Joomla onUserAuthenticate

Question

在Joomla源码中，我发现了一个名为onUserAuthenticate的方法，它在API中找不到(通过谷歌)，但它的功能类似于onLoginUser……所以，在登录/密码检查之后，我需要通过这个函数运行更多的代码。因此，我有了true/false -根据它，我需要完全设置用户的授权。即使用户的登录/密码是正确的，但我的代码返回假的->授权失败...

我正在尝试类似这样的东西：

functionon UserAuthenticate($credentials,$options,&$response){

  jimport('joomla.user.helper');

  $username=mysql_real_escape_string($credentials['username']);
  $password=mysql_real_escape_string(md5($credentials['password']));

  //my code returns $result

  if($result!=NULL){
    $response->status=JAUTHENTICATE_STATUS_SUCCESS;
    $response->error_message='';
  }
  else{
    $response->status=JAUTHENTICATE_STATUS_FAILURE;
    $response->error_message=JText::_('JGLOBAL_AUTH_INVALID_PASS');
  }
}

Answer 1

onUserAuthenticate是一个事件，而不是一个方法。你使用插件来监听Joomla事件，在这种情况下，通常由用户插件监听。当事件发生时，您的代码将运行。http://docs.joomla.org/Plugin

Answer 2

您可以在自定义登录表单中尝试此功能-

$app = JFactory::getApplication();
$data = array();
$data['return']     = '';
$data['username']   = JRequest::getVar('username', '', 'method', 'username');
$data['password']   = JRequest::getString('password', '', 'post', JREQUEST_ALLOWRAW);

// Get the log in options.
$options = array();

// Get the log in credentials.
$credentials = array();
$credentials['username'] = $data['username'];
$credentials['password'] = $data['password'];

// Perform the log in.
$error = $app->login($credentials, $options);

if (!JError::isError($error)) {
    $response->status=JAUTHENTICATE_STATUS_SUCCESS;
    $response->error_message='';                    
}else{
    $response->status=JAUTHENTICATE_STATUS_FAILURE;
    $response->error_message=JText::_('JGLOBAL_AUTH_INVALID_PASS');
}

Answer 3

如果你想要在函数"onUserAuthenticate“上验证解决方案，你应该自己检查用户凭证是否有效，并使用以下代码进行验证：

   function onUserAuthenticate($credentials, $options, &$response)
   {
    $response->type = 'Joomla';
    // Joomla does not like blank passwords
    if (empty($credentials['password'])) {
      $response->status = JAuthentication::STATUS_FAILURE;
      $response->error_message = JText::_('JGLOBAL_AUTH_EMPTY_PASS_NOT_ALLOWED');
      return false;
    }

    // Initialise variables.
    $conditions = '';

    // Get a database object
    $db   = JFactory::getDbo();
    $query  = $db->getQuery(true);

    $query->select('id, password');
    $query->from('#__users');
    $query->where('username=' . $db->Quote($credentials['username']));

    $db->setQuery($query);
    $result = $db->loadObject();

    if ($result) {
      $parts  = explode(':', $result->password);
      $crypt  = $parts[0];
      $salt = @$parts[1];
      $testcrypt = JUserHelper::getCryptedPassword($credentials['password'], $salt);

      if ($crypt == $testcrypt) {

        $user = JUser::getInstance($result->id); // Bring this in line with the rest of the system
        $response->email = $user->email;
        $response->fullname = $user->name;

        $response->status = JAuthentication::STATUS_SUCCESS;
        $response->error_message = '';

        print_r("You login correct Sir");
        die();        

      } else {
        print_r("you enter wrong credential");
        die();

        $response->status = JAuthentication::STATUS_FAILURE;
        $response->error_message = JText::_('JGLOBAL_AUTH_INVALID_PASS');

      }

    } else {

    print_r("you enter blank credential");
    die();
      $response->status = JAuthentication::STATUS_FAILURE;
      $response->error_message = JText::_('JGLOBAL_AUTH_NO_USER');

    }
      return true;
   }