[drupal-devel] [feature] Authentication hook for local users
moshe weitzman
drupal-devel at drupal.org
Sun Sep 11 05:33:02 UTC 2005
Issue status update for
http://drupal.org/node/29147
Post a follow up:
http://drupal.org/project/comments/add/29147
Project: Drupal
Version: cvs
Component: user.module
Category: feature requests
Priority: normal
Assigned to: Anonymous
Reported by: naudefj
Updated by: moshe weitzman
-Status: patch (code needs review)
+Status: patch (code needs work)
hook_auth deliberately is ineffective for local logins. if you enable it
for all logins, you will slow down the experience for many people who
guess their passwords wrong on login page. in that case, code would
call all remote auth modules an dthey in turn would contact their home
base. thats too slow. we want to return a 'sorry try again' message
very quickly.
what are you trying to accomplish here?
moshe weitzman
Previous comments:
------------------------------------------------------------------------
Thu, 18 Aug 2005 20:46:57 +0000 : naudefj
Please implement a hook to authenticate local users - similar to what
hook_auth does for remote users. Alternatively, extend hook_auth to
authenticate both local and remote users.
Current behaviour:
- If a user logs in with "user at domain", hook_auth gets activated;
- If a user logs in with "user", hook_auth is bypassed.
More details: http://drupal.org/node/27959
------------------------------------------------------------------------
Sat, 20 Aug 2005 20:11:29 +0000 : killes at www.drop.org
use hook_user(login)
------------------------------------------------------------------------
Sat, 20 Aug 2005 20:38:53 +0000 : naudefj
I just tried hook_user(login), but it only fires when a valid drupal
userid/password is entered.
------------------------------------------------------------------------
Sat, 20 Aug 2005 21:03:38 +0000 : naudefj
I found the reason why hook_auth only works for remote users. Look at
this code from users.module:
// Try each external authentication source in series. Register user
if
// successful.
else if (!$user->uid && $server) {
Is this something that should be fixed, or should I just comment out
the the "&& $server" part myself?
------------------------------------------------------------------------
Sun, 28 Aug 2005 19:03:24 +0000 : naudefj
Attachment: http://drupal.org/files/issues/user_31.patch (1.7 KB)
Here is a patch that will allow HOOK_AUTH to work for both local and
remote users. If would be great if it can be reviewed and applied to
HEAD.
More information about the drupal-devel
mailing list