phplist

NOTE:: Before reporting an issue, make sure you are running the latest version, currently 3.3.1


View Issue Details Jump to Notes ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0018027phplist applicationAuthentication Systempublic20-02-16 19:4317-04-16 12:45
Reportermichiel 
PrioritynormalSeverityminorReproducibilityalways
StatusresolvedResolutionfixed 
PlatformOSOS Version
Product Version 
Target Versionnext minorFixed in Version3.2.5 
Summary0018027: add plugin hook before login page for SSO
Description
As outlined here, https://github.com/phpList/phplist3/pull/25 [^]

it would be good to add another hook for plugins to capture the login process.

TagsNo tags attached.
Attached Files

- Relationships

-  Notes
(0057529)
michiel (manager)
20-02-16 19:43

Hum, after a tour about validateAccount method, I think it's could not be a solution for my use case without some modifications on core because, this method is only call when login and password is pass by REQUEST or if a session is already initialized. Futhermore, the usage of this method to handle my use case seem to me a little bit twisted. However, I keep this method in mind, because I mean I have to implement it to secure existing user session.

Finally, I always twink the good way to handle my use case ("capture the login form") is to add an hook during login process. What do you think if we add a case in the "if" block in index.php file witch check the $_SESSION['adminloggedin'] state (beginning at line 253) ? We could call here an auth plugin method to offer it the possibility to capture the login form before display. This method could return a boolean or eventually the futur content of $_SESSION['adminloggedin'] variable.
(0057608)
michiel (manager)
17-04-16 12:45

implemented with

https://github.com/phpList/phplist3/pull/49 [^]


Copyright © 2000 - 2017 MantisBT Team
Powered by Mantis Bugtracker