Search the Community

Showing results for tags 'authentication'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Welcome to ProcessWire
    • News & Announcements
    • Showcase
    • Wishlist & Roadmap
  • Community Support
    • Getting Started
    • Tutorials
    • FAQs
    • General Support
    • API & Templates
    • Modules/Plugins
    • Themes and Profiles
    • Multi-Language Support
    • Security
    • Jobs
  • Off Topic
    • Pub
    • Dev Talk

Product Groups

  • ProDrafts
  • ListerPro
  • ProFields
  • ProCache
  • Form Builder
  • Likes
  • ProDevTools
  • Custom Development

Categories

There are no results to display.


Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Location


Interests

Found 5 results

  1. Greetings. I would like to restrict access to certain sections of my organization's ProcessWire site using pubcookie. We are rolling out Shibboleth authentication later this year but for now, it seems I can only make use of our institution's single sign-on routine by utilizing rules in an .htaccess file. I am wondering if there is a way to ask PW to apply these rules to certain pages in the site, whether via template type or location in the page tree: AuthType UWNetID PubcookieAppID "MyApplication" require type staff faculty
  2. Hello, I'm loosing the session when I quit my browser (it's not lost when I close/reopen the tab). Is there a way I can keep my PW session after a browser restart ? I use the session->login usual stuff to start one. Thanks
  3. bmacnaughton

    Are there any behind-the-scenes reasons that whitespace is not allowed in passwords, or is it a policy choice? I've found that people can remember phrases that mean something to them well so they make longer, more secure passwords/passphrases.
  4. berechar

    Hi all, A question regarding security/best-practice concerning a simple front-end login through AJAX calls. My plan is to use this kind of module inside a small AngularJS architecture to update the entire application when someone is logged in/out. * I've made a simple HTML form in which the user can login by typing his/her username and password in the corresponding fields. After submitting the form, these values are fetched with jQuery. Then an Ajax GET request is made with these values to a page which has access to the Processwire API. This page checks if these values (after sanitization) correspond to an existing user in the CMS. If the user and password matches, the user is logged in, and a success message is being returned. If the user and password mismatches, an error message is being returned. * I don't know much about encryption, therefore I highly doubt if this a 'safe' way of doing things. Hopefully someone can give me some pointers on this! best, berechar
  5. Hi, I'm working on a simple Ionic app which is going to use ProcessWire as the backend. This app allows people to upload images and then like/comment on them. It's a lot like a stripped down imgur app. I've set up some basic services such as register, login & reset password. There are a couple of things I am doubtful about. 1. How do I get user's unique session Id once he's successfully authenticated through AngularJS's http post request? I'm currently using following code: $sessions = $session->getAll(); $session_id = $session->_user["fingerprint"]; But I'm not sure if that's the right way to do it. I'm not even sure if that's the session id. I know there's something called SessionCSRF["name"], I tried that. I'm sending session_id as response to http post request. Then I'm using that session id to check if user is authenticated for his/her further actions such as commenting/liking/posting etc. 2. Now that I've got the session id, how do I identify the user based on the given session id? or should I send user ID back to PW everytime user is performing any action? Is it possible to identify user just based on the session fingerprint that I'm giving back to the app? Among other things I'm considering are keeping a device id on the server for each user, so as to gain better control over user's sessions. I can log out all the devices linked at once etc. I'd really love to hear from you guys how you'd plan to do this app. I'm experienced with PW but not very much with AngularJS. Thank you.