Making a user logging into a framework deals with all security and concerns but there are times when an application requires login a user without repeatedly asking for credentials from that user. It could be a very specific but a needful requirement which many developers have come across in different platforms. Here we will discuss about a solution that how you could achieve a user login on to a Joomla platform. Joomla, as you might already know provide full support for add-on(s) in the form of plugins, modules, components and even additional libraries. Here we will discuss a simple piece of code which can be used in any section of your code, without even asking for any additional environment than the core structure of Joomla.
Here I am writing a small function, which my extension will call at any point of time. Mostly it is in the very beginning when on particular request I get to know about which user is trying to interact with my application, and this code simply logins that user. Let say my function name is _forceLogin() which requires $userId as its only parameter. Also as in the beginning we require user id, so it must be available with the request. Retrieving $userId and calling _forceLogin() at particular instance will be like:
/** * Webkul Software. * * @category Webkul * @author Webkul * @copyright Copyright (c) 2010-2018 Webkul Software Private Limited (https://webkul.com) * @license https://store.webkul.com/license.html */ $app = JFactory::getApplication(); $jinput = $app->input; $userId = $jinput->post->get('userId', 0, 'INT'); $userStatus = $this->_forceLogin($userId); if ($userStatus == 'guest') { // user id not exist in sytem echo JText::_("COM_WKAPI_ERROR_INAVID_USERID"); } elseif (!$userStatus) { // unable to clear previous user session echo JText::_("COM_WKAPI_ERROR_UNABLE_SESSION_CLEAR"); } elseif (is_array($userStatus) && $userStatus[0] == false) { // user exist but account blocked echo JText::_('JERROR_NOLOGIN_BLOCKED'); }
Note: ‘JERROR_NOLOGIN_BLOCKED’ is a predefined Joomla message to represent the present user state.
One of the important thing to be noticed here is the return response of _forceLogin() method as we have to follow and may come across certain conditions, which are:
- We need to check if the provided user id is a valid user id in Joomla.
- We need to check if a user is already logged in, and need to log out that first from the current session.
- There could be a case that the user you want to login is not activated or enabled yet.
The function definition of _forceLogin() will be:
/** * Webkul Software. * * @category Webkul * @author Webkul * @copyright Copyright (c) 2010-2018 Webkul Software Private Limited (https://webkul.com) * @license https://store.webkul.com/license.html * * @return mixed true on success */ private function _forceLogin($userId) { $app = JFactory::getApplication(); $logoutStatus = $app->logout(); if ($logoutStatus) { $user = JFactory::getUser($userId); if ($user->guest) { return 'guest'; } else { //Will authorize you as this user. JPluginHelper::importPlugin('user'); $options = array(); $options['action'] = 'core.login.site'; $response = new stdClass(); $response->username = $user->username; $response->language = ''; $response->email = $user->email; $response->password_clear = ''; $response->fullname = ''; $result = $app->triggerEvent('onUserLogin', array((array)$response, $options)); return $result; } } else { return false; } }
Usage
This requirement could be specific to an extension need. This approach is currently being used in building APIs, which when used in building Mobile apps, requires a user to be logged in automatically on app load. Such of these APIs are used in extensions which are available on the Webkul store here:
For any query regarding Joomla plug-ins and add-ons, you can communicate with us by creating a ticket at:
https://webkul.uvdesk.com/en/customer/create-ticket/
Be the first to comment.