Authenticating to wiki using existing cookie

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Authenticating to wiki using existing cookie

Justin Nazarenko
Hi all,

 

I asked this question a few months back and I am hoping someone has come
across a way to do it.


Basically, my wiki will sit at the URL wiki.domain.com.  My users come to
www.domain.com <http://www.domain.com/>  and log in, and I store a persisten
cookie for domain.com that contains their domain username.

 

Since this is true, is there a way to have it so that when a user clicks on
the link to the wiki from www.domain.com <http://www.domain.com/> ,
mediawiki will check the cookie, extract the username and authenticate the
user to the wiki using that same username? (creating appropriate tables in
the mediawiki db, etc).  Note:  the wiki is on a separate machine from the
main domain, so I can't use REMOTE_USER variable.

 

Thanks for any insight and feedback.

 

-Justin

_______________________________________________
MediaWiki-l mailing list
[hidden email]
http://mail.wikipedia.org/mailman/listinfo/mediawiki-l
Reply | Threaded
Open this post in threaded view
|

Re: Authenticating to wiki using existing cookie

Domas Mituzas
Justin,

> I asked this question a few months back and I am hoping someone has  
> come
> across a way to do it.

Or just too lazy to answer, ha ha ha.

Extension (I stripped internal bits, you'd have to implement your own  
for cookie/realname/email checking, more can be done to User object  
too):

<?

global $wgHooks;
$wgHooks['AutoAuthenticate'][] = 'AuthServerMagic';


/* Remove login and logout, you don't need it in already  
authenticated environment */
$wgExtensionFunctions[]="setupAuthServerMagic";
function setupAuthServerMagic() {
         global $wgSpecialPages;
         unset($wgSpecialPages["Userlogin"]);
         unset($wgSpecialPages["Userlogout"]);
}

function AuthServerMagic(&$user) {
         session_start();

        /* Do not forget to verify if it is not forged... */
        $name=extract_cookie_from($_COOKIE["superdupercookie"]);

         if ($name == "") {
                 header('Location: https://go.there.and/login.php?
back='.$enc);
                 exit();
         }

         $user = User::newFromName( $name );
         if ( $user->getID() == 0 ) {

                 $realname=get_real_name($name);
                 $email=get_email($name);

                 $user->addToDatabase();
                 $user->setEmail($email);
                 $user->setRealName($realname);
                 $user->setToken();
                 $user->saveSettings();
         } else {
                 /* Should cache some day, I guess :) */
                 $user->loadFromDatabase();
         }
         return true;
}

?>

_______________________________________________
MediaWiki-l mailing list
[hidden email]
http://mail.wikipedia.org/mailman/listinfo/mediawiki-l