Overview
Allows to login a user by passing a specially encrypted "auth" parameter in url.
Setup
- Obtain Url Login plugin from NAPC
- Install it in your Elegant 6 application (more info)
- Go to “Admin“-> “Sites“-> < “desired site“> -> “Plugins“-> “Url Login“ and configure the plugin.
Or
The plugin uses PHP Mcrypt library with "rijndael-128" cipher and "cbc" mode to decrypt "auth" parameter from url.
Parameters:
- “Initialization Vector“ - arbitrary 16 character string, needed for encryption algorithm;
- “Shared Key“ - Shared private key. It may be an arbitrary string or PHP readable path to file that contains the key. The key will be truncated/padded to 32 symbols.
Inside of UrlLoginPlugin.zip package you can find encrypt.php file. This sample file shows how to encrypt user credentials using php programming language. You can replicate this behavior in other programming languages that support described encryption mechanism.
Script parameters note:
- $iv - string value that matches the value from “Initialization Vector“ setting of the plugin;
- $key - string value that matches the value taken from “Shared Key“ setting of the plugin or from a file, if file path is specified in that plugin setting;
- $credentials - string, that contains user credentials in the following format username:password:expiration_timestamp (john_doe:jd_password:1468240951).
Obtained encrypted value can be then passed as "auth" parameter in Elegant6 site url:
http://example.com/elegant6?auth=7468697369736f7572696e697469616c57e36b0c8b8841c26d338a41fbe47242 will login the user and redirect him to "Top Level" page;
http://example.com/elegant6/basket?auth=7468697369736f7572696e697469616c57e36b0c8b8841c26d338a41fbe47242 will login the user and redirect him to "Basket Page" page;
http://example.com/elegant6/view?path=/DEMO/1328183.jpg?auth=7468697369736f7572696e697469616c57e36b0c8b8841c26d338a41fbe47242 will login the user and redirect him to "View" page of /DEMO/1328183.jpg asset.