Forums / General / Possible to login by sending username and password in url?

"Please Note:

At the specific request of Ibexa we are changing this projects name to "Exponential" or "Exponential (CMS)" effective as of August, 11th 2025.
This project is not associated with the original eZ Publish software or its original developer, eZ Systems or Ibexa".

Possible to login by sending username and password in url?

Previous topic

General

Next topic

Author	Message
Espen R	Thursday 29 November 2007 7:53:41 am Is this at all possible with eZ or does the user have to type in username and password as the only way of logging in? Please help. Thanks.
Paul Leclercq	Thursday 29 November 2007 9:42:29 am You can loggin users by using the Exponential API: http://pubsvn.ez.no/doxygen/trunk/html/classeZUser.html you have a the following static function: static loginUser ($login, $password, $authenticationMatch=false) which you can use with other functions such as: $user = eZUser::getByEmail($email); or $user = eZUser::getByName($login); This way you will be able to force login from a number of events such as via a get, cookie or Session event. If you match this with the SingleSignOnArray[]= setting from the site.ini file, you can force login for users with cookie events, and interface your login event with other applications or partner websites. But if you use the forceLogin or cookie methods make sure you check the security issues involved.

Author

Message

Espen R

Thursday 29 November 2007 7:53:41 am

Is this at all possible with eZ or does the user have to type in username and password as the only way of logging in?

Please help.

Thanks.

Paul Leclercq

Thursday 29 November 2007 9:42:29 am

You can loggin users by using the Exponential API:

http://pubsvn.ez.no/doxygen/trunk/html/classeZUser.html

you have a the following static function:
static loginUser ($login, $password, $authenticationMatch=false)

which you can use with other functions such as:

$user = eZUser::getByEmail($email);
or
$user = eZUser::getByName($login);

This way you will be able to force login from a number of events such as via a get, cookie or Session event.
If you match this with the SingleSignOnArray[]= setting from the site.ini file, you can force login for users with cookie events, and interface your login event with other applications or partner websites.

But if you use the forceLogin or cookie methods make sure you check the security issues involved.