data/TWiki/TWikiLoginManagerTemplateLoginDotPm.txt
author Colas Nahaboo <colas@nahaboo.net>
Sat, 26 Jan 2008 15:50:53 +0100
changeset 0 414e01d06fd5
permissions -rw-r--r--
RELEASE 4.2.0 freetown
colas@0
     1
---+ Package =TWiki::LoginManager::TemplateLogin=
colas@0
     2
colas@0
     3
This is a login manager that you can specify in the security setup section of
colas@0
     4
[[%SCRIPTURL{"configure"}%][configure]]. It provides users with a
colas@0
     5
template-based form to enter usernames and passwords, and works with the
colas@0
     6
PasswordManager that you specify to verify those passwords.
colas@0
     7
colas@0
     8
Subclass of TWiki::LoginManager; see that class for documentation of the
colas@0
     9
methods of this class.
colas@0
    10
colas@0
    11
colas@0
    12
%TOC%
colas@0
    13
colas@0
    14
---++ ClassMethod *new* <tt>($session,$impl)</tt>
colas@0
    15
colas@0
    16
Construct the TemplateLogin object
colas@0
    17
colas@0
    18
colas@0
    19
colas@0
    20
---++ ObjectMethod *forceAuthentication* <tt>() -> boolean</tt>
colas@0
    21
colas@0
    22
method called when authentication is required - redirects to (...|view)auth
colas@0
    23
Triggered on auth fail
colas@0
    24
colas@0
    25
colas@0
    26
colas@0
    27
---++ ObjectMethod *loginUrl* <tt>() -> $loginUrl</tt>
colas@0
    28
colas@0
    29
TODO: why is this not used internally? When is it called, and why
colas@0
    30
Content of a login link
colas@0
    31
colas@0
    32
colas@0
    33
colas@0
    34
---++ ObjectMethod *login* <tt>($query,$twiki)</tt>
colas@0
    35
colas@0
    36
If a login name and password have been passed in the query, it
colas@0
    37
validates these and if authentic, redirects to the original
colas@0
    38
script. If there is no username in the query or the username/password is
colas@0
    39
invalid (validate returns non-zero) then it prompts again.
colas@0
    40
colas@0
    41
If a flag to remember the login has been passed in the query, then the
colas@0
    42
corresponding session variable will be set. This will result in the
colas@0
    43
login cookie being preserved across browser sessions.
colas@0
    44
colas@0
    45
The password handler is expected to return a perl true value if the password
colas@0
    46
is valid. This return value is stored in a session variable called
colas@0
    47
VALIDATION. This is so that password handlers can return extra information
colas@0
    48
about the user, such as a list of TWiki groups stored in a separate
colas@0
    49
database, that can then be displayed by referring to
colas@0
    50
%<nop>SESSION_VARIABLE{"VALIDATION"}%
colas@0
    51
colas@0
    52