• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Community auth forced login

#1
Hi all,

I'm having trouble with community auth forced login.

My login system is working fine, but I want the admins to be able to sign in as another user without using the password, for debug purpose.

On this page of the documentation : https://community-auth.com/documentation...rced-login

It says to use
Code:
$auth_model = $this->authentication->auth_model;  
 // Get normal authentication data using email address
 if( $auth_data = $this->{$auth_model}->get_auth_data( $email_address ) )
 {
   /**
    * If redirect param exists, user redirected there.
    * This is entirely optional, and can be removed if
    * no redirect is desired.
    */
   $this->authentication->redirect_after_login();  
   // Set auth related session / cookies
   $this->authentication->maintain_state( $auth_data );
 }

When I do that (method in a controller), I'm succefully logged as the user I chose, but as soon as I refresh or go to another page, I'm sent back to the login screen.

Anyone can help ?
Reply

#2
See the line:

$this->authentication->redirect_after_login();

Comment it out or remove it. That should prevent the redirect, no?

In my own testing, I was using the Examples controller, social_login method. I had to add to the top of the method:

$this->is_logged_in();

Because if I did not add that, I would get a database error related to duplicate session IDs.
Reply

#3
Hi skunkbad,

I've tried to comment the line you told me to, I'm getting the same thing, although I'm not redirected to the default page of my website.

So after the "Force_Login" method, I'm getting a blank page. Then when I navigate to my home page (or anywhere else), I'm logged with the right user. But as soon as I navigate one more time, or just refresh, I'm asked to login again.

Btw, thanks for developing and sharing this project, it's pretty dope. And I saw you giving plenty of help on that forum to people like me. Keep up the good work man.
Reply

#4
Here are some more details I gathered after testing.

I have 2 users :
  • "admin" who has the auth_level 20 which corresponds to the role "admins"
  • "user" who has the auth_level 10 which corresponds to the role "users"
When I'm logged as admin, I get the issue I described. Works once, but then I'm logged off when I refresh.

When I'm logged as user, if I call the force login method manually (because not shown in GUI for users) and I log as admin, it works fine. I'm not logged of after refresh, and I stay logged as admin.

Before I render my views I have this line :
PHP Code:
$this->isAdmin $this->verify_role('admin'); 

If I comment this line, everything works fine.
So this method "verify_role", disconnects the user if he is not admin, apparently.

Is this the normal behaviour ?
If yes, how do I verify if the current user is in a role, without disconnecting him in case he's not.

That "isAdmin" variable is accessed from the Views so I can determine if some fields, buttons, etc.. need to be rendered.

Thanks in advance.
Reply

#5
PHP Code:
$bool is_role('admin'); 

That is documented here:
https://community-auth.com/documentation...-functions

Also, I made this Test controller up real quick, and I'm not saying you should do it, because it's not secure to switch users via URL param, but it's proof of switching user working. You would go to /test/simple_verification to start:

PHP Code:
<?php if( ! defined('BASEPATH') ) exit('No direct script access allowed');

class 
Test extends MY_Controller{
    
    public function 
__construct()
    {
        
parent::__construct();

        
// Form and URL helpers always loaded (just for convenience)
        
$this->load->helper('url');
        
$this->load->helper('form');
    }

    
// -----------------------------------------------------------------------

    
public function switch_user$username_or_email_address )
    {
        
$this->is_logged_in();

        if( ! empty( 
$username_or_email_address ) )
        {
            
$auth_model $this->authentication->auth_model;

            
// Get normal authentication data using username or email address
            
if( $auth_data $this->{$auth_model}->get_auth_data$username_or_email_address ) )
            {
                
// Set auth related session / cookies
                
$this->authentication->maintain_state$auth_data );
            }

            
$_GET['redirect'] = urlencode('test/simple_verification');
            
$this->authentication->redirect_after_login();
        }
        else
        {
            echo 
'Example requires that you set a username or email address.';
        }
    }
    
    
// -----------------------------------------------------------------------

    
public function simple_verification()
    {
        
$this->is_logged_in();

        echo 
$this->load->view('examples/page_header'''TRUE);

        echo 
'<p>';
        if( ! empty( 
$this->auth_role ) )
        {
            echo 
$this->auth_role ' logged in!<br />
                User ID is ' 
$this->auth_user_id '<br />
                Auth level is ' 
$this->auth_level '<br />
                Username is ' 
$this->auth_username;

            if( 
$http_user_cookie_contents $this->input->cookieconfig_item('http_user_cookie_name') ) )
            {
                
$http_user_cookie_contents unserialize$http_user_cookie_contents );
                
                echo 
'<br />
                    <pre>'
;

                
print_r$http_user_cookie_contents );

                echo 
'</pre>';
            }

            if( 
config_item('add_acl_query_to_auth_functions') && $this->acl )
            {
                echo 
'<br />
                    <pre>'
;

                
print_r$this->acl );

                echo 
'</pre>';
            }
        }
        else
        {
            echo 
'Nobody logged in.';
        }

        echo 
'</p>';

        echo 
'<h2>Switch User</h2>
            <p>If you do not have these users, you need to create them first</p>
            <ul>
                <li><a href="/test/switch_user/skunk">skunk</a></li>
                <li><a href="/test/switch_user/chicken">chicken</a></li>
                <li><a href="/test/switch_user/lizard">lizard</a></li>
            </ul>
        '
;

        echo 
$this->load->view('examples/page_footer'''TRUE);
    }
    
    
// -----------------------------------------------------------------------
}

/* End of file Test.php */
/* Location: /application/controllers/Test.php */ 

Dig through the code a bit, and you'll find that you should easily be able to achieve what you want.

Edit:
This assumes a clean install of CI and Community Auth, because I can't know if you've made mods.
Reply

#6
Thank you for you clear and detailed answers.

My mistake was using the
PHP Code:
$bool $this->verify_role('admin'); 
Which disconnects the user if he doesn't have the role.


I used 
PHP Code:
$bool is_role('admin'); 
 instead and it worked from then.
Reply

#7
(05-31-2017, 12:11 AM)mxfragz Wrote: Thank you for you clear and detailed answers.

My mistake was using the
PHP Code:
$bool $this->verify_role('admin'); 
Which disconnects the user if he doesn't have the role.


I used 
PHP Code:
$bool is_role('admin'); 
 instead and it worked from then.

You can also use auth variables:
https://community-auth.com/documentation...-variables

So if you're inside a controller, you can use:


PHP Code:
if( $this->auth_role == 'admin' 


There is lots of flexibility built in, because over time a lot of different things have come up in my own work, so I built them in.
Reply

#8
(05-31-2017, 12:16 PM)skunkbad Wrote: You can also use auth variables:
https://community-auth.com/documentation...-variables

So if you're inside a controller, you can use:


PHP Code:
if( $this->auth_role == 'admin' 


There is lots of flexibility built in, because over time a lot of different things have come up in my own work, so I built them in.

I thought about it but I thought it would be bad practice.
Glad to know that it isn't, might use that later on.
Reply

#9
(05-31-2017, 06:40 PM)mxfragz Wrote:
(05-31-2017, 12:16 PM)skunkbad Wrote: You can also use auth variables:
https://community-auth.com/documentation...-variables

So if you're inside a controller, you can use:


PHP Code:
if( $this->auth_role == 'admin' 


There is lots of flexibility built in, because over time a lot of different things have come up in my own work, so I built them in.

I thought about it but I thought it would be bad practice.
Glad to know that it isn't, might use that later on.


Also consider:


Code:
if( in_array( $this->auth_role, ['admin','employee','yo mama','etc'] ) )
Reply


Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2019 MyBB Group.