Gossamer Forum
Home : Products : Gossamer Links : Discussions :

user authentication ?

Quote Reply
user authentication ?
Alex,

before I go chasing my curly little tail, if wanted to add user authentication to other scripts, can that be done, or do I have to hack at the user.cgi?

What I need user.cgi to do is just pass back the entered parameters to the passed url.

What I see:

$url = $CFG->{db_cgi_url} . "/user.cgi?url=$url&from=add";

then, in user.cgi

my $username = $IN->param('Username') || shift;
my $password = $IN->param('Password') || shift;
my $goto = shift || 'login_success';

I can't figure out what exactly is going on.

Nothing is being explicitly passed in, so why would 'shift' work? Doesn't shift maintain order/position?

Or, is something going on behind the scenes?



PUGDOGŪ
PUGDOGŪ Enterprises, Inc.
FAQ: http://postcards.com/FAQ


Quote Reply
Re: user authentication ? In reply to
For a script that requires user authentication, it should start:

Code:
use Links qw/$IN $DB $USER/;

main();

sub main {
if (! $USER) {
my $url = $IN->escape ($IN->url ( absolute => 1, query_string => 1 ));
print $IN->redirect ( $CFG->{db_cgi_url} . "/user.cgi?url=$url" );
return;
}
# you are now logged in and user info is in $USER.
...
}
When you call use Links with $USER in it, the program will authenticate the user. If they are not logged in, $USER is undefined. You should then redirect them to the user.cgi script and pass in url=your_current_url. Then once they log in using user.cgi, they get redirect back to your program with the exact same arguments.

Let me know if this makes sense,

Cheers,

Alex

--
Gossamer Threads Inc.
Quote Reply
Re: user authentication ? In reply to
That makes sense, and I'll give it a try later tonight (I'll be far enough along I think) but it doesn't explain the above use of shift in how the arguments are passed. That piece of code isn't making any sense (even if it works).

PUGDOGŪ
PUGDOGŪ Enterprises, Inc.
FAQ: http://postcards.com/FAQ