http://xataface.com/wiki/index.php?-action=single_record_search&-table=wiki&page_id=%3D93&-cursor=0&-skip=0&-limit=30&-mode=list&--subsearch= Sat, 25 May 2013 01:45:43 +0100 FeedCreator 1.7.2 http://www.xataface.com/wiki/Authenticating_Against_the_Joomla!_Users_Table <table><thead><tr><th>Field</th><th>Value</th></tr></thead><tbody><tr><td valign="top">Page name</td><td valign="top">Authenticating_Against_the_Joomla!_Users_Table</td></tr><tr><td valign="top">Page id</td><td valign="top">93</td></tr><tr><td valign="top">Content</td><td valign="top"><p>Xataface is able to use the joomla users table to authenticate against so that, you can allow your users to log into your Xataface application using the same credentials as they use to access your joomla website. Achieving this level of integration requires 2 simple steps : 1 - Set up the [_auth] section of your conf.ini file to reference the joomla users table and the correct username and password columns. 2 - Create a delegate class for the joomla users table to be able to decrypt the password set in the table. <h2 id="toc0">Configure the conf.ini file</h2> Joomla users table is named jos_users. So you have to declare this table in the conf.ini file. <pre><code>[_auth] users_table = jos_users username_column = username password_column = password</code></pre> Note that username_column and password_column are very simple... <h2 id="toc1">Create a delegate class for your users table</h2> Now we have to create a delegate class for the users table to decrypt the passwords set in joomla. Joomla uses a custom md5 encryption. <h3 id="toc2">Joomla encryption</h3> When a user is setting a password in joomla, the system does several things : 1 - generate a random key containing alphanumeric characters example : <pre><code>8NdiRqLRKLHaNwudJ3InJknsew9sc7pL</code></pre> 2 - concate the clear entered password with the random key example : <pre><code>password8NdiRqLRKLHaNwudJ3InJknsew9sc7pL</code></pre> 3 - doing a md5 encryption on the result string example : <pre><code>md5(password8NdiRqLRKLHaNwudJ3InJknsew9sc7pL = f2b1fb3996442db549c1ed1a1eebbfe1</code></pre> 4 - concate the md5 string with the random key separated by &quot;:&quot; example : <pre><code>f2b1fb3996442db549c1ed1a1eebbfe1:8NdiRqLRKLHaNwudJ3InJknsew9sc7pL</code></pre> So it's a great encryption but xataface doesn't know how to do that. Here is the utility of the delegate class. We will define a function inside which could compare the entered password in xataface with the joomla stored password. <h3 id="toc3">Creating the delegate class</h3> 1 - Add a jos_users directory in your directory table 2 - Create a jos_users.php file inside this new directory <h3 id="toc4">Creating the decrypt password function</h3> Before posting this code, I would like to thank fantomasdm who created this function. So here is the code of the function to paste directly in the jos_users delegate class : <pre><code>&lt;? class tables_jos_users { function password__serialize($password){ $app =&amp; Dataface_Application::getInstance(); $query = &quot;SELECT id, gid, block, password, usertype FROM jos_users where username='&quot;.$_POST['UserName'].&quot;'&quot;; $result = mysql_query($query,$app-&gt;db()) or die(&quot;Query failed&quot; . mysql_error() ); $line = mysql_fetch_array($result, MYSQL_ASSOC); mysql_free_result($result); $arraypass=explode(&quot;:&quot;, $linea['password']); $key=$arraypass[1]; $ret = md5(trim($password).$key).&quot;:&quot;.$key; return $ret; } } ?&gt;</code></pre> Save your file and test the result. Enjoy ! ;-)</p> </td></tr><tr><td valign="top">Keywords</td><td valign="top">joomla authentication md5</td></tr><tr><td valign="top">Language</td><td valign="top">en</td></tr></tbody></table> Authenticating_Against_the_Joomla!_Users_Table