I am using the following code in page.tpl.php to redirect logged-in users to the first page:
if($is_front){if($user->uid != 0){header('Location:merchant-mobile');}
else{include("page-front.tpl.php"); return;}}
But this function conflicts with the logout function, since the logout function redirects the user to the front page, and does a logout. How can this be prevented?
You could use Rules for that or a simpler code with drupal_goto function:
global $user;
if($is_front){
if($user->uid != 0){
header('Location:merchant-mobile');
} else {
drupal_goto('<front>');
}
}
But why redirect a user to the frontpage if he is in the frontpage? if($is_front) means that the current page is frontpage. Did you mean to write if(!$is_front)?
Related
I want that users have to login before seeing other pages. If they try to access some other page, they have to login first.
I tried using the following, but it keeps giving me an HTTP Status 401 - Access Denied error.
http.csrf().disable().exceptionHandling()
.authenticationEntryPoint(unauthorizedHandler).and()
.formLogin().loginPage("/login").successHandler(authSuccess)
.failureHandler(authFailure).and().authorizeRequests()
.antMatchers("/login", "/#/login", "/login.html", "/login.jsp", "login", "/login")
.permitAll().anyRequest().authenticated();
Since I am using angularjs, it might have to be something with that. I however still tried to add the /#/login part, but still without any good result.
You can achieve this using routing. Have a look at the below code.
app.run(function($rootScope, $location,cacheLogOut) {
// register listener to watch route changes
$rootScope.$on("$routeChangeStart", function(event, next, current) {
if ($rootScope.loggedUser == null) {
// no logged user, we should be going to #login
if (next.templateUrl == "login.html") {
// already going to #login, no redirect needed
} else {
// not going to #login, we should redirect now
$location.path("/login");
}
}
});
});
This is borrowed from Redirecting to a certain route based on condition. I am using it for redirecting to the login page if the user is not logged in. The $rootScope.loggedUser value is set once the user is logged in.
I have a basic question about salesforce session, i want to logout my users automatically when they close the browser window.
Thanks for your help.
This is an old thread but I thought I would go ahead and share my work around...
Add a controller to your site home page, and in the init action, redirect to secure page, if it is not already a secure page.
public PageReference init() {
String currentURL = Site.getCurrentSiteUrl();
if (!startsWith(currentUrl, 'https://')) {
return redirect(currentURL.replace('http://', 'https://'));
}
return null;
}
Let me explain the situation before I ask the question. I have a site, domain.com. the page sub.domain.com requires a user to be logged in to access. If I allow access to sub.domain.com/login which provides a form whose action is domain.com/login, it sends the data to domain.com/login and redirects back to sub.domain.com/login like it should. However, if I try to access sub.domain.com (which requires authentication) it redirects to domain.com/login correctly, but doesn't redirect back to sub.domain.com after logging in. I found the error to be that the redirect when not logged in wasn't sending the referrer header. Is there a way to make it so that if a user tries to access a page on a subdomain that requires authentication, that it will redirect him to domain.com/login, then back to where he originally was?
Does redirect always need to redirect back to sub.domain.com? If so, i'd suggest setting the AuthComponents loginRedirect attribute to the location you want the user to be redirected to. See this page: http://book.cakephp.org/1.3/en/view/1270/loginRedirect
Also, that page says that CakePHP automatically stores the controller-action pair you were accessing before the login in your session. So maybe you should also check whether your session is shared between the domain.com and sub.domain.com.
One final comment: what does happen after login? Are you redirected to the controller/action on domain.com or aren't you redirected at all?
NOTE: I'm assuming you're using CakePHP 1.3 and use the AuthComponent for logging users in.
Ok, it all had to do with routes. I finally was able to get it working by setting up a switch statement in my routes.php file:
switch(Configure::read('subdomain'))
{
case 'subdomain':
Router::connect('/login', array('controller'=>'users', 'action'=>'login'));
}
And set up my bootstrap like so:
preg_match('/^(?:www\.)?(?:(.+)\.)?(.+\..+)$/i', env('HTTP_HOST'), $matches);
$subdomain = empty($matches[1]) ? false : $matches[1];
if( strlen($subdomain) > 0 && $subdomain != "www" )
{
if($subdomain == 'api')
$_GET["url"] = $subdomain . "/" . (isset($_GET["url"]) ? $_GET["url"] : "");
Configure::write('subdomain', $subdomain);
}
I'm developing application with CakePHP 1.3 and using its Auth component. Is it possible to count login fails in order to deactivate users account after a few unsuccessfull attempts? Is there anything like loginErrorRedirect?
How are you intending to deactivate a user if they can't login? If they login as
test#test.com FAIL
tester#test.com FAIL
test123#test.com FAIL
are you going to invalidate all these users?
To record login failures, your could add the following to your login() action in whatever controller
if(empty($this->Session->Auth) && isset($this->data))
{
if($this->Session->read('login.fail'))
{
$login_fail = $this->Session->read('login.fail') + 1;
}else{
$login_fail = 1;
}
$this->Session->write("login.fail",$login_fail);
}
I have a link on the main page that is only accessible if they are logged in. However, if this link is clicked, I want to show a custom error message on the login page (a custom 'Message.auth').
i.e. I want (pseudo code)
if (referer == '/users/reserve'){
Message.auth = 'Please log in to reserve tickets';
}
else {
Message.auth = 'Please log in to access that page';
}
Where would I put this bit of code?
Provided you have auth flash messages being output in the login view, this should work:
// login action of users_controller.ctp
if ($this->Session->check('Auth.redirect')
&& $this->Session->read('Auth.redirect') == '/users/reserve') {
$this->Session->write('Message.auth', 'Please log in to reserve tickets');
}
to get referer you can call $this->referer() to get the referring URL then pass that value to your view.
see: referer