Welcome Guest, Not a member yet? Register   Sign In
Foreign App in Subfolder / SSO Solution
#1

I am fairly new to it, but learning and using CI 3.1.9 in a LAMP test environment and making some progress with MVC and the such. Great framework to say the least!
Two questions arise while concepting my solution:
  1. Is it possible to host a "foreign app" in a subfolder within a CI installation on a server? Would that be considered a "static page" by CI? Would I have to control this in the /application/config/routes.php or rather in a .htaccess or both? By "foreign app" I mean something like a simple DOKUWIKI (https://www.dokuwiki.org/dokuwiki) or more complex RESOURCESPACE (https://www.resourcespace.com/knowledge-...l_overview) application.
  2. If (1) works, would it be possible to control access to such subfolders with a SSO solution within CI such as SimpleSAML or any other user / permission based system?
Any ideas or experiences? Thank you very much in advance CI community!
Reply
#2

(This post was last modified: 08-15-2018, 07:20 AM by jreklund.)

1. Yes, you need to setup a .htaccess file inside /subdir/ or in your Apache configuration. That /subdir/.htaccess file will overwrite your root /.htaccess
2. Your /subdir/ app will need to query your root / app. If that person aren't logged in redirect to / and login and back again /subdir/. Can't give you any examples as it's application depended. One /subdir/ application I used could access the same $_SESSION variable and see if the user was logged in, and then do an internal login for that application.

PHP Code:
<?php
/**
Copyright 2011-2014 Nick Korbel
Copyright 2012-2014 Alois Schloegl

This file is part of Booked Scheduler.

Booked Scheduler is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.

Booked Scheduler is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with Booked Scheduler.  If not, see <http://www.gnu.org/licenses/>.
 */

require_once(ROOT_DIR 'lib/Application/Authentication/namespace.php');

class 
Customapp extends Authentication implements IAuthentication
{
    private 
$authToDecorate;
    private 
$_registration;
    
    
/**
     * @var string
     */
    
private $username;
    
    
/**
     * @var string
     */
    
private $auth;
    
    
/**
     * @var string
     */
    
private $password;
    
    
/** @var Customapp_User */
    
private $user;
    
    public function 
SetRegistration($registration)
    {
        
$this->_registration $registration;
    }

    private function 
GetRegistration()
    {
        if (
$this->_registration == null)
        {
            
$this->_registration = new Registration();
        }

        return 
$this->_registration;
    }

    public function 
__construct(Authentication $authentication)
    {
        
$this->authToDecorate $authentication;
        
        require_once(
ROOT_DIR 'plugins/Authentication/customapp/api.php');
        
        if (!
class_exists('Customapp_authenticate'))
        {
            throw new 
Exception('Could not load Customapp authentication.');
        }
        
        
$this->auth = new customapp_authenticate;
        
        if( !isset(
$_SESSION['login']['username']) || !isset($_SESSION['booked']) ) 
        {
            
header('Location: /logout.php');
        }
    }

    public function 
Validate($username$password)
    {
        
$username $_SESSION['login']['username'];
        
        if (
$this->user $this->auth->authenticate($username))
        {
            return 
true;
        }
        
        return 
false;
    }

    public function 
Login($username$loginContext)
    {
        
$username $_SESSION['login']['username'];
        if (
$this->UserExists())
        {
            
$this->Synchronize();
            if(
$this->auth->isAdmin($username)) 
            {
                require_once(
ROOT_DIR 'plugins/Authentication/customapp/booked.php');
                
$bookedApi = new Customapp_booked;
                
$bookedApi->addToAdmin($bookedApi->getUserId($username));
            }
        }
        return 
$this->authToDecorate->Login($username$loginContext);
    }

    public function 
Logout(UserSession $user)
    {
        
$this->authToDecorate->Logout($user);
    }

    public function 
AreCredentialsKnown()
    {
        return (bool)
$_SESSION['login']['username'];
    }

    public function 
ShowUsernamePrompt()
    {
        return 
false;
    }

    public function 
ShowPasswordPrompt()
    {
        return 
false;
    }

    public function 
ShowPersistLoginPrompt()
    {
        return 
false;
    }

    public function 
ShowForgotPasswordPrompt()
    {
        return 
false;
    }
    
    private function 
UserExists()
    {
        return 
$this->user != null;
    }
    
    private function 
Synchronize()
    {
        
$registration $this->GetRegistration();
        
$email $this->user->email != ''?$this->user->email:$this->user->f_name.'.'.$this->user->l_name.'@no-reply.com';
        
$registration->Synchronize(
            new 
AuthenticatedUser(
                
$this->user->username,
                
$email,
                
$this->user->f_name,
                
$this->user->l_name,
                
'',
                
Configuration::Instance()->GetKey(ConfigKeys::LANGUAGE),
                
Configuration::Instance()->GetDefaultTimezone(),
                
nullnullnull)
        );
    }
}

?>

Here's how you write an auth plugin for DOKUWIKI:
https://www.dokuwiki.org/devel:auth_plugins
Reply
#3

Just jumping on basically already answered question - .htaccess is not necessary by itself to make it work.

Usually the root .htaccess for CI is set up in a way that it leaves actually existing files alone, and only tries to re-route URL to CodeIgniter index.php file if it can't find actual file for it.

So if you use something that goes directly to .php files, that would work just by putting files in the subfolder.

Of course, if the additional app is using it's own URL rewrite rules, it'll also work, if .htaccess is placed within that apps subfolder.
Reply
#4

Thank you very much. This is of great help -- will give it a try soon.
Reply




Theme © iAndrew 2016 - Forum software by © MyBB