Jump to content

Recommended Posts

OAuth2Login for ProcessWire

A Module which give you ability to login an existing user using your favorite thrid-party OAuth2 provider (i.e. Facebook, GitHub, Google, LinkedIn, etc.)..
You can login from the backend to the backend directly or render a form on the frontend and redirect the user to a choosen page.
Built on top of ThePhpLeague OAuth2-Client lib.

Registration is not handled by this module but planned.

 
Howto Install

Install the module following this procedure:

 - http://modules.processwire.com/modules/oauth2-login/
 - https://github.com/flydev-fr/OAuth2Login

Next step, in order to use a provider, you need to use Composer to install each provider

ie: to install Google, open a terminal, go to your root directory of pw and type the following command-line: composer require league/oauth2-google

Tested providers/packages :

  •     Google :  league/oauth2-google
  •     Facebook: league/oauth2-facebook
  •     Github: league/oauth2-github
  •     LinkedIn: league/oauth2-linkedin


More third-party providers are available there. You should be able to add a provider by simply adding it to the JSON config file.


Howto Use It

First (and for testing purpose), you should create a new user in ProcessWire that reflect your real OAuth2 account information. The important informations are, Last Name, First Name and Email. The module will compare existing users by firstname, lastname and email; If the user match the informations, then he is logged in.

ie, if my Google fullname is John Wick, then in ProcessWire, I create a new user  Wick-John  with email  johnwick@mydomain.com

Next step, go to your favorite provider and create an app in order to get the ClientId and ClientSecret keys. Ask on the forum if you have difficulties getting there.

Once you got the keys for a provider, just paste it into the module settings and save it. One or more button should appear bellow the standard login form.

The final step is to make your JSON configuration file.

In this sample, the JSON config include all tested providers, you can of course edit it to suit your needs :

{
  "providers": {
    "google": {
      "className": "Google",
      "packageName": "league/oauth2-google",
      "helpUrl": "https://console.developers.google.com/apis/credentials"
    },
    "facebook": {
      "className": "Facebook",
      "packageName": "league/oauth2-facebook",
      "helpUrl": "https://developers.facebook.com/apps/",
      "options": {
        "graphApiVersion": "v2.10",
        "scope": "email"
      }
    },
    "github": {
      "className": "Github",
      "packageName": "league/oauth2-github",
      "helpUrl": "https://github.com/settings/developers",
      "options": {
        "scope": "user:email"
      }
    },
    "linkedin": {
      "className": "LinkedIn",
      "packageName": "league/oauth2-linkedin",
      "helpUrl": "https://www.linkedin.com/secure/developer"
    }
  }
}

 

Backend Usage

In ready.php, call the module :

if($page->template == 'admin') { 
	$oauth2mod = $modules->get('Oauth2Login'); 
	if($oauth2mod) $oauth2mod->hookBackend(); 
}

 

Frontend Usage
Small note: At this moment the render method is pretty simple. It output a InputfieldForm with InputfieldSubmit(s) into wrapped in a ul:li tag. Feedbacks and ideas welcome!

For the following example, I created a page login and a template login which contain the following code :


    <?php namespace ProcessWire;

    if(!$user->isLoggedin()) {

            $options = array(
                'buttonClass' => 'my_button_class',
                'buttonValue' => 'Login with {provider}', // {{provider}} keyword
                'prependMarkup' => '<div class="wrapper">',
                'appendMarkup' => '</div>'
            );

            $redirectUri = str_lreplace('//', '/', $config->urls->httpRoot . $page->url);

            $content = $modules->get('Oauth2Login')->config(
              array(
                  'redirect_uri' => $redirectUri,
                  'success_uri'  => $page->url
              )
          )->render($options);
    }


The custom function lstr_replace() :

/*
 *  replace the last occurence of $search by $replace in $subject
 */
function str_lreplace($search, $replace, $subject) {
	return preg_replace('~(.*)' . preg_quote($search, '~') . '~', '$1' . $replace, $subject, 1);
}

 

Screenshot

 

1.thumb.png.e40cc1303d4e404380c4883fc5758520.png

OAuth2Login_pres.thumb.gif.3c120bd397a082cd55c1545b16b0bd49.gif

2.png

  • Like 16

Share this post


Link to post
Share on other sites

The module got renamed and updated a bit as its not intended to run only on the backend, but work also on frontend side.

 

- Now, the administrator can choose to activate or not the backend login buttons.

- The providers are added "dynamically". You have to simply edit a JSON config file which once saved, will show the required fields in the module settings.

 

For example the following JSON config will only provide Google as login provider :

{
  "providers": {
    "google": {
      "className": "Google",
      "packageName": "league/oauth2-google",
      "helpUrl": "https://console.developers.google.com/apis/credentials"
    }
  }
}

 

Small note for pw users :

If like me you did not know, there is another module that manages OAuth2 authentication. Feel free to use the one which suit your needs! more info there:

 

 

@jmartsch you should create a new module thread :)

 

  • Like 5

Share this post


Link to post
Share on other sites

Hey Horst,

I think that in the time the lib was made, Twitter was still using OAuth 1.0A - but looking at their doc (twitter) OAuth2 is now supported (?), their doc also stipulate they still use OAuth 1.0A...

https://dev.twitter.com/oauth

I will look at more closely.

Edited by flydev
link
  • Like 3

Share this post


Link to post
Share on other sites

Some more precisions : We can be able to code an adapter for Twitter application-only, and this is the list of what we can do with :

  • Pull user timelines;
  • Access friends and followers of any account;
  • Access lists resources;
  • Search in Tweets;
  • Retrieve any user information;

So I must assume we can get at least the email and/or the firstname/lastname or a nickname.

@horst let me know if you will think to code something about that or I will give a try.

  • Like 1

Share this post


Link to post
Share on other sites

Many thanks @flydev , for digging deeper!

I'm currently out of resources to code something like this. Was just searching for an already available solution to login via twitter.

Registration should be done via PW only, where the PW username is set to the twitter username.
(Frontend)-Login then should be done via Twitter only.

So, if we would be able to retrieve the email address too, it would be more than I currently need. :)

  • Like 1

Share this post


Link to post
Share on other sites

I quite played with their API (i am talking about Twitter here), its absolutely not possible to retrieve private information with the OAuth2 protocol (still waiting a confirmation on the twittercommunity) but no big hope here. We are forced to use the OAuth 1.a protocol for those sensible datas.

So, there I come with two propositions. I can make an exception and integrate Twitter and OAuth-1.a in this module or I publish a standalone module for Twitter login.

What do you think, a suggestion ?

  • Like 2

Share this post


Link to post
Share on other sites

@flydev: Really I'm not feeling in the right position to give suggestions here. I appreciate all the work and recherche you do here, so you should decide what is lesser work or fits better for you, for what ever reason. - If, at the end, a solution is available that let people login with their twitter account, it would be really great and is much more than there is atm. :-)

  • Like 3

Share this post


Link to post
Share on other sites

Hi @flydev ! Great plugin, works mostly like a charm! ;)

I had 2 issues tough:

1. with google, matching first- and last-name and usernames does not work with our setup (special chars in names that are not reflected in the username etc). I think, this makes the plugin somewhat unflexible. Would be great to have the option configure the matching, or at least an option to only match the users mail (checkbox in the backend). I just saw the "options" "scope" settings in your github json and wonder if this is already implemented but not documented?

2. We run our new page in a subdirectory and the redirect url is wrong (this is more of a process-wire issue since its not easy to get the absolute urls from the api) this results in path being present twice in the redirect url:

Problem: urls()->root + urls()->admin = //domain.com/path/ + /path/admin/ > //domain.com/path/path/admin/

This  solution would be the following:

// inside init()
$this->backendUrl = pages()->get('path="'.str_replace(urls()->root, '', urls()->admin).'", include=all')->httpUrl;

 

Keep up the great work!

  • Like 3

Share this post


Link to post
Share on other sites

@noelboss hey, glad you like it.  Thanks for the fix ! I will merge your PR today.

 

About the issue #1, I will try to implement it the next week-end. Lacking time here.

For the Github scope option, I also need to make it more flexible. The thing is that with Github, if we don't specify the scope, we can only get a public email, and only if the user has set his email "public", which by default is set to hidden, so its impossible to use email address to identify users, and I assume that most users don't want to set their email public..

And about the issue you posted on Github, I think I have already made this modification on my local dev module. I will check that at the same time as the "firstname/lastname" order issue.

  • Thanks 1

Share this post


Link to post
Share on other sites

the moment I copy these lines

if($page->template == 'admin') {
    $oauth2mod = $modules->get('Oauth2Login');
    if($oauth2mod)
        $oauth2mod->hookBackend();
}

on ready.php I am getting this error


Fatal error: Uncaught Error: Call to undefined function ProcessWire\urls() in C:\xampp\htdocs\Yush\wos\site\modules\Oauth2Login\Oauth2Login.module:72 Stack trace: #0 C:\xampp\htdocs\Yush\wos\wire\core\Modules.php(607): ProcessWire\Oauth2Login->init() #1 C:\xampp\htdocs\Yush\wos\wire\core\Modules.php(1288): ProcessWire\Modules->initModule(Object(ProcessWire\Oauth2Login), Array) #2 C:\xampp\htdocs\Yush\wos\wire\core\Modules.php(1145): ProcessWire\Modules->getModule('Oauth2Login') #3 C:\xampp\htdocs\Yush\wos\site\ready.php(13): ProcessWire\Modules->get('Oauth2Login') #4 C:\xampp\htdocs\Yush\wos\wire\core\ProcessWire.php(581): include('C:\\xampp\\htdocs...') #5 C:\xampp\htdocs\Yush\wos\wire\core\ProcessWire.php(479): ProcessWire\ProcessWire->includeFile('C:/xampp/htdocs...') #6 C:\xampp\htdocs\Yush\wos\wire\modules\Process\ProcessPageView.module(246): ProcessWire\ProcessWire->setStatus(4) #7 C:\xampp\htdocs\Yush\wos\wire\core\Wire.php(380): ProcessWire\ProcessPageView->___ready() #8 C:\xampp\htdocs\Yush\wos\wire\core\WireHook in C:\xampp\htdocs\Yush\wos\site\modules\Oauth2Login\Oauth2Login.module on line 72
Error: Uncaught Error: Call to undefined function ProcessWire\urls() in C:\xampp\htdocs\Yush\wos\site\modules\Oauth2Login\Oauth2Login.module:72
Stack trace:
#0 C:\xampp\htdocs\Yush\wos\wire\core\Modules.php(607): ProcessWire\Oauth2Login->init()
#1 C:\xampp\htdocs\Yush\wos\wire\core\Modules.php(1288): ProcessWire\Modules->initModule(Object(ProcessWire\Oauth2Login), Array)
#2 C:\xampp\htdocs\Yush\wos\wire\core\Modules.php(1145): ProcessWire\Modules->getModule('Oauth2Login')
#3 C:\xampp\htdocs\Yush\wos\site\ready.php(13): ProcessWire\Modules->get('Oauth2Login')
#4 C:\xampp\htdocs\Yush\wos\wire\core\ProcessWire.php(581): include('C:\\xampp\\htdocs...')
#5 C:\xampp\htdocs\Yush\wos\wire\core\ProcessWire.php(479): ProcessWire\ProcessWire->includeFile('C:/xampp/htdocs...')
#6 C:\xampp\htdocs\Yush\wos\wire\modules\Process\ProcessPageView.module(246): ProcessWire\ProcessWire->setStatus(4)
#7 C:\xampp\htdocs\Yush\wos\wire\core\Wire.php(380): ProcessWire\ProcessPageView->___ready()
#8 C:\xampp\htdocs\Yush\wos\wire\core\WireHook (line 72 of C:\xampp\htdocs\Yush\wos\site\modules\Oauth2Login\Oauth2Login.module) 

This error message was shown because: site is in debug mode. ($config->debug = true; => /site/config.php). Error has been logged.

 

 

  • Thanks 1

Share this post


Link to post
Share on other sites
3 hours ago, flydev said:

@rareyush I fixed the module, let me know if it works ✌️

I am getting options for outh option of google facebook, linkedin but still I am getting this error when I created a new template just to login

 

 

Error: Uncaught Error: Call to undefined function ProcessWire\str_lreplace() in C:\xampp\htdocs\Yush\wos\site\templates\Login.php:12
Stack trace:
#0 C:\xampp\htdocs\Yush\wos\wire\core\TemplateFile.php(287): require()
#1 C:\xampp\htdocs\Yush\wos\wire\core\Wire.php(380): ProcessWire\TemplateFile->___render()
#2 C:\xampp\htdocs\Yush\wos\wire\core\WireHooks.php(723): ProcessWire\Wire->_callMethod('___render', Array)
#3 C:\xampp\htdocs\Yush\wos\wire\core\Wire.php(442): ProcessWire\WireHooks->runHooks(Object(ProcessWire\TemplateFile), 'render', Array)
#4 C:\xampp\htdocs\Yush\wos\wire\modules\PageRender.module(514): ProcessWire\Wire->__call('render', Array)
#5 C:\xampp\htdocs\Yush\wos\wire\core\Wire.php(383): ProcessWire\PageRender->___renderPage(Object(ProcessWire\HookEvent))
#6 C:\xampp\htdocs\Yush\wos\wire\core\WireHooks.php(723): ProcessWire\Wire->_callMethod('___renderPage', Array)
#7 C:\xampp\htdocs\Yush\wos\wire\core\Wire.php(442): ProcessWire\WireHooks->runHooks(Object(ProcessWire\PageRender), 'renderPage', Array)
(line 12 of C:\xampp\htdocs\Yush\wos\site\templates\Login.php) 

This error message was shown because: site is in debug mode. ($config->debug = true; => /site/config.php). Error has been logged.

I used the code this code

 <?php namespace ProcessWire;

	if(!$user->isLoggedin()) {

		    $options = array(
		        'buttonClass' => 'my_button_class',
		        'buttonValue' => 'Login with {provider}', // {{provider}} keyword
		        'prependMarkup' => '<div class="wrapper">',
		        'appendMarkup' => '</div>'
		    );

		    $redirectUri = str_lreplace('//', '/', $config->urls->httpRoot . $page->url);

		    $content = $modules->get('Oauth2Login')->config(
	          array(
	              'redirect_uri' => $redirectUri,
	              'success_uri'  => $page->url
	          )
	      )->render($options);
	}

 

Share this post


Link to post
Share on other sites

@rareyush  sorry, its a custom function, you can copy paste the code in _func.php or where you want :

 

/*
 *  replace the last occurence of $search by $replace in $subject
 */
function str_lreplace($search, $replace, $subject) {
	return preg_replace('~(.*)' . preg_quote($search, '~') . '~', '$1' . $replace, $subject, 1);
}

 

  • Like 1

Share this post


Link to post
Share on other sites
Can't Load URL: The domain of this URL isn't included in the app's domains. To be able to load this URL, add all domains and subdomains of your app to the App Domains field in your app settings.

having this issue I guess it's related to facebook api

Share this post


Link to post
Share on other sites

Its one of the new Facebook security things yes. Please have a read to this article and  please don't slap me with a large trout, its a WP oriented blog ! 😅

https://wp-native-articles.com/blog/news/how-to-fix-facebook-apps-error-cant-load-url-domain-url-isnt-included-apps-domains/

 

Quote

Facebook has been aggressively tightening security. Any new Facebook Login Apps create AFTER the beginning of March 2018 now have Use Strict Mode for Redirect URIs and Enforce HTTPS enabled by default and can no longer be disabled.

 

  • Like 1

Share this post


Link to post
Share on other sites
4 hours ago, flydev said:

Its one of the new Facebook security things yes. Please have a read to this article and  please don't slap me with a large trout, its a WP oriented blog ! 😅

https://wp-native-articles.com/blog/news/how-to-fix-facebook-apps-error-cant-load-url-domain-url-isnt-included-apps-domains/

 

 

from march 2018 

"Use Strict Mode for Redirect URIs" is is enable for everyone and you just can't disable it 

  • Like 1

Share this post


Link to post
Share on other sites

Hi @quickjeff

It should work out of the box. Just put the code after the LoginRegister execute() function call, done.

 

9 hours ago, quickjeff said:

Or do you suggest not using it together? 


Nope, no reason 🙂

  • Like 1

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.

  • Similar Content

    • By Mike Rockett
      Jumplinks for ProcessWire
      Release: 1.5.56
      Composer: rockett/jumplinks
      Jumplinks is an enhanced version of the original ProcessRedirects by Antti Peisa.
      The Process module manages your permanent and temporary redirects (we'll call these "jumplinks" from now on, unless in reference to redirects from another module), useful for when you're migrating over to ProcessWire from another system/platform. Each jumplink supports wildcards, shortening the time needed to create them.
      Unlike similar modules for other platforms, wildcards in Jumplinks are much easier to work with, as Regular Expressions are not fully exposed. Instead, parameters wrapped in curly braces are used - these are described in the documentation.
      Under Development: 2.0, to be powered by FastRoute
      As of version 1.5.0, Jumplinks requires at least ProcessWire 2.6.1 to run.
      View on GitLab
      Download via the Modules Directory
      Read the docs
      Features
      The most prominent features include:
      Basic jumplinks (from one fixed route to another) Parameter-based wildcards with "Smart" equivalents Mapping Collections (for converting ID-based routes to their named-equivalents without the need to create multiple jumplinks) Destination Selectors (for finding and redirecting to pages containing legacy location information) Timed Activation (activate and/or deactivate jumplinks at specific times) 404-Monitor (for creating jumplinks based on 404 hits) Additionally, the following features may come in handy:
      Stale jumplink management Legacy domain support for slow migrations An importer (from CSV or ProcessRedirects) Feedback & Feature Requests
      I’d love to know what you think of this module. Please provide some feedback on the module as a whole, or even regarding smaller things that make it whole. Also, please feel free to submit feature requests and their use-cases.
      Note: Features requested so far have been added to the to-do list, and will be added to 2.0, and not the current dev/master branches.
      Open Source

      Jumplinks is an open-source project, and is free to use. In fact, Jumplinks will always be open-source, and will always remain free to use. Forever. If you would like to support the development of Jumplinks, please consider making a small donation via PayPal.
      Enjoy! :)
    • By BitPoet
      As threatened in Ryan's announcement for 3.0.139, I built a little module for sliding toggles as a replacement for checkboxes. Styling of the input is CSS3 only (with all the usual caveats about older browsers), no JS necessary, and may still be a bit "rough around the edges", so to speak, since I didn't have much time for testing on different devices or brushing things up enough so I'd feel comfortable pushing it to the module directory. But here's the link to the GitHub repo for now:
      InputfieldSlideToggle
      Fieldtype and Inputfield that implements smartphone-style toggles as replacement for checkbox inputs. The visualization is CSS-only, no additional JS necessary.
      Status
      Still very alpha, use with caution!
      Features / Field Settings
      Size
      You can render the toggles in four different sizes: small, medium, large and extra large.
      Off Color
      Currently, "unchecked" toggles can be displayed either in grey (default) or red.
      On Color
      "Checked" toggles can be rendered in one of these colors: blue (default), black, green, grey, orange or red.
      Screenshots

      Some examples with checkbox label


      View all Size and Color Combinations
      Small toggles Medium toggles Big toggles Extra big toggles  









    • By Anton
      Hi there,
      I'm working with Processwire 3. Before summer I had issues to load to my backend. I finally managed to connect thanks to this : 
      $admin = wire('users')->get('admin');
      $admin->setOutputFormatting(false);
      $admin->set('pass', 'yo12345ZZ')
      $admin->save('pass');
      But later, the problem evolved: when I logged in to the site, the login page redirected me to the home. I didn't find any information about it on the web.
      But recently, the redirection has changed, now it is the login page that reloads when you connect. 
      I don't know where to start to fix this. It looks like sorcery.
      Thank you for all the help you can give me.
       
    • By Orkun
      Hi Guys
      I needed to add extended functionalities for the InputfieldDatetime Module (module is from processwire version 2.7.3) because of a Request of Customer.
      So I duplicated the module and placed it under /site/modules/.
      I have added 3 new Settings to the InputfieldDatetime Module.
      1. Day Restriction - Restrict different days based on weekdays selection (e.g. saturday, sunday) - WORKING

       
      2. Time Slots - Define Time slots based on custom Integer Value (max is 60 for 1 hour) - WORKING

       
      3. Time Range Rules per Weekday - Define a minTime and MaxTime per Weekday (e.g. Opening Hours of a Restaurant) - NOT WORKING PROPERLY

       
      The Problem
      Time Slots and Day Restriction working fine so far. But the Time Range Rules per Weekday doesn't work right.
      What should happen is, that when you click on a date, it should update the minTime and maxTime of the Time Select.
      But the change on the select only happens if you select a date 2 times or when you select a date 1 time and then close the datepicker and reopen it again.
      The time select doesn't get change when you select a date 1 time and don't close the picker.
      Here is the whole extended InputfieldDatetime Module.
      The Files that I have changed:
      InputfieldDatetime.module InputfieldDatetime.js jquery-ui-timepicker-addon.js (https://trentrichardson.com/examples/timepicker/) - updated it to the newest version, because minTime and maxTime Option was only available in the new version  
      Thats the Part of the JS that is not working correctly:
      if(datetimerules && datetimerules.length){ options.onSelect = function(date, inst) { var day = $(this).datetimepicker("getDate").getDay(); day = day.toString(); var mintime = $(this).attr('data-weekday'+day+'-mintime'); var maxtime = $(this).attr('data-weekday'+day+'-maxtime'); console.log("weekday: "+day); console.log("minTime: "+mintime); console.log("maxTime: "+maxtime); var optionsAll = $(this).datetimepicker( "option", "all" ); optionsAll.minTime = mintime; optionsAll.maxTime = maxtime; $(this).datetimepicker('destroy'); $(this).datetimepicker(optionsAll); $(this).datetimepicker('refresh'); //$.datepicker._selectDate($(this).attr("id"),date); //$.datepicker._base_getDateDatepicker(); // var inst = $.datepicker._getInst($(this)); // $.datepicker._updateDatepicker(inst); /*$(this).datetimepicker('destroy'); InputfieldDatetimeDatepicker($(this), mintime, maxtime); $(this).datetimepicker('refresh'); */ // $(this).datetimepicker('option', {minTime: mintime, maxTime: maxtime}); } } Can you have a look and find out what the Problem is?
      InputfieldDatetime.zip
       
      Kind Regards
      Orkun
    • By teppo
      This module tracks changes, additions, removals etc. of public (as in "not under admin") pages of your site. Like it's name says, it doesn't attempt to be a version control system or anything like that - just a log of what's happened.
      At the moment it's still a work in progress and will most likely be a victim of many ruthless this-won't-work-let's-try-that-instead cycles, but I believe I've nailed basic functionality well enough to post it here.. so, once again, I'll be happy to hear any comments you folks can provide
      https://modules.processwire.com/modules/process-changelog/
      https://github.com/teppokoivula/ProcessChangelog
      How does it work?
      Exactly like it's (sort of) predecessor, Process Changelog actually consists of two modules: Process Changelog and Process Changelog Hooks. Hooks module exists only to serve main module by hooking into various functions within Pages class, collecting data of performed operations, refining it and keeping up a log of events in it's own custom database table (process_changelog.) Visible part is managed by Process Changelog, which provides users a (relatively) pretty view of the contents of said log table.
      How do you use it?
      When installed this module adds new page called Changelog under Admin > Setup which provides you with a table view of collected data and basic filtering tools See attached screenshots to get a general idea about what that page should look like after a while.
      For detailed installation instructions etc. see README.md.
       


×
×
  • Create New...