Swag Portal: More flexible authentication options #1
Comments
usernamenumber
changed the title
|
Overview of OAuth https://en.wikipedia.org/wiki/OAuth |
|
Ideas around implementing this... The goal for the "authentication" is basically to populate the $_SESSION["username"] variable with something, this is checked in https://github.com/tunapanda/swagportal/blob/master/src/controllers/MainController.php on line 69. So... One way to do it would be to have a configuration variable in the config.php file that chooses between different configuration options. And there would be 2 options, the current PAM method, and then a new one based on maybe HybridAuth, and the option would select which one should be used... |
|
If we go with HybridAuth, they have an example in their user manual that it looks like we could use to offer both pretty easily. That way, no config tweaking would be needed unless we want to let people explicitly not allow one method or another. ...and actually, looking more closely at that example, I think it's way more than we need. In the example they're actually itegrating social auth into an existing login system. I think if we just did steps 1, 2, and 4 of the linked example, but in step 4 stop at line 52 and simply set $_SESSION["username"] instead of all the database stuff, that should work for our purposes, yes? |
|
Yep, I think HybridAuth is the way to go... // Micke On Wed, Apr 22, 2015 at 8:20 PM, Brad Smith [email protected]
|
|
HybridAuth is implemented! I only enabled it for Facebook, should we have more from the start? Someone who would like to test this and we can close the issue? |
|
When I load the login page I see this:
Should there be a Facebook login icon or something? |
|
Ah! Had to enable it in the config file. Ok, now I'm getting this:
Is this something you need to set up on the FB end? |
|
Hm... if you enable it in the config file you should get the facebook login https://github.com/tunapanda/swag/blob/master/config.template.ini What could be wrong? I added a dependency on: https://github.com/samcollins/css-social-buttons.git Maybe you need to update the dependencies? If not, do you get some errors in the javascript console, php log or are // Micke On 12 May 2015 17:42, "Brad Smith" [email protected] wrote:
|
|
This is what you get from responding via email. :P See my follow-up comments. (I'm assuming you were responding to the lack of a Facebook button, not the error about me not being an authorized test user) |
|
Ah ok... I made the app live on FB, try now! |
|
Woo! I am logged in. Great work, Micke! :D I've now got another error (of course), but afaict it's not related to this issue, so I'll make a new one for it: #8. We may want to keep this issue open until we either get PAM working or get non-FB logins working some other way, though. |
swagportal currently uses PAM to authenticate, which means all users must have accounts recognized by the OS on the Linux server where the portal is hosted. It would be nice to be able to offer alternatives like social media login, oAuth, etc.
Options for doing this include:
My suggestion: HybridAuth looks promising. It would be great if someone could start by looking into it. Even if we move to something else later, this might be the easiest way to get more flexible auth set up quickly.
The text was updated successfully, but these errors were encountered: