login with users form external DB

[Manol]

Any idea where to start? 

A client has a database from a intranet with users and passwords, I have to create a webpage ( of course PW ), I have got a script that checks if the user is valid in the intranet how can I use those results in pw as if they where real users in processwire?

[horst]

Hi Manol,

assuming you build a login page (frontend) in PW and ask for username and pass. Send it with your script to custom intranet DB, if result is true (valid user) you now can check if user already exists in PW, and if yes, select him.

$users->setCurrentUser($users->get('username'));

otherwise you can create him via API.

I would handle all stuff in that login page.

[Manol]

Vielen Dank for the quick response Horst.

    The problem is that in that case I can't duplicate users they should exist just in the intranet and act as if they where in pw.

[horst]

Just some thoughts:

- but why can't they be real PW-users too?

- You can create a specific role for them if you have other users (that not belong to the intranet) too.

- You may create only one real user in PW, e.g. called 'intranet', and if the intranet-script returns valid user, you load/select this dummy-user. The real username you can store in $session.

At least you are a bit rare with informations what the users should / need to do in PW,   need they to be unique, do they need different roles / rights, or what else?

[Manol]

This web is for a college, so people are already registered in the intranet, they are allowed to do some tasks there.

People that are already members of the college will have access to some parts of the web that regular visitors don't. The college doesn't want to have member information duplicated in the intranet and web at the same time.

But maybe is not a bad idea to sync users between pw and the intranet, or even what you point here:

- You may create only one real user in PW, e.g. called 'intranet', and if the intranet-script returns valid user, you load/select this dummy-user. The real username you can store in $session.

[Pete]

I've done what horst suggested before to be honest - you don't have to worry too much about the headaches of duplicate data as all you're doing is creating a dummy PW user account and the way I did it was have one extra integer field in the PW user template to store the ID of the website account - simple as that

You could then take that further if different user groups from the intranet system have different access rights on the website.

I would personally make it do some checks during PW login so that:

• If someone enters a username and password, it checks the intranet DB and if it finds the details there but on in PW then create an account
• If someone is in the intranet DB but is now a disabled account, disable them in PW (unpublish)
• If their email has changed in the intranet DB, change their PW email address
• Definitely do the same with password

Basically you're always authenticating against the intranet database first, and you can take it further by mapping different user groups or more as you see fit.

It's the only way I'm slowly able to migrate sections of a large intranet I custom-coded several years ago to ProcessWire - so I can regain my sanity and roll out new features in a fraction of the time

[Manol]

I'll take your advice and follow your approach  Pete , hopefully in a couple days I can tell you my experience with that, thank you Pete and Horst.