Joomla 1.7来自外部应用程序的身份验证

时间:2011-08-08 12:31:05

标签: joomla joomla-extensions joomla1.7

我的目的是检查我的外部应用程序中的Joomla 用户名密码是否有效。用户没有必要登录系统,只是他们的帐户存在。 我决定基于Joomla身份验证(JOOMLA_PATH / plugins / authentication / joomla)创建自己的身份验证插件。我只更改了名称:

<?php
/**
 * @version     $Id: joomla.php 21097 2011-04-07 15:38:03Z dextercowley $
 * @copyright   Copyright (C) 2005 - 2011 Open Source Matters, Inc. All rights reserved.
 * @license     GNU General Public License version 2 or later; see LICENSE.txt
 */

// No direct access
defined('_JEXEC') or die;

jimport('joomla.plugin.plugin');

/**
 * Joomla Authentication plugin
 *
 * @package     Joomla.Plugin
 * @subpackage  Authentication.Webservice
 * @since 1.5
 */
class plgAuthenticationWebservice extends JPlugin
{
    /**
     * This method should handle any authentication and report back to the subject
     *
     * @access  public
     * @param   array   Array holding the user credentials
     * @param   array   Array of extra options
     * @param   object  Authentication response object
     * @return  boolean
     * @since 1.5
     */
    function onUserAuthenticate($credentials, $options, &$response)
    {
        jimport('joomla.user.helper');

        $response->type = 'Webservice';
        // Joomla does not like blank passwords
        if (empty($credentials['password'])) {
            $response->status = JAUTHENTICATE_STATUS_FAILURE;
            $response->error_message = JText::_('JGLOBAL_AUTH_EMPTY_PASS_NOT_ALLOWED');
            return false;
        }

        // Initialise variables.
        $conditions = '';

        // Get a database object
        $db     = JFactory::getDbo();
        $query  = $db->getQuery(true);

        $query->select('id, password');
        $query->from('#__users');
        $query->where('username=' . $db->Quote($credentials['username']));

        $db->setQuery($query);
        $result = $db->loadObject();

        if ($result) {
            $parts  = explode(':', $result->password);
            $crypt  = $parts[0];
            $salt   = @$parts[1];
            $testcrypt = JUserHelper::getCryptedPassword($credentials['password'], $salt);

            if ($crypt == $testcrypt) {
                $user = JUser::getInstance($result->id); // Bring this in line with the rest of the system
                $response->email = $user->email;
                $response->fullname = $user->name;
                if (JFactory::getApplication()->isAdmin()) {
                    $response->language = $user->getParam('admin_language');
                }
                else {
                    $response->language = $user->getParam('language');
                }
                $response->status = JAUTHENTICATE_STATUS_SUCCESS;
                $response->error_message = '';
            } else {
                $response->status = JAUTHENTICATE_STATUS_FAILURE;
                $response->error_message = JText::_('JGLOBAL_AUTH_INVALID_PASS');
            }
        } else {
            $response->status = JAUTHENTICATE_STATUS_FAILURE;
            $response->error_message = JText::_('JGLOBAL_AUTH_NO_USER');
        }
    }
}

我在我的插件中添加了一个文件以访问身份验证,我称之为test_auth.php,它是这样的:

<?php
define('_JEXEC', 1 );
define('JPATH_BASE', 'C:\xampp\htdocs\joomla');
define( 'DS', DIRECTORY_SEPARATOR );

require_once ( JPATH_BASE .DS.'includes'.DS.'defines.php' );
require_once ( JPATH_BASE .DS.'includes'.DS.'framework.php' );

include("Webservice.php"); 

$credentials = array(
    'username' => 'test',
    'password' => 'test');

$options = array();

$response = array();

$auth = new plgAuthenticationWebservice();
$auth->onUserAuthenticate($credentials, $options, &$response);

var_dump($response);

但是当我打电话给它时,会出现这些错误:

  

警告:缺少JPlugin :: __ construct()的参数1,调用   C:\ XAMPP \ htdocs中\的Joomla \插件\认证\ web服务\ test_auth.php   在第25行并在中定义   第57行的C:\ xampp \ htdocs \ joomla \ libraries \ joomla \ plugin \ plugin.php
  致命错误:在非对象中调用成员函数attach()   第41行的C:\ xampp \ htdocs \ joomla \ libraries \ joomla \ base \ observer.php

我做错了什么? 我想我可以将所有PHP脚本放在外面并独立于joomla,并使用require_once(JPATH_BASE .DS.'includes'.DS.'defines.php')等。 或者我可以编写一个插件,使用扩展管理器安装它,并且不会遇到不可用的joomla框架。但事实上,如果我省略了limits.php和framework.php,它将无法工作。

我认为Joomla 1.7中的插件创建指南会有所帮助。

1 个答案:

答案 0 :(得分:4)

好的,我完全放弃了我的第一次尝试。

相反,我现在使用JOOMLA_ROOT / libraries / joomla / user / authentication.php(由JOOMLA_ROOT / libraries / joomla / application / application.php激发)。

我的test_auth.php现在看起来像这样:

<?php

define('_JEXEC', 1 );
define('DS', DIRECTORY_SEPARATOR);
define('JPATH_BASE', dirname(__FILE__) . DS . '..' . DS . '..' . DS . '..'); // assuming we are in the authorisation plugin folder and need to go up 3 steps to get to the Joomla root

require_once (JPATH_BASE .DS. 'includes' .DS. 'defines.php');
require_once (JPATH_BASE .DS. 'includes' .DS. 'framework.php');
require_once (JPATH_BASE .DS. 'libraries' .DS. 'joomla'. DS. 'user' .DS. 'authentication.php');

$mainframe =& JFactory::getApplication('site');
$mainframe->initialise();

$credentials = array(
    'username' => 'test',
    'password' => 'test');

$options = array();

$authenticate = JAuthentication::getInstance();
$response   = $authenticate->authenticate($credentials, $options);

if ($response->status === JAUTHENTICATE_STATUS_SUCCESS) {
    echo('<br />It works<br />');
}
var_dump($response);

对于任何改进,我将深表感激!

编辑:我驳回了插件的安装。它是一个简单的外部脚本,不会从Joomla本身调用。我只是将它移动到Joomla根目录中的新文件夹。

相关问题
最新问题