Jump to content
Slav

Need help with expired session redirect...

Recommended Posts

Hey Guys! Im new to PW and am working on a website built on PW. Im trying to understand how sessions work in PW. Specifically what exactly is happening when session expires. The thing is that my client wants to be redirected to homepage whenever session expires, so basically he doesnt want to be redirected to admin login page when he's in the admin environment of PW(he doesnt want his clients to see the admin login page for whatever reason). Is it possible to hook to the session expiration and redirect to a specific url? And what is the correct way to do it in PW?

I would appreciate the help!

Cheers!

Share this post


Link to post
Share on other sites

@Slav Welcome to the forum. Take this as a first approach

 

$homeUrl = $pages->get(1)->url;
// Prevent redirect to admin login. Redirect to homepage instead
if (!$user->isLoggedin() && isset($input->get->login)) $session->redirect($homeUrl);
if ($user->isLoggedin() && isset($input->get->login)) $session->redirect($customLoginUrl);

// set custom login/ logout urls
$login = $modules->get('ProcessLogin');
$login->setLoginURL($customLoginUrl);
$login->setLogoutURL($homeUrl);

 

  • Like 1

Share this post


Link to post
Share on other sites

Welcome Slav!

You might also be interested in this one:

Or this one:

Hope this helps.

  • Like 1

Share this post


Link to post
Share on other sites

Thank you guys for the replies!

@kixe

Okey this looks interesting. Where exactly should I use this snipet? And can you explain the logic little bit.. why is $customLoginUrl important there?

@szabesz

I checked the posts that you provided. I am already using this (in site/ready.php file):

wire()->addHookBefore("ProcessLogin::executeLogout", null, "setRedirect");
function setRedirect(HookEvent $event) {
   $event->object->setLogoutURL(wire('pages')->get('/')->httpUrl);
}

And it works great, but it only works when you perform Logout procedure (I needed that aswell though) not when the session expires.

In the other post they talk more about redirecting particular user to home page when he is performing login but its again not exactly what I am looking for. There is some interesting info about templates-admin "default.php" file... how does it work? Do I have to use default.php file? Whats the reason? Can anyone explain to a beginner?

 

Cheers!

Share this post


Link to post
Share on other sites
On 28.4.2017 at 9:02 AM, szabesz said:

Maybe @kixe is talkign about somthing like this (but let's ask him to clarify...):

The code I have posted is taken from a frontend login template. The frontend has a complete suite of register, login and logout templates. I use core processes in the frontend. To prevent redirects to the backend in case of successfull login/ logout or an expired session I set login and logout URLs before I execute the Process. The customers are PW users with very limited permissions.

I gave the admin area a very strange name (default: processwire) like '6gt0klw5a14' to hide it from guests or frontend users.
You can additionally protect the login with a custom cookie or IP filter in your .htaccess file.


Calling any target in the admin area without a valid session will cause render of the Login page instead. Its not recommended to change this.

  • Like 2

Share this post


Link to post
Share on other sites

@Slav, another option is to set a redirect URL in the "Access" tab of the template that has restricted access. So if I user attempts to access a page with that template when they are not logged in (for any reason - either they logged out or their session expired) they are redirected to a page of your choosing.

2017-05-01_112745.png.b291e057204d987e39dd2f4df75357b7.png

  • Like 4

Share this post


Link to post
Share on other sites
4 hours ago, Robin S said:

@Slav, another option is to set a redirect URL

... but not in admin template. :P

  • Like 1

Share this post


Link to post
Share on other sites
On 1.5.2017 at 2:29 AM, Robin S said:

@Slav, another option is to set a redirect URL

Yeah... I would need to redirect out of the admin template... :/ 

 

On 30.4.2017 at 9:14 PM, kixe said:

The code I have posted is taken from a frontend login template.

I dont think that this is what I need... All I need is not to show the admin login page to the users (ever) if they dont use the direct link to the admin login page. So basically in frontend when users login, they can direct themselves to the admin environment page edit and when they logout from admin environment it will redirect them to frontend. So basically the admin login page is not needed (at least not needed to show to users). But the problem right now is that if user is in admin environment and is editing their page and if the session expires it redirects automatically to admin login page, but what I would need is when the session expires (in admin environment) then redirect to frontend. Usually it is possible to intercept or hook session expiration and do stuff according to that but I don't know how to do that in Processwire...

to sum it all up I need: When session expires redirect to frontend... I have an idea that I am going to try, so I will let you know if it works...

Share this post


Link to post
Share on other sites
On 30.4.2017 at 9:14 PM, kixe said:

Calling any target in the admin area without a valid session will cause render of the Login page instead. Its not recommended to change this.

@kixe Where is it rendered (what file)? I want to explore that part! Thanks!

Share this post


Link to post
Share on other sites

Ok so I managed to get the result that I was searching for! This is what I did:

In site/ready.php file I added this snippet:

wire()->addHookBefore('Page::loaded', function(HookEvent $event) {
    // Get the object the event occurred on, if needed
    $page = $event->object;
    if($page->template->name == "admin" && wire('user')->id === wire('config')->guestUserPageID){
        wire('session')->redirect(wire('pages')->get('/')->httpUrl);
    }
});

I'm not sure if it is the best way to do that, but I was unable to find a way through sessions so desided to try another approach! For me it does exactly what I needed because the website I'm working on has frontend login where you can navigate to page edit according to your permissions, so the admin login page is not necessary. Well at least that's what client wanted!

Anyway thanks guys for help!

  • Like 1

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

  • Similar Content

    • By DanielKit
      Hi. I'm currently stuck at the login page in my project. Once I enter my admin username and my password and press login, nothing happens. The page just reloads. However, the URL changes from http://myipaddress/processwire to http://myipaddress/processwire/?login=1. I've checked all of my server settings, and to my knowledge, all seems to be fine there. I don't know where to go from here.. Thanks in advance!
    • By modifiedcontent
      Small annoyance: I get a horizontal scrollbar in UIkit admin area - or actually Admin Theme Boss based on Uikit 3. I tried to fix it with CSS, but had trouble isolating/targeting it and don't want to mess with module or core files. I think this issue has been reported before. Is there a recommended fix? 
    • By codevark
      The Minimal Site works fine, but if I try to login as admin, I have no idea what the credentials are.
      I did not do the "install" process myself. The OVA came with everything set up, but there's no mention of the PW admin credentials being set to some initial value.
      Wondering if anyone else has tried the Bitnami OVA and if there's a simple answer.
      --Pete
    • By vwatson
      I don't have any fontawesome icons in the admin section. Not sure what's wrong. They used to appear. I've tried all the user profiles and they're gone in all of them.
      Using the browser inspector tool, I see this message:
      Access to font at 'https://www.domain.com/wire/templates-admin/styles/font-awesome/fonts/fontawesome-webfont.ttf?v=4.7.0' from origin 'http://domain.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
      I'm not sure why this is occurring or how to fix it. Any help would be greatly appreciated. 
    • By Andi
      Getting a little deeper into the ProcessWire state-of-mind here. I seriously think I wouldn't have come back to webdev if it wasn't for this wonderful little gem of a CMS.
      I have an "Options" field added to all users on a site. If the user has anything other then "default" selected, I would like to show a permanent message in the admin like the one in the screenshot, only so that the user can't close it. As a friendly reminder that he changed that option from default to something crazy 🙂
      I've read up on how to send messages to users, but where would I hook into to make this show up all the time in the backend?
      https://processwire.com/api/ref/wire/message/
      Thanks in advance!

×
×
  • Create New...