Search the Community
Showing results for tags 'auth'.
I try to integrate Flarum forum with PW via JSONAPI. First tests are fine (register user, create discussions, get data, ...). To get a valide token I send the username and password as a api call. If auth was successful I'll get the uid and a token back. This token have to be renewed after 30 minutes. To get the token I need username and (plain!) password. So how should I save the user credentials / handle the users? Just additional fields in the user profile username, password, token and uid as array (serialized + base64 encoded) Sync PW users with the remote app (hook PW auth and send a auth request via API call -> token returned = login OK) 1 and 2 would be flexible, but user credentials are saved as plain text! 3 is a secure solution (no plain credentials needed), but PW have to use a remote user backend / auth and maybe some things could be less flexible... Do you see any problems with that solution? Could it break features / modules?
Got home to some strange behaviour on one of my development sites - not able to login. I have seen this: processwire.com/talk/topic/4011-cannot-login-to-admin-area/ But nothing there works. If I try changing the password, still can't sign in. Using SessionHandlerDatabase, and have cleared those caches too. Could that module be an issue in 2.5.25? I am running another few local sites on that version, but am not experiencing the same issue. Nothing in any error logs anywhere. Login form doesn't show any errors either. Wondering if the installation in question has gone all bonkers on me... Update: I also have the Forgot Password module enabled. Interestingly, when I click on it, it just shows the normal login form... Isn't it supposed to just show email? The URL does include ?forgot=1...