| agregate authentication [message #28260] |
Sat, 15 October 2005 12:22  |
nuno
Messages: 11
Registered: September 2005
Location: Portugal
Karma:
|
Junior Member |
|
|
Hi,
I'm tring to agregate the authentication mechanisms of FUDforum and MediaWiki (and possibly others in the future).
I've copied the forum_login.php script and I've tried to come up with a basic auth script (not sure if it is 100% right):
<?php
require './fud_login.php'; // forum_login.php
require './forum/GLOBALS.php';
fud_use('db.inc');
fud_use('err.inc');
fud_use('cookies.inc');
fud_use('users.inc');
// login through cookie
if (_uid) {
echo 'ok, by cookie';
// credentials sent
} elseif (!empty($_SERVER['PHP_AUTH_USER']) && !empty($_SERVER['PHP_AUTH_PW'])
&& ($uid = external_get_user_by_auth($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']))
&& external_fud_login($uid)
) {
echo 'ok, by http auth';
// we got nothing, ask the secret password
} else {
header('WWW-Authenticate: Basic realm="testing"');
header('HTTP/1.0 401 Unauthorized');
}
print_r($usr);
?>
That script would be used as the index file, and then users could choose the programs from there. The problem arises when users access the forum directly.
My question is: how can I force FUDforum to use this script as its auth method? I want to use http authentication, so than no one can reach the forum (and also disalow registrations; only admins could do that).
Then I also need to make Mediawiki use the script (did anyone already tried that? do they have any nice API as well?)
Thanks in advance,
Nuno
|
|
|
|
Calendar
Search
Help
Members
Register
Login
Home
]