Joomla 1.7 来自外部应用程序的身份验证
我的目标是检查我的外部应用程序中的 Joomla 用户名和密码是否有效。用户不必登录系统,只要他们的帐户存在即可。 我决定基于 Joomla 身份验证 (JOOMLA_PATH/plugins/authentication/joomla) 创建自己的身份验证插件。我只更改了名称:
<?php
/**
* @version $Id: joomla.php 21097 2011-04-07 15:38:03Z dextercowley $
* @copyright Copyright (C) 2005 - 2011 Open Source Matters, Inc. All rights reserved.
* @license GNU General Public License version 2 or later; see LICENSE.txt
*/
// No direct access
defined('_JEXEC') or die;
jimport('joomla.plugin.plugin');
/**
* Joomla Authentication plugin
*
* @package Joomla.Plugin
* @subpackage Authentication.Webservice
* @since 1.5
*/
class plgAuthenticationWebservice extends JPlugin
{
/**
* This method should handle any authentication and report back to the subject
*
* @access public
* @param array Array holding the user credentials
* @param array Array of extra options
* @param object Authentication response object
* @return boolean
* @since 1.5
*/
function onUserAuthenticate($credentials, $options, &$response)
{
jimport('joomla.user.helper');
$response->type = 'Webservice';
// Joomla does not like blank passwords
if (empty($credentials['password'])) {
$response->status = JAUTHENTICATE_STATUS_FAILURE;
$response->error_message = JText::_('JGLOBAL_AUTH_EMPTY_PASS_NOT_ALLOWED');
return false;
}
// Initialise variables.
$conditions = '';
// Get a database object
$db = JFactory::getDbo();
$query = $db->getQuery(true);
$query->select('id, password');
$query->from('#__users');
$query->where('username=' . $db->Quote($credentials['username']));
$db->setQuery($query);
$result = $db->loadObject();
if ($result) {
$parts = explode(':', $result->password);
$crypt = $parts[0];
$salt = @$parts[1];
$testcrypt = JUserHelper::getCryptedPassword($credentials['password'], $salt);
if ($crypt == $testcrypt) {
$user = JUser::getInstance($result->id); // Bring this in line with the rest of the system
$response->email = $user->email;
$response->fullname = $user->name;
if (JFactory::getApplication()->isAdmin()) {
$response->language = $user->getParam('admin_language');
}
else {
$response->language = $user->getParam('language');
}
$response->status = JAUTHENTICATE_STATUS_SUCCESS;
$response->error_message = '';
} else {
$response->status = JAUTHENTICATE_STATUS_FAILURE;
$response->error_message = JText::_('JGLOBAL_AUTH_INVALID_PASS');
}
} else {
$response->status = JAUTHENTICATE_STATUS_FAILURE;
$response->error_message = JText::_('JGLOBAL_AUTH_NO_USER');
}
}
}
我在插件中添加了一个文件来访问身份验证,我将其命名为 test_auth.php,它是这样的:
<?php
define('_JEXEC', 1 );
define('JPATH_BASE', 'C:\xampp\htdocs\joomla');
define( 'DS', DIRECTORY_SEPARATOR );
require_once ( JPATH_BASE .DS.'includes'.DS.'defines.php' );
require_once ( JPATH_BASE .DS.'includes'.DS.'framework.php' );
include("Webservice.php");
$credentials = array(
'username' => 'test',
'password' => 'test');
$options = array();
$response = array();
$auth = new plgAuthenticationWebservice();
$auth->onUserAuthenticate($credentials, $options, &$response);
var_dump($response);
但是当我调用它时,它会出现以下错误:
警告:JPlugin::__construct() 缺少参数 1,调用于 C:\xampp\htdocs\joomla\plugins\authentication\Webservice\test_auth.php 在第 25 行并定义于 C:\xampp\htdocs\joomla\libraries\joomla\plugin\plugin.php 第 57 行
致命错误:在非对象上调用成员函数attach() C:\xampp\htdocs\joomla\libraries\joomla\base\observer.php 第 41 行
我做错了什么? 我想我可以将所有 php 脚本放在外部并独立于 joomla 并使用 require_once(JPATH_BASE .DS.'includes'.DS.'defines.php') 等。 或者我可以编写一个插件,使用扩展管理器安装它,并且不会因不可用的 joomla 框架而苦苦挣扎。但事实上,如果我省略defines.php和framework.php,它就不起作用。
我认为 Joomla 1.7 中的插件创建指南会很有帮助。
My aim is to check that a Joomla username and password is valid from my external application. It is not necessary that the user is logged into the system, just that their account exists.
I decided to create my own authentication plugin based on the Joomla Authentication (JOOMLA_PATH/plugins/authentication/joomla). I only changed the name:
<?php
/**
* @version $Id: joomla.php 21097 2011-04-07 15:38:03Z dextercowley $
* @copyright Copyright (C) 2005 - 2011 Open Source Matters, Inc. All rights reserved.
* @license GNU General Public License version 2 or later; see LICENSE.txt
*/
// No direct access
defined('_JEXEC') or die;
jimport('joomla.plugin.plugin');
/**
* Joomla Authentication plugin
*
* @package Joomla.Plugin
* @subpackage Authentication.Webservice
* @since 1.5
*/
class plgAuthenticationWebservice extends JPlugin
{
/**
* This method should handle any authentication and report back to the subject
*
* @access public
* @param array Array holding the user credentials
* @param array Array of extra options
* @param object Authentication response object
* @return boolean
* @since 1.5
*/
function onUserAuthenticate($credentials, $options, &$response)
{
jimport('joomla.user.helper');
$response->type = 'Webservice';
// Joomla does not like blank passwords
if (empty($credentials['password'])) {
$response->status = JAUTHENTICATE_STATUS_FAILURE;
$response->error_message = JText::_('JGLOBAL_AUTH_EMPTY_PASS_NOT_ALLOWED');
return false;
}
// Initialise variables.
$conditions = '';
// Get a database object
$db = JFactory::getDbo();
$query = $db->getQuery(true);
$query->select('id, password');
$query->from('#__users');
$query->where('username=' . $db->Quote($credentials['username']));
$db->setQuery($query);
$result = $db->loadObject();
if ($result) {
$parts = explode(':', $result->password);
$crypt = $parts[0];
$salt = @$parts[1];
$testcrypt = JUserHelper::getCryptedPassword($credentials['password'], $salt);
if ($crypt == $testcrypt) {
$user = JUser::getInstance($result->id); // Bring this in line with the rest of the system
$response->email = $user->email;
$response->fullname = $user->name;
if (JFactory::getApplication()->isAdmin()) {
$response->language = $user->getParam('admin_language');
}
else {
$response->language = $user->getParam('language');
}
$response->status = JAUTHENTICATE_STATUS_SUCCESS;
$response->error_message = '';
} else {
$response->status = JAUTHENTICATE_STATUS_FAILURE;
$response->error_message = JText::_('JGLOBAL_AUTH_INVALID_PASS');
}
} else {
$response->status = JAUTHENTICATE_STATUS_FAILURE;
$response->error_message = JText::_('JGLOBAL_AUTH_NO_USER');
}
}
}
I added one more file to my plugin to access the authentication, I called it test_auth.php and it goes like this:
<?php
define('_JEXEC', 1 );
define('JPATH_BASE', 'C:\xampp\htdocs\joomla');
define( 'DS', DIRECTORY_SEPARATOR );
require_once ( JPATH_BASE .DS.'includes'.DS.'defines.php' );
require_once ( JPATH_BASE .DS.'includes'.DS.'framework.php' );
include("Webservice.php");
$credentials = array(
'username' => 'test',
'password' => 'test');
$options = array();
$response = array();
$auth = new plgAuthenticationWebservice();
$auth->onUserAuthenticate($credentials, $options, &$response);
var_dump($response);
But when I call it, it get these errors:
Warning: Missing argument 1 for JPlugin::__construct(), called in
C:\xampp\htdocs\joomla\plugins\authentication\Webservice\test_auth.php
on line 25 and defined in
C:\xampp\htdocs\joomla\libraries\joomla\plugin\plugin.php on line 57
Fatal error: Call to a member function attach() on a non-object in
C:\xampp\htdocs\joomla\libraries\joomla\base\observer.php on line 41
What am I doing wrong?
I think I could place all php scripts outside and independent from joomla and work with require_once(JPATH_BASE .DS.'includes'.DS.'defines.php') etc.
Or I could write a plugin, install it with the extension manager and won't struggle with an unavailable joomla framework. But in fact it won't work if I leave out defines.php and framework.php.
I think a guide for plugin creation in Joomla 1.7 would be helpful.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
好吧,我完全放弃了第一次尝试。
相反,我现在使用 JOOMLA_ROOT/libraries/joomla/user/authentication.php (受到 JOOMLA_ROOT/libraries/joomla/application/application.php 的启发)。
我的 test_auth.php 现在看起来像这样:
对于任何改进,我将不胜感激!
编辑:我取消了插件安装。这是一个简单的外部脚本,Joomla 本身不会调用它。我只是将其移动到 Joomla 根目录中的一个新文件夹中。
OK, i completely dropped my first try.
Instead I use JOOMLA_ROOT/libraries/joomla/user/authentication.php now (insprired by JOOMLA_ROOT/libraries/joomla/application/application.php).
My test_auth.php looks like this now:
For any improvements I would be deeply grateful!
EDIT: I dismissed the plugin installation. It is a simple external script, which wouldn't be called from Joomla itself. I simply moved it to a new folder in the Joomla root.