Please login or register.

Login with username, password and session length
Advanced search  

Author Topic: [Small-MOD] Login as admin with my google account  (Read 643 times)

skian

  • Full Member
  • ***
  • Karma: 14
  • Posts: 120
[Small-MOD] Login as admin with my google account
« on: April 24, 2012, 09:43:28 PM »

MathCaptacha is my less favorite "feature" because it is annoying and useless.

Anyway, I decided that I don't want to type my login, password again and again to edit pages with snews. I decided to login with my google account. So this is a simple mod to do exactly that. Please note that this mod is probably not usable (as is) with any snews installation as it requires to store you google account (usually your gmail address) in plain text within snews core file.

Part one : modify login form.


Quote
function login() {
   if (!_ADMIN) {
        echo '<div class="adminpanel">
      <h2>'.l('login').'</h2>';
      echo html_input('form', '', 'post', '', '', '', '', '', '', '', '', '', 'post', _SITE.'administration/', '');
      echo '<p>'.l('login_limit').'</p>';
      echo html_input('text', 'uname', 'uname', '', l('username'), 'text', '', '', '', '', '', '', '', '', '');
      echo html_input('password', 'pass', 'pass', '', l('password'), 'text', '', '', '', '', '', '', '', '', '');
      echo mathCaptcha();
      echo '<p>';
      echo html_input('hidden', 'Loginform', 'Loginform', 'True', '', '', '', '', '', '', '', '', '', '', '');
      echo html_input('submit', 'submit', 'submit', l('login'), '', 'button', '', '', '', '', '', '', '', '', '');
      echo '</p></form></div>';
      echo '<form action="?login" method="post"><button>Login with Google</button></form>';
   } else {
      echo '<h2>'.l('logged_in').'</h2>
         <p><a href="'._SITE.'logout/" title="'.l('logout').'">'.l('logout').'</a></p>';
   }
}

Part two : handle openid link

After section starting with
if(isset($_POST['Loginform']) && !_ADMIN) {
add this code (update text in green)

Quote
require 'openid.php';
try {
    # Change 'localhost' to your domain name.
    $openid = new LightOpenID('yourdomain.example.org');
    if(!$openid->mode) {
        if(isset($_GET['login'])) {
            $openid->identity = 'https://www.google.com/accounts/o8/id';
            $openid->required = array('contact/email');
            header('Location: ' . $openid->authUrl());
        }
    } elseif($openid->mode == 'cancel') {
      die(notification(2,l('User has canceled authentication!'),'login'));
    } else {
        $userAttr = $openid->validate() ? $openid->getAttributes() : null;
        if ($userAttr['contact/email'] == 'example@gmail.com') {
         $_SESSION[_SITE.'Logged_In'] = token();
         notification(2,'','administration');
        } else {
           notification(2,l('err_Login'),'login');
        }
    }
} catch(ErrorException $e) {
    die(notification(2,$e->getMessage(),'login'));
}

Part three : add openid.php in your snews directory. This file is available from http://gitorious.org/lightopenid.


A few notes :
- To validate openid with google, your web server needs to connect to google (with curl or php stream). Not every hosts permit this. So  this mod won't work on such hosts.
- Credit Where Credit is Due : All the openid magic is provided by lightopenid project.
- Left as an exercise for the reader : allow multiple google account to have admin access
« Last Edit: April 24, 2012, 09:45:09 PM by skian »
Logged

sibas

  • Sr. Member
  • ****
  • Karma: 23
  • Posts: 451
    • www.simply4all.net
Re: [Small-MOD] Login as admin with my google account
« Reply #1 on: April 27, 2012, 03:02:30 AM »

Nice mod skian
I think is most suitable for users in snewsMU, pity that not support login with facebook or twitter.
karma to u!
Logged

skian

  • Full Member
  • ***
  • Karma: 14
  • Posts: 120
Re: [Small-MOD] Login as admin with my google account
« Reply #2 on: April 27, 2012, 11:28:09 AM »

Tks sibas,
I'm no expert, but as I understand it, twitter & fb both use OAuth rather than Openid so they both require the website owner to obtain a auth token before being able to request a centralized logon which kind of defeats the whole purpose imho.
« Last Edit: April 27, 2012, 11:36:27 AM by skian »
Logged