You are here: Wiki :: Authenticating_Against_the_Joomla!_Users_Table :: View


Twitter Feed

Xataface Maillist

Sign up to receive the Xataface news letter with weekly updates and development tips.
 
Found 135 of 135 records in table Wiki
Now Showing 8 of 135
<<Back
Next>>

Current Record: Authenticating_Against_the_Joomla!_Users_Table

[Permalink]

Xataface is able to use the joomla users table to authenticate against so that, you can allow your users to log into your Xataface application using the same credentials as they use to access your joomla website. Achieving this level of integration requires 2 simple steps : 1 - Set up the [_auth] section of your conf.ini file to reference the joomla users table and the correct username and password columns. 2 - Create a delegate class for the joomla users table to be able to decrypt the password set in the table.

Configure the conf.ini file

Joomla users table is named jos_users. So you have to declare this table in the conf.ini file. 
[_auth]
users_table = jos_users
username_column = username
password_column = password
Note that username_column and password_column are very simple...

Create a delegate class for your users table

Now we have to create a delegate class for the users table to decrypt the passwords set in joomla. Joomla uses a custom md5 encryption.

Joomla encryption

When a user is setting a password in joomla, the system does several things : 1 - generate a random key containing alphanumeric characters example : 
8NdiRqLRKLHaNwudJ3InJknsew9sc7pL
2 - concate the clear entered password with the random key example : 
password8NdiRqLRKLHaNwudJ3InJknsew9sc7pL
3 - doing a md5 encryption on the result string example : 
md5(password8NdiRqLRKLHaNwudJ3InJknsew9sc7pL = f2b1fb3996442db549c1ed1a1eebbfe1
4 - concate the md5 string with the random key separated by ":" example : 
f2b1fb3996442db549c1ed1a1eebbfe1:8NdiRqLRKLHaNwudJ3InJknsew9sc7pL
So it's a great encryption but xataface doesn't know how to do that. Here is the utility of the delegate class. We will define a function inside which could compare the entered password in xataface with the joomla stored password.

Creating the delegate class

1 - Add a jos_users directory in your directory table 2 - Create a jos_users.php file inside this new directory

Creating the decrypt password function

Before posting this code, I would like to thank fantomasdm who created this function. So here is the code of the function to paste directly in the jos_users delegate class : 
<?
class tables_jos_users {
    
function password__serialize($password){

   $app =& Dataface_Application::getInstance(); 
   $query = "SELECT id, gid, block, password, usertype FROM jos_users where username='".$_POST['UserName']."'";
   $result = mysql_query($query,$app->db()) or die("Query failed" . mysql_error() );

   $line = mysql_fetch_array($result, MYSQL_ASSOC);
   mysql_free_result($result);

   $arraypass=explode(":", $linea['password']);
   $key=$arraypass[1];
   
   $ret = md5(trim($password).$key).":".$key;
   return $ret;
} 
}
?>
Save your file and test the result. Enjoy ! ;-)

blog comments powered by Disqus
Powered by Xataface
(c) 2005-2013 All rights reserved