Plugin for comment users authentication

Plugin for comment users authentication

Postby aitor on Thu Sep 20, 2007 6:18 pm

Hi all,

I have been looking at the possibility of allowing external users (users that only post comments) to authenticate in the blog like normal users do. I mean, when the blogger (owner of the blog) wants to add a comment, with $poster->isAuthenticated() LT realizes the users is authenticated in the admin side. I suppose it does looking at defined SESSION parameters or something like that.

My question is : Is it possible to create a plugin adding some interface in the user side allowing all registered users to login and in this way, the $poster->isAuthenticated() will return true for this users without the need to go to the admin interface? Obviously, this users will be registered manually or with another public interface with no privileges in the blog administration.

If possible, how difficult it could be to do the plugin and which problems or incompatibilities with newer versions this may cause?

Perhaps, it will be interesting for newer LT versions to add for each blog the possibility to have this "user comment" by default. I mean, its interesting for blog users to have a personal ID although they are only commenting.

I will wait for yours answers.

Thanks in advance and sorry for my null capacity of explaining what I mean. I am reading all the post and it doesn't make a lot sense but hope you can understand :)
aitor
 
Posts: 6
Joined: Mon Sep 17, 2007 10:24 am

Postby jondaley on Fri Sep 21, 2007 12:13 am

Where do they login? A form on the article/comment page? And then when they login, it returns them to the article/comment page? Or perhaps they just put their login/password as part of the comment form?

I haven't tried it, to know exactly what permissions you need, but you can create users that don't have very many (any?) permissions on the admin side.
jondaley
Lifetype Expert
 
Posts: 6169
Joined: Thu May 20, 2004 6:19 pm
Location: Pittsburgh, PA, USA
LifeType Version: 1.2.11 devel branch

Postby aitor on Fri Sep 21, 2007 6:42 am

Hello again,

thanks for the answer. In fact, I had thought that they could login on a new costum template in the blog. Using login/password as part of the comment form could be very repetitive although it could work.

Yes, you can create users with any permissions on the admin side. But for $poster->isAuthenticated() to return true, you need at least to give one permission : "Access to the admin interface" althought when they are logged in, they can't do anything.

I mean, what I really want to do is a plugin that could simulate this permission but on the public side of the blog and without bothering the user going to the admin side.

As you say, this new users could be manually added on the admin side in LT table or perhaps a newer table in another database to automatize the process with another form on the public side (as in this forum when you want to register).

Any suggestion?

Thanks again.
aitor
 
Posts: 6
Joined: Mon Sep 17, 2007 10:24 am

Postby aitor on Fri Sep 21, 2007 8:19 am

Hi again,

I am really sorry but I was wrong from the start.

I mean, $poster->isAuthenticated() is related with the post owner. Then you have,

$comment->IsPosterAuthenticated() that says if the user who posted the comment was authenticated at that time. To achieve this, the comment form looks at the $authuser variable.

So what I really want to simulate with this new users is the $authuser instead of the $poster->isAuthenticated().

So forget everything, I will have a look at the sourc code and see the best solution for this.

Thanks and sorry for the incoveniences.
aitor
 
Posts: 6
Joined: Mon Sep 17, 2007 10:24 am

Postby jondaley on Fri Sep 21, 2007 11:03 am

I think you aren't that far off. I assumed/didn't notice that you said post-> instead of $authUser, I figured that is what you meant.

Once they logged in when making the first comment, they would stay logged in until their session expired, so it wouldn't be any more repetitive than any other method.

Yes, that is the privilege I was thinking of - I think you will only need that privilege.

You definitely could have a form that posted to admin side, and let them login, the trick will be redirecting them back to the public side, instead of showing them the dashboard. You might also have some trouble with the thing that you aren't "really" logged in until you click on the blog, but perhaps if you turn on the setting that says "skip dashboard", you will fix that problem.
jondaley
Lifetype Expert
 
Posts: 6169
Joined: Thu May 20, 2004 6:19 pm
Location: Pittsburgh, PA, USA
LifeType Version: 1.2.11 devel branch

Postby aitor on Fri Sep 21, 2007 11:24 am

Hi again jondaley and thanks for the answer.

I finally decided to face the problem in a different manner. It has more work than the solution you post in the last comment but I think it will work too.

I finally made a new plugin that registers two actions in the public side. This both actions are :

register_new_user (would be doing more or less the same than the adminewuseraction but adding the user with no permissions. This mean that the user can't log in the admin side).

log_public_user is the second action registered by the plugin. This action will just look at the lt_user database to check if the user exists and is correctly loggin in. (more or less like adminlogaction does, that means updating the sessionmanager in a way that $authuser will be true).

Both actions has their view and templates to show the results and hope it work.

What I will do after reading your post is to avoid coding the log_public_user action and do the trick of the admin interface and redirect them to the public side.

One technical final question.

Code: Select all
Request Object ( [_paramsRaw] => [_stripSlashes] => 1 [_props] => Array ( [op] => pub_register [usuari] => aitor [pass1] => lolo [pass2] => lolo [nombre_real] => Aitor Aldomà [email] => some_mail@gmail.com [bb2_screener_] => 1190387546 127.0.0.1 [LThttp127001grahihtdocsbloglifetype121] => 3jaagsnedeh4o95bjkcs1k5394 ) )


I can't access at the _props array to get the values of the registration form.

print_r($this->_actionInfo);
print_r($this->_request);

$this->_request->getValue("_props"); //this should get the _props array?

Thanks and I will post how this ends. Hope it works.
aitor
 
Posts: 6
Joined: Mon Sep 17, 2007 10:24 am

Postby thestroller on Fri Sep 21, 2007 12:56 pm

Hello,

I think the better way is:
1. We provide a new option in Blog Configuration which allow user ask visitors log in to post comment.
2. Then, use an AJAX login form in the post is this option is Enable.
3. After visitors input username/password and press LOGIN. Use AJAX, the page will not need to refresh and the login form will be replace with the comment form.

Thank you
thestroller
 
Posts: 80
Joined: Fri Sep 29, 2006 12:05 am

Postby phunkphorce on Sat Sep 22, 2007 1:39 am

I'm probably a bit too late to the show since you've already implemented a solution, but have you considered creating a special permission for these users? Let's say you can call it 'comment_poster_perm' and assign it to these special users, so that you know that they are users who registered to only post comments. I'm not sure if you're storing your commenters in a different blog table but my suggestion would allow you to use LT's own user management features as well.

Then you still need some code to allow these users to register but you've already done that :)
phunkphorce
Lifetype Expert
 
Posts: 9028
Joined: Mon Aug 25, 2003 6:34 am
Location: Suomessa

Postby aitor on Mon Sep 24, 2007 1:45 pm

hi all again,

I have today finally ended coding the plugin (busy social weekend).

It finally consists of a plugin with two operations:

- user registration from the user side
- user login from the user side (once the user is logged, i just use the session manager to set the user and works really fine) with no more changes. Like if you were logged in the admin part.

I didn't use the admin login mechanism because I didn't want to modify the lifetype core with redirections and all this things.

Just say, it was really easy to code it because most of the code was extracted from the admin core.

I'm using authimage also for the registration form so I needed to modify it a bit to accept more operations than only "addComment".

The plugin works fine and once I have localized it, I will offer it to the comunity if anyone is interested in using it.

Thanks all for the help.
aitor
 
Posts: 6
Joined: Mon Sep 17, 2007 10:24 am

Postby mfkgermany on Tue Sep 25, 2007 2:03 pm

I NEED THIS!
it's a function i'm looking for a long time, if it works, your are the king!
mfkgermany
 
Posts: 7
Joined: Mon Sep 03, 2007 12:56 pm

Postby ogd39 on Mon Oct 01, 2007 11:00 am

Hi!
Would you share your plugin ?
It would interest a good part of LT community...
Thank you
LT version installed : 1.2.6
ogd39
 
Posts: 287
Joined: Thu Jun 15, 2006 5:19 pm
Location: France


Return to Plugin Development Team

cron