2019-01-09, 04:37 PM
Hello everybody,
I'm trying to create a plugin to login to my existing site using OAuth in password grant mode (the one that you can send username/password to the api).
My current idea is to hook the login process to instead of querying MyBB user table, to run my own procedure, and if required, add a new user to MyBB table.
Looking through the docs, I found some hooks that I believe could be used to do achieve this, these being the datahandler_login_* ones.
So I thought about using validate_start to run my own login check, but looking through MyBB code it looks like even if I do that, it will still run MyBB authentication, which would end up giving me errors.
Is there a way around this? Or am I taking the entirely wrong way?
Thanks in advance.
I managed to make it work using some tricks. If someone has a better idea I'll be glad to hear, though.
I've used PluginLibrary edit_core function, and MyBBIntegrator's createUser ( https://github.com/olada/MyBBIntegrator/...r.php#L599 )
Here is an overview of my code, you should probably check inc/datahandlers/login.php to understand the entire process:
This will disable MyBB default username/password handling, and call my_auth instead. Which is something like that:
If something goes wrong in any steps, you should use:
Hope this helps someone else
I'm trying to create a plugin to login to my existing site using OAuth in password grant mode (the one that you can send username/password to the api).
My current idea is to hook the login process to instead of querying MyBB user table, to run my own procedure, and if required, add a new user to MyBB table.
Looking through the docs, I found some hooks that I believe could be used to do achieve this, these being the datahandler_login_* ones.
So I thought about using validate_start to run my own login check, but looking through MyBB code it looks like even if I do that, it will still run MyBB authentication, which would end up giving me errors.
Is there a way around this? Or am I taking the entirely wrong way?
Thanks in advance.
I managed to make it work using some tricks. If someone has a better idea I'll be glad to hear, though.
I've used PluginLibrary edit_core function, and MyBBIntegrator's createUser ( https://github.com/olada/MyBBIntegrator/...r.php#L599 )
Here is an overview of my code, you should probably check inc/datahandlers/login.php to understand the entire process:
function myplugin_install()
{
$PL->edit_core(
'myplugin',
'inc/datahandlers/login.php', array (
array(
'search' => ['$this->verify_attempts($mybb->settings[\'captchaimage\']);', '}'],
'after' => [ 'my_auth($this, $user);', '/*' ]
),
array(
'search' => '$plugins->run_hooks(\'datahandler_login_validate_end\', $this);',
'before' => '// */' // This is actually a trick, PL uses /* */ comment to mark where changes happened
// so it actually closes our /* already, but we need some kind of edit
// in order for its close block comment to appear, so we put an empty comment.
// this block close is actually optional, but let's keep it in case something changes
// in the future
),
), true
);
}
This will disable MyBB default username/password handling, and call my_auth instead. Which is something like that:
function my_auth($loginClass, $user)
{
global $db;
// Retrieve user from my other service
// ...
// Retrieve myBB user for this user
$localUser = get_user_by_username(...);
// if not exists, create a MyBB user
// -- MyBB Integrator createUser function --
// Set MyBB user data to $loginClass, so MyBB login process will
// go on by itself from here on.
$loginClass->login_data = $result;
return true;
}
If something goes wrong in any steps, you should use:
if ($result === false) {
$loginClass->invalid_combination();
return false;
}
Hope this helps someone else