Fork me on GitHub

Announcement

The oneye project has been discontinued. You might not expect further fixes and support from us. All community related systems are set to read-only mode. Though feel free to download and use oneye as-is or even fork it over at GitHub.

#1 2012-05-18 17:40:03

fasenderos
Member
Registered: 2012-05-18
Posts: 26

Oneye Login Routine

Hi to all,
i'm trying to integrate a CMS user registration/login with oneye ... the registration process now works fine, when a user has registered in the CMS, the user-information also will be registered in oneye. Even editing, or deleting a user in CMS will edit, or delete the user settings at the oneye.

I have a problem with login/logout... how can I do to have an auto login/logout, so that once the user is logged in/out the CMS is also logged in/out automatically in oneye?

Any ideas are appreciated
thanks

Offline

#2 2012-05-19 11:07:15

fasenderos
Member
Registered: 2012-05-18
Posts: 26

Re: Oneye Login Routine

Does Oneye use cookies for tracking the user session...cause I thought I would get around the problem by automatically create coockies when users login and then destroy them when logout...if yes where oneye saves the coockies?

Offline

#3 2012-05-19 14:17:35

s0600204
Member
From: UK
Registered: 2012-01-22
Posts: 118
Website

Re: Oneye Login Routine

Fasendros,

Firstly, welcome to oneye.

Secondly, yes oneye keeps track of user sessions via cookies, but creating and destroying them probably isn't the key to login/logout. Let me try to explain.

When a user visits an oneye installation, a session is started and a cookie is set automatically. This is done before the login. If that user leaves the site instead of logging in and comes back later, the same cookie (and session) will be used to identify that user. The reason for this is so oneye can, when login credentials are given, identify where it came from. My point is that setting a cookie/starting a session with oneye is not equivalent to logging in.

Likewise, destroying a cookie, whilst causing an error message and sending the user back to the login screen, does not logout a user or end their session. If a user possesses the means and knowledge to recreate their cookie (possible in Opera, for instance) then that user can pick up from where they left off (without re-entering their credentials). Hence, destroying a cookie does not mean that user has logged out (and eventually the server will be trying to keep track of multiple unterminated (and no longer used) sessions, potentially slowing it down until server restart).


So, how might you log a user in and out automatically?

Logging in to oneye is handled by um:login (that's the login function on the um service), which gets called by eyeLogin, an application that also provides the login ui.

As for logging out, this is handled by an application called exit. This terminates the session on the server and logs the user out gracefully.

I'm guessing you wish to skip the oneye login ui for your users, so what you need to do is first establish a session within oneye (sessions are handled by the eyeSessions library) and then pass the user's credentials to um:login. And for logging out, just terminate the session within oneye (eyeSessions again).

How you achieve this is up to you. Have fun!


P.S. You can use ACL rules within oneye to prevent users from logging out from within oneye, if that helps. (Because otherwise the user could log out of oneye but not be logged out of your CMS system)

Offline

#4 2012-05-20 10:14:47

fasenderos
Member
Registered: 2012-05-18
Posts: 26

Re: Oneye Login Routine

Thanks for your clarification...i'm not a wizard, so probably the cookie's idea was a blasphemy for you... smile
I'll try to follow your advice and in the worst case the users will do two login wink

Regards,
Andrea

Offline

#5 2012-05-21 01:42:35

Ansem
Member
Registered: 2011-09-18
Posts: 49
Website

Re: Oneye Login Routine

Would like to know how you managed to link your user system of your CMS to your Oneye installation.
Been dying to do the same for my forum but too chicken to ask nor do I have any skills to accomplish it myself.


My website: http://www.dedeno.net - Learn Japanese
So many are still waiting for their new beginning, even you and even me

Offline

#6 2012-05-21 09:06:18

lars-sh
Administrator
From: near Hamburg, Germany
Registered: 2011-07-14
Posts: 731
Website

Re: Oneye Login Routine

There's a special oneye "extra" to access oneye services from external scripts on the same servers.

It should help creating and managing the users data, but might not be used to login / logout a user.

Therefore you could create an invisible iframe and login via the mobile version of oneye. The initiated session should work from mobile to desktop...


Best regards,
Lars Knickrehm

The oneye project.

Offline

#7 2012-07-17 10:14:24

fasenderos
Member
Registered: 2012-05-18
Posts: 26

Re: Oneye Login Routine

Ansem wrote:

Would like to know how you managed to link your user system of your CMS to your Oneye installation.
Been dying to do the same for my forum but too chicken to ask nor do I have any skills to accomplish it myself.

I've create a plugin for my cms that reproduce the oneye registration routine...

in simple words:
Registration
1) create dir in [ONEYEROOT]/user/short_username/username/ and copy all the folders inside /system/conf/skel/
2) create dir in [ONEYEROOT]/accounts/short_username/ and create the XML file (username.xml) with the user info

Update User Info
1) open the XML file (username.xml) and insert the new user info
2) Use Oneye ACL to deny the ability for user to update the user info (username, email pwd etc) inside oneye, so my users can only change their credential from the cms (see here http://forums.oneye-project.org/viewtopic.php?id=187 )

Delete
1) delete folder 'username' from [ONEYEROOT]/user/short_username/
2) delete the XML file [ONEYEROOT]/accounts/short_username/username.xml

lars-sh wrote:

Therefore you could create an invisible iframe and login via the mobile version of oneye. The initiated session should work from mobile to desktop...

I tried to login via the mobile version ( www.mysite.com/oneye/mobile/index.php ), but the user still logged out from the desktop version and viceversa...
Is this a bug?

Last edited by fasenderos (2012-07-17 10:43:19)

Offline

Board footer

Powered by FluxBB