This is an old revision of the document!
Table of Contents
AUTH_LOGIN_CHECK
- Description:
- intercept requests before authentication
- DefaultAction:
- DokuWiki's own login
- Preventable:
- yes
- Added:
- 2009-03-13
This Event allows to provide authentication on a per request basis by using signatures or tokens instead of the default DokuWiki login or cookies. The event is triggered by auth_setup() in inc/auth.php and by login() in inc/RemoteAPICore.php.
Since 2010-01-29, there is an AFTER
event available.
The global $AUTH_ACL is not set up when this event is triggered.
Passed Data
The passed Doku_Event object has the fields: $data
and $result
.
The field $data
is an associative array containing the login parameters as entries:
user
– User namepassword
– Passwordsticky
– Cookie should not expiresilent
– Don't show error on bad authentication
If the BEFORE event handler does not $event->preventDefault()
those parameters are passed to auth_login() via a wrapper function. The parameters in the $data
field can be modified here as well.
The $result
field is set by the default function to true on successful authentication, otherwise false.
The AFTER event handler can changes this return value, but the default login action is then already tried.
Plugins handling this event
The following plugins are known to handle this event and their source code may be a good start for understanding and implementing a handler yourself.
- Oauth simple (simple: hardcoded tokens) for the OAuth API
- Oauth - work in progress