ret = GalleryEmbed::init(array( 'g2Uri' => $g2_Config['g2Uri'], 'embedUri' => $g2_Config['embedUri'], 'activeUserId' => $g2_Config['uid'], 'apiVersion' => array(1,0) )); GalleryCapabilities::set('login',true); GalleryEmbed::done(); $g2moddata = GalleryEmbed::handleRequest(); In the end after executing the script, no cookie is set, no session is added to the SessionMap table in the database, and I am simply redirected to a login screen. I think I'm very close, but can't seem to get over this last hurdle. I would appreciate any help you can provide! Thanks, Pete
	XUser login Username: * Password: * Create new account Request new password
valiant Joined: 2003-01-04 Posts: 32509	Posted: Sun, 2007-11-04 23:25
	the "activeUserId" parameter in GalleryEmbed functions is not referring to a Gallery user-id but to a user-id in your own user management / your own user database. if you don't have a separate userbase, you don't want to use the activeUserId parameter. i.e. remove the activeUSerId => line from your script. the new call would be: $ret = GalleryEmbed::init(array( 'g2Uri' => $g2_Config['g2Uri'], 'embedUri' => $g2_Config['embedUri'], 'apiVersion' => array(1,0) )); another note: you shouldn't ignore $ret. if $ret isn't null, there's an error. finally, i don't understand the intent. you don't have another user-base, you just have the gallery user base. and you only want to login as admin (user id = 7). but there's another login page (autologin.php)? -------------- Documentation: Support / Troubleshooting \| Installation, Upgrade, Configuration and Usage

peteswann Joined: 2007-11-04 Posts: 2	Posted: Mon, 2007-11-05 04:12
	Thanks so much for your reply. If I am seeing things correctly in my database, the administrative user that I created upon installation is userid=6, and the second user that I created (member of Registered Users) is userid=7. If I were to remove the ActiveUserId => line from the script, how will Gallery know what user to associate a session with? Quote: finally, i don't understand the intent. you don't have another user-base, you just have the gallery user base. and you only want to login as admin (user id = 7). but there's another login page (autologin.php)? I realize that this sounds strange, but I want to share my gallery with members of a forum, but not with everyone else out on the Internet. The gallery and forum exist on different servers, and I have no way of accessing this forum's userbase, nor do I want to have each individual forum member re-register an account. If a link is clicked from the forum to my site, I can check the referer and if it matches, set a cookie to be logged in as a user. This method is the only one that I can think of that will accomplish my goal. I could share the username/password with everyone, but due to the skill level of some of the members, this might actually pose a problem. I also believe that my intent for autologin.php as the loginRedirect page is incorrect; autologin.php is the page that contains my script to set the cookie, and then redirect to the gallery main page. Using your suggestion in removing the ActiveUserId line, I am still redirected to the login page, with no cookie being issued and no session showing up in the database. I also looked at the $ret, and it does not appear to be null, for I am redirected to the login page instead of displaying the error if null. Thanks again for your help, it is most certainly appreciated - Pete

ozgreg Joined: 2003-10-18 Posts: 1378	Posted: Wed, 2007-11-07 04:50
	In short, without specifying the userid, unless Gallery2 already has an existing active session it will assume the session is for guest. For me you have two paths, most forums set cookies, what I would be doing is look at the forum cookie, and see what information is in the forum cookie and use the cookie to log the person on or hardcode the init call to a constant that way everyone is always logged in with the same "generic" user. ____________________________________ Wordpress / Gallery2 (WPG2) Plugin, WPG2 Downloads, WPG2 Documentation

capt_kirk Joined: 2006-01-24 Posts: 492	Posted: Wed, 2007-11-07 12:50
	Pete, To build on what both Valiant and Ozgreg have said, you'll need to map your CMS user to the G2 user. Pick a CMS UID that is impossible for your CMS. I.E, if your CMS uses integers for UIDs, then use a string and vice versa. I'm going to assume that you're using integers, so try something like $g2_Config['uid'] = "auth_user"; You'll have to play with it some to get it to work, but try the Embedding:Integration "Create a user on the fly" HOWTO. Ozgreg uses a modified version of this in WPG2 to create users that don't exist. If you use your fictitious "auth_user" for $emAppUserId that should get you started. This will create a new user in G2 (I assume ID ==8) that you can then allow all authenticated CMS users to use. You'll want to look at the GalleryEmbed API for details on isExternalIdMapped and createUser. EDIT: Or you could create a very small php file that only uses GalleryEmbed::addExternalIdMapEntry to map your "auth_user" to your G2 user 7. Run it once to establish the mapping. Then you could keep your current code, using auth_user instead of 7 in $g2_Config['uid']. That would be a little more efficient, since you only really need to create the mapping once, instead of checking it for every user. Kirk ____________________________________ G2Image Documentation, G2Image Demo Page, My Family Website

Automatic Login for a Single User (no CMS scripts)

XUser login