View Issue Details

IDProjectCategoryView StatusLast Update
0018027phplist applicationAuthentication Systempublic17-04-16 11:45
Status resolvedResolutionfixed 
Product Version 
Target Versionnext minorFixed in Version3.2.5 
Summary0018027: add plugin hook before login page for SSO
As outlined here,

it would be good to add another hook for plugins to capture the login process.

TagsNo tags attached.



20-02-16 19:43

manager   ~0057529

Hum, after a tour about validateAccount method, I think it's could not be a solution for my use case without some modifications on core because, this method is only call when login and password is pass by REQUEST or if a session is already initialized. Futhermore, the usage of this method to handle my use case seem to me a little bit twisted. However, I keep this method in mind, because I mean I have to implement it to secure existing user session.

Finally, I always twink the good way to handle my use case ("capture the login form") is to add an hook during login process. What do you think if we add a case in the "if" block in index.php file witch check the $_SESSION['adminloggedin'] state (beginning at line 253) ? We could call here an auth plugin method to offer it the possibility to capture the login form before display. This method could return a boolean or eventually the futur content of $_SESSION['adminloggedin'] variable.


17-04-16 11:45

manager   ~0057608

implemented with