Plugin for comment users authentication

[aitor]

Hi all,

I have been looking at the possibility of allowing external users (users that only post comments) to authenticate in the blog like normal users do. I mean, when the blogger (owner of the blog) wants to add a comment, with $poster->isAuthenticated() LT realizes the users is authenticated in the admin side. I suppose it does looking at defined SESSION parameters or something like that.

My question is : Is it possible to create a plugin adding some interface in the user side allowing all registered users to login and in this way, the $poster->isAuthenticated() will return true for this users without the need to go to the admin interface? Obviously, this users will be registered manually or with another public interface with no privileges in the blog administration.

If possible, how difficult it could be to do the plugin and which problems or incompatibilities with newer versions this may cause?

Perhaps, it will be interesting for newer LT versions to add for each blog the possibility to have this "user comment" by default. I mean, its interesting for blog users to have a personal ID although they are only commenting.

I will wait for yours answers.

Thanks in advance and sorry for my null capacity of explaining what I mean. I am reading all the post and it doesn't make a lot sense but hope you can understand

[jondaley]

Where do they login? A form on the article/comment page? And then when they login, it returns them to the article/comment page? Or perhaps they just put their login/password as part of the comment form?

I haven't tried it, to know exactly what permissions you need, but you can create users that don't have very many (any?) permissions on the admin side.

[aitor]

Hello again,

thanks for the answer. In fact, I had thought that they could login on a new costum template in the blog. Using login/password as part of the comment form could be very repetitive although it could work.

Yes, you can create users with any permissions on the admin side. But for $poster->isAuthenticated() to return true, you need at least to give one permission : "Access to the admin interface" althought when they are logged in, they can't do anything.

I mean, what I really want to do is a plugin that could simulate this permission but on the public side of the blog and without bothering the user going to the admin side.

As you say, this new users could be manually added on the admin side in LT table or perhaps a newer table in another database to automatize the process with another form on the public side (as in this forum when you want to register).

Any suggestion?

Thanks again.

[aitor]

Hi again,

I am really sorry but I was wrong from the start.

I mean, $poster->isAuthenticated() is related with the post owner. Then you have,

$comment->IsPosterAuthenticated() that says if the user who posted the comment was authenticated at that time. To achieve this, the comment form looks at the $authuser variable.

So what I really want to simulate with this new users is the $authuser instead of the $poster->isAuthenticated().

So forget everything, I will have a look at the sourc code and see the best solution for this.

Thanks and sorry for the incoveniences.

[jondaley]

I think you aren't that far off. I assumed/didn't notice that you said post-> instead of $authUser, I figured that is what you meant.

Once they logged in when making the first comment, they would stay logged in until their session expired, so it wouldn't be any more repetitive than any other method.

Yes, that is the privilege I was thinking of - I think you will only need that privilege.

You definitely could have a form that posted to admin side, and let them login, the trick will be redirecting them back to the public side, instead of showing them the dashboard. You might also have some trouble with the thing that you aren't "really" logged in until you click on the blog, but perhaps if you turn on the setting that says "skip dashboard", you will fix that problem.

[aitor]

Hi again jondaley and thanks for the answer.

I finally decided to face the problem in a different manner. It has more work than the solution you post in the last comment but I think it will work too.

I finally made a new plugin that registers two actions in the public side. This both actions are :

register_new_user (would be doing more or less the same than the adminewuseraction but adding the user with no permissions. This mean that the user can't log in the admin side).

log_public_user is the second action registered by the plugin. This action will just look at the lt_user database to check if the user exists and is correctly loggin in. (more or less like adminlogaction does, that means updating the sessionmanager in a way that $authuser will be true).

Both actions has their view and templates to show the results and hope it work.

What I will do after reading your post is to avoid coding the log_public_user action and do the trick of the admin interface and redirect them to the public side.

One technical final question.

Code: Select all

Request Object ( [_paramsRaw] => [_stripSlashes] => 1 [_props] => Array ( [op] => pub_register [usuari] => aitor [pass1] => lolo [pass2] => lolo [nombre_real] => Aitor Aldomà [email] => some_mail@gmail.com [bb2_screener_] => 1190387546 127.0.0.1 [LThttp127001grahihtdocsbloglifetype121] => 3jaagsnedeh4o95bjkcs1k5394 ) )

I can't access at the _props array to get the values of the registration form.

print_r($this->_actionInfo);
print_r($this->_request);

$this->_request->getValue("_props"); //this should get the _props array?

Thanks and I will post how this ends. Hope it works.

[thestroller]

Hello,

I think the better way is:
1. We provide a new option in Blog Configuration which allow user ask visitors log in to post comment.
2. Then, use an AJAX login form in the post is this option is Enable.
3. After visitors input username/password and press LOGIN. Use AJAX, the page will not need to refresh and the login form will be replace with the comment form.

Thank you

[phunkphorce]

I'm probably a bit too late to the show since you've already implemented a solution, but have you considered creating a special permission for these users? Let's say you can call it 'comment_poster_perm' and assign it to these special users, so that you know that they are users who registered to only post comments. I'm not sure if you're storing your commenters in a different blog table but my suggestion would allow you to use LT's own user management features as well.

Then you still need some code to allow these users to register but you've already done that

[aitor]

hi all again,

I have today finally ended coding the plugin (busy social weekend).

It finally consists of a plugin with two operations:

- user registration from the user side
- user login from the user side (once the user is logged, i just use the session manager to set the user and works really fine) with no more changes. Like if you were logged in the admin part.

I didn't use the admin login mechanism because I didn't want to modify the lifetype core with redirections and all this things.

Just say, it was really easy to code it because most of the code was extracted from the admin core.

I'm using authimage also for the registration form so I needed to modify it a bit to accept more operations than only "addComment".

The plugin works fine and once I have localized it, I will offer it to the comunity if anyone is interested in using it.

Thanks all for the help.

[mfkgermany]

I NEED THIS!
it's a function i'm looking for a long time, if it works, your are the king!

[ogd39]

Hi!
Would you share your plugin ?
It would interest a good part of LT community...
Thank you