DokuWiki

It's better when it's simple

User Tools

Site Tools


plugin:authmysql:contao

Contao Open Source CMS

Configuration for authMySQL Auth plugin to authenticate with Contao Open Source Content Management System, which let's do:

  • Authentication

Use the Config Manager or add it to the conf/mysql.conf.php to store the config protected.

Requires associategroups. Tested on Contao 3.5. Contao uses PHP's password_hash(), which is available for PHP >= 5.5. Not tested for older PHP version, where Contao hashes the passwords alternatively. @see \Contao\Encryption

Maybe you have to adjust the $conf['defaultgroup'] and $conf['superuser'] in your conf/local.php.

conf/mysql.conf.php
<?php
/*
 * This is an example configuration for the mysql auth plugin.
 *
 * This SQL statements are optimized for following table structure.
 * If you use a different one you have to change them accordingly.
 * See comments of every statement for details.
 *
 * TABLE users
 *     uid   login   pass   firstname   lastname   email
 *
 * TABLE groups
 *     gid   name
 *
 * TABLE usergroup
 *     uid   gid
 *
 * To use this configuration you have to copy them to local.protected.php
 * or at least include this file in local.protected.php.
 */
 
/* Options to configure database access. You need to set up this
 * options carefully, otherwise you won't be able to access you
 * database.
 */
$conf['plugin']['authmysql']['server']   = '';
$conf['plugin']['authmysql']['user']     = '';
$conf['plugin']['authmysql']['password'] = '';
$conf['plugin']['authmysql']['database'] = '';
 
/* This option enables debug messages in the mysql plugin. It is
 * mostly useful for system admins.
 */
$conf['plugin']['authmysql']['debug'] = 0;
 
/* Normally password encryption is done by DokuWiki (recommended) but for
 * some reasons it might be usefull to let the database do the encryption.
 * Set 'forwardClearPass' to '1' and the cleartext password is forwarded to
 * the database, otherwise the encrypted one.
 */
$conf['plugin']['authmysql']['forwardClearPass'] = 0;
 
/* Multiple table operations will be protected by locks. This array tolds
 * the plugin which tables to lock. If you use any aliases for table names
 * these array must also contain these aliases. Any unamed alias will cause
 * a warning during operation. See the example below.
 */
$conf['plugin']['authmysql']['TablesToLock']= array("tl_member", "tl_member AS m","tl_member_group", "tl_member_group AS g", "tl_member_to_group", "tl_member_to_group AS mg");
 
/***********************************************************************/
/*       Basic SQL statements for user authentication (required)       */
/***********************************************************************/
 
/* This statement is used to grant or deny access to the wiki. The result
 * should be a table with exact one line containing at least the password
 * of the user. If the result table is empty or contains more than one
 * row, access will be denied.
 *
 * The plugin accesses the password as 'pass' so an alias might be necessary.
 *
 * Following patters will be replaced:
 *   %{user}    user name
 *   %{pass}    encrypted or clear text password (depends on 'encryptPass')
 *   %{dgroup}  default group name
 */
$conf['plugin']['authmysql']['checkPass']   = "SELECT m.password AS pass
                                               FROM tl_member_to_group AS mg
                                               INNER JOIN tl_member m ON m.id=mg.member_id
                                               INNER JOIN tl_member_group AS g ON g.id=mg.group_id
                                               WHERE m.username='%{user}'
                                               AND g.name='%{dgroup}'";
 
/* This statement should return a table with exact one row containing
 * information about one user. The field needed are:
 * 'pass'  containing the encrypted or clear text password
 * 'name'  the user's full name
 * 'mail'  the user's email address
 *
 * Keep in mind that Dokuwiki will access thise information through the
 * names listed above so aliasses might be neseccary.
 *
 * Following patters will be replaced:
 *   %{user}    user name
 */
$conf['plugin']['authmysql']['getUserInfo'] = "SELECT password AS pass, CONCAT(firstname,' ',lastname) AS name, email AS mail
                                               FROM tl_member
                                               WHERE username='%{user}'";
 
/* This statement is used to get all groups a user is member of. The
 * result should be a table containing all groups the given user is
 * member of. The plugin accesses the group name as 'group' so an alias
 * might be nessecary.
 *
 * Following patters will be replaced:
 *   %{user}    user name
 */
$conf['plugin']['authmysql']['getGroups']   = "SELECT name as `group`
                                               FROM tl_member_group g, tl_member m, tl_member_to_group mg
                                               WHERE m.id = mg.member_id
                                               AND g.id = mg.group_id
                                               AND m.username='%{user}'";
 
/***********************************************************************/
/*      Additional minimum SQL statements to use the user manager      */
/***********************************************************************/
 
/* This statement should return a table containing all user login names
 * that meet certain filter criteria. The filter expressions will be added
 * case dependend by the plugin. At the end a sort expression will be added.
 * Important is that this list contains no double entries for a user. Each
 * user name is only allowed once in the table.
 *
 * The login name will be accessed as 'user' to an alias might be neseccary.
 * No patterns will be replaced in this statement but following patters
 * will be replaced in the filter expressions:
 *   %{user}    in FilterLogin  user's login name
 *   %{name}    in FilterName   user's full name
 *   %{email}   in FilterEmail  user's email address
 *   %{group}   in FilterGroup  group name
 */
$conf['plugin']['authmysql']['getUsers']    = "SELECT DISTINCT username AS user
                                               FROM tl_member AS m
                                               LEFT JOIN tl_member_to_group AS mg ON m.id=mg.member_id
                                               LEFT JOIN tl_member_group AS g ON mg.group_id=g.id";
$conf['plugin']['authmysql']['FilterLogin'] = "username LIKE '%{user}'";
$conf['plugin']['authmysql']['FilterName']  = "CONCAT(firstname,' ',lastname) LIKE '%{name}'";
$conf['plugin']['authmysql']['FilterEmail'] = "email LIKE '%{email}'";
$conf['plugin']['authmysql']['FilterGroup'] = "name LIKE '%{group}'";
$conf['plugin']['authmysql']['SortOrder']   = "ORDER BY login";
 
/***********************************************************************/
/*   Additional SQL statements to add new users with the user manager  */
/***********************************************************************/
 
/* This statement should add a user to the database. Minimum information
 * to store are: login name, password, email address and full name.
 *
 * Following patterns will be replaced:
 *   %{user}    user's login name
 *   %{pass}    password (encrypted or clear text, depends on 'encryptPass')
 *   %{email}   email address
 *   %{name}    user's full name
 */
//$conf['plugin']['authmysql']['addUser']     = "INSERT INTO users
//                                               (login, pass, email, firstname, lastname)
//                                               VALUES ('%{user}', '%{pass}', '%{email}',
//                                               SUBSTRING_INDEX('%{name}',' ', 1),
//                                               SUBSTRING_INDEX('%{name}',' ', -1))";
 
/* This statement should add a group to the database.
 * Following patterns will be replaced:
 *   %{group}   group name
 */
//$conf['plugin']['authmysql']['addGroup']    = "INSERT INTO groups (name)
//                                               VALUES ('%{group}')";
 
/* This statement should connect a user to a group (a user become member
 * of that group).
 * Following patterns will be replaced:
 *   %{user}    user's login name
 *   %{uid}     id of a user dataset
 *   %{group}   group name
 *   %{gid}     id of a group dataset
 */
//$conf['plugin']['authmysql']['addUserGroup']= "INSERT INTO usergroup (uid, gid)
//                                               VALUES ('%{uid}', '%{gid}')";
 
/* This statement should remove a group fom the database.
 * Following patterns will be replaced:
 *   %{group}   group name
 *   %{gid}     id of a group dataset
 */
//$conf['plugin']['authmysql']['delGroup']    = "DELETE FROM groups
//                                               WHERE gid='%{gid}'";
 
/* This statement should return the database index of a given user name.
 * The plugin will access the index with the name 'id' so an alias might be
 * necessary.
 * following patters will be replaced:
 *   %{user}    user name
 */
$conf['plugin']['authmysql']['getUserID']   = "SELECT id
                                               FROM tl_member
                                               WHERE username='%{user}'";
 
/***********************************************************************/
/*   Additional SQL statements to delete users with the user manager   */
/***********************************************************************/
 
/* This statement should remove a user fom the database.
 * Following patterns will be replaced:
 *   %{user}    user's login name
 *   %{uid}     id of a user dataset
 */
//$conf['plugin']['authmysql']['delUser']     = "DELETE FROM users
//                                               WHERE uid='%{uid}'";
 
/* This statement should remove all connections from a user to any group
 * (a user quits membership of all groups).
 * Following patterns will be replaced:
 *   %{uid}     id of a user dataset
 */
//$conf['plugin']['authmysql']['delUserRefs'] = "DELETE FROM usergroup
//                                               WHERE uid='%{uid}'";
 
/***********************************************************************/
/*   Additional SQL statements to modify users with the user manager   */
/***********************************************************************/
 
/* This statements should modify a user entry in the database. The
 * statements UpdateLogin, UpdatePass, UpdateEmail and UpdateName will be
 * added to updateUser on demand. Only changed parameters will be used.
 *
 * Following patterns will be replaced:
 *   %{user}    user's login name
 *   %{pass}    password (encrypted or clear text, depends on 'encryptPass')
 *   %{email}   email address
 *   %{name}    user's full name
 *   %{uid}     user id that should be updated
 */
//$conf['plugin']['authmysql']['updateUser']  = "UPDATE users SET";
//$conf['plugin']['authmysql']['UpdateLogin'] = "login='%{user}'";
//$conf['plugin']['authmysql']['UpdatePass']  = "pass='%{pass}'";
//$conf['plugin']['authmysql']['UpdateEmail'] = "email='%{email}'";
//$conf['plugin']['authmysql']['UpdateName']  = "firstname=SUBSTRING_INDEX('%{name}',' ', 1),
//                                               lastname=SUBSTRING_INDEX('%{name}',' ', -1)";
//$conf['plugin']['authmysql']['UpdateTarget']= "WHERE uid=%{uid}";
 
/* This statement should remove a single connection from a user to a
 * group (a user quits membership of that group).
 *
 * Following patterns will be replaced:
 *   %{user}    user's login name
 *   %{uid}     id of a user dataset
 *   %{group}   group name
 *   %{gid}     id of a group dataset
 */
//$conf['plugin']['authmysql']['delUserGroup']= "DELETE FROM usergroup
//                                               WHERE uid='%{uid}'
//                                               AND gid='%{gid}'";
 
/* This statement should return the database index of a given group name.
 * The plugin will access the index with the name 'id' so an alias might
 * be necessary.
 *
 * Following patters will be replaced:
 *   %{group}   group name
 */
$conf['plugin']['authmysql']['getGroupID']  = "SELECT id
                                               FROM tl_member_group
                                               WHERE name='%{group}'";
plugin/authmysql/contao.txt · Last modified: 2016-04-10 22:23 by 2a02:8108:9dc0:b74:e0f5:f086:7c2:1a87