I'm attempting to check if the administrator is logged in from an observer. The problem is that while this is easy to do when viewing the admin module, viewing the frontend is another story.
There are several similar questions, but unfortunately none of them provide a working solution for Magento 1.6.2.
I wasn't able to successfully get isLoggedIn() to return true in the admin/session class. I also found out that there is a cookie for both frontend and adminhtml, which may help.
The accepted answer in this related question seems to suggest this may not be possible:
Magento - Checking if an Admin and a Customer are logged in
Another related question, with a solution that didn't help my specific case:
Magento : How to check if admin is logged in within a module controller?
It is possible. What you need to do is switch the session data. You can do this with the following code:
$switchSessionName = 'adminhtml';
if (!empty($_COOKIE[$switchSessionName])) {
$currentSessionId = Mage::getSingleton('core/session')->getSessionId();
$currentSessionName = Mage::getSingleton('core/session')->getSessionName();
if ($currentSessionId && $currentSessionName && isset($_COOKIE[$currentSessionName])) {
$switchSessionId = $_COOKIE[$switchSessionName];
$this->_switchSession($switchSessionName, $switchSessionId);
$whateverData = Mage::getModel('mymodule/session')->getWhateverData();
$this->_switchSession($currentSessionName, $currentSessionId);
}
}
protected function _switchSession($namespace, $id = null) {
session_write_close();
$GLOBALS['_SESSION'] = null;
$session = Mage::getSingleton('core/session');
if ($id) {
$session->setSessionId($id);
}
$session->start($namespace);
}
Late Answer but if as I found it on google:
This it not possible.
Why? Because the default session name in the frontend is frontend and the session name in the backend is admin. Because of this, the session data of the admin is not available in the frontend.
have you tried this :
Mage::getSingleton('admin/session', array('name' => 'adminhtml'))->isLoggedIn();
how about this ( I am not sure it will work or not )
require_once 'app/Mage.php';
umask(0);
$apps = Mage::app('default');
Mage::getSingleton('core/session', array('name'=>'adminhtml'));
$adminSession = Mage::getSingleton('admin/session');
$adminSession->start();
if ($adminSession->isLoggedIn()) {
// check admin
}
Related
I am working on a project which requires some manager level access to perform tasks, so when I receive a call I forcefully logging in the request as a superuser so that it will have all permissions to complete that task. For login I am using this code:
function forceLogin($superuserId)
{
$user = JFactory::getUser($superuserId);
//Will authorize you as this user.
JPluginHelper::importPlugin('user');
$options = array();
$options['action'] = 'core.login.site';
$response = new stdClass();
$response->username = $user->username;
$response->language = '';
$response->email = $user->email;
$response->password_clear = '';
$response->fullname = '';
$result = $app->triggerEvent('onUserLogin', array((array)$response, $options));
return true;
}
By this my current login user will be superuser. Now the concern is when any extension is searching for permissions, it is still getting that current session doesn't have them and so it returns false.
One of the solutions I came around is to redirect internally after login and then proceed to other tasks, in that way the system recognizes session to be availed with all permissions. For example -
I received something in getNotification()
function getNotification()
{
//from here I log in the user
$this->forceLogin($speruserId);
//and now redirect
$app = JFactory::getApplication();
$app->redirect('index.php?option=com_mycomponent&task=setNotification');
}
Now I proceed further request from setNotification()
function getNotification()
{
// do my work here
}
To be specific, the issue is arising in VirtueMart (e-commerce extension) in which I am creating a product from my call and while creating a product it checks vmAccess::manager('product.create') which is actually same as core.create of Joomla.
I think by redirecting session is being reset with current user and so it gets all permission. Can it be done without redirection? If yes, how?
So currently building an oauth2 server with:
https://github.com/lucadegasperi/oauth2-server-laravel/blob/master/docs/authorization-server/auth-code.md
Auth Grant
laravel 5.2
Now no where in the instructions does it address what to do when the user is not logged in. (which most times will be the case)
So in that scenario - the user hits the auth middleware kicking them to the login screen... but what to do after that? There is nothing passed to the login page? so how do i know where to redirect the user back to?
Now yes of course I can just do this on my own, but before I do that I just want to make sure I am not missing anything? again it was not address in the documentation, so I can only assume this was thought through?
Let me know your thoughts.
Steve
So just ended up doing a work around in my Authenticate.php file. Incase anyone else is curious I did this:
$params = [];
if($request->has('client_id'))
$params['client_id'] = $request->client_id;
if($request->has('redirect_uri'))
$params['redirect_uri'] = $request->redirect_uri;
if($request->has('response_type'))
$params['response_type'] = $request->response_type;
if($request->has('scope'))
$params['scope'] = $request->scope;
if($request->has('state'))
$params['state'] = $request->state;
return redirect()->route('login', $params);
//return redirect()->guest('login');
Passed this to my loginController. Then in loginController:
$params = [];
if($this->request->has('redirect_uri'))
$params['redirect_uri'] = $this->request->redirect_uri;
if($this->request->has('response_type'))
$params['response_type'] = $this->request->response_type;
if($this->request->has('scope'))
$params['scope'] = $this->request->scope;
if($this->request->has('state'))
$params['state'] = $this->request->state;
if($this->request->has('client_id'))
{
$params['client_id'] = $this->request->client_id;
//dd($params);
return redirect()->route('oauth.authorize.get', $params);
}
Let me know if you see any issues.
Cheers
Citti
I am developing a component that required login at some level, then if user is not logged in, I placed a login link, that take user to login page with following in query string.
return=<?php echo base64_encode($_SERVER['REQUEST_URI']);?>
After login, it comes back to that page, but is there some way to tackle this if user is not registered and user starts registering? Is there some way to do this without changing some thing in Joomla it self? like by just setting some thing in cookie e.t.c. Or I will need to change some thing in Joomla Registration component or module. Or is there some plugin for that?
Any response will be appreciated, please tell what ever way you know so that it may give me some better clue.
In your component you could try to store the referrer in the Joomla! session - I don't believe the session changes or is replaced during login. I haven't had time to try this but it should work.
To Save:
$session = JFactory::getSession();
$session->set('theReferrer', $_SERVER['HTTP_REFERER'], 'mycomponentname');
To Retrieve:
$session = JFactory::getSession();
$redirectTo = $session->get('theReferrer', '', 'mycomponentname');
Then you can just use a setRedirect before you return.
$this->setRedirect($redirectTo);
You can achieve this with a plugin (at least in Joomla 3.x - not sure how far back this will work off-hand). Key here is the onUserAfterSave event, which tells you whether the user is new or existing.
I wrote the code below some time ago, so can't recall the exact reason the redirect could not be done from within the onUserAfterSave event handler, but I think the redirect is subsequently overridden elsewhere in the core Joomla user management code if you try to do it from there, hence saving a flag in the session and checking it in a later event handler.
class PlgUserSignupRedirect extends JPlugin
{
public function onUserAfterSave($user, $isnew, $success, $msg)
{
$app = JFactory::getApplication();
// If the user isn't new we don't act
if (!$isnew) {
return false;
}
$session = JFactory::getSession();
$session->set('signupRedirect', 1);
return true;
}
function onAfterRender() {
$session = JFactory::getSession();
if ($session->get('signupRedirect')) {
JFactory::getApplication()->redirect($_SERVER['HTTP_REFERER']);
$session->clear('signupRedirect');
}
}
}
I have two forms: (login form, register form) and they submitted to my component.
Login form:
I want to check login and pass and set status to "logged" in joomla.
Register form:
I want register new user in joomla.
How to do it?
$inplogin = JRequest::getVar('inplogin');
$inppass = JRequest::getVar('inppass');
???? JFactory::login($inplogin, $inppass); ????
???? JFactory::registeruser($inplogin, $inppass); ????
???
For Login
$result = JFactory::getApplication()->login(array('username'=>$username, 'password'=>$password));
For Registration
require_once JPATH_ROOT.DS.'components'.DS.'com_users'.DS.'models'.DS.'registration.php';
$model = new UsersModelRegistration();
jimport('joomla.mail.helper');
// Attempt to save the data.
jimport('joomla.user.helper');
$username = ; //your user name here
$password = ; //your password here
$data = array( 'username'=>$email,'name'=>$email,'email1'=>$email,'password1'=>$password, 'password2'=>$password, 'block'=>1 );
$return = $model->register($data);
I don't see how this is related specifically to joomla.
you need to use the same $_SESSION variable in both cases. after you declare the variable, you can check on the beginning of your index page if this var exists (and if so, whether the credentials are correct or not). something like:
<?php
session_start();
if (!isset($_SESSION['logged']) {
header("location:login.php");
exit();
}
?>
you can use JUser::bind($userData) and JUser::save($userData) for registering the user.
Expanding upon Gaurav's answer:
If you're using just the Joomla framework and you don't have a site loaded, you will still need to initialize the site.
That said, these two lines should do the trick:
$app = JFactory::getApplication('site');
$app->initialise();
i try to get the paypal payment run in my magento 1.4 but there is a serious problem with the workflow. after i select paypal and get routed to the paypal account to send the money you normally come back automatically into the magento shop to finish the order, but in my case magento tells you there is aproblem with the adress field. paypal does'nt send the adress back to magento correctly:
Error: Please check shipping address information. Please enter last name.
is this a known bug or is there a patch or workaround?
please help!
thnx.
The error seems to be in /app/code/core/Mage/Paypal/Model/Api/Nvp.php. Looks like the vars aren't mapped well. Because I couldn't find the concrete error in this file, I did a bit dirty workaround in /app/code/core/Mage/Paypal/Model/Express/Checkout.php.
In 1.4.2 just replace the method returnFromPaypal() with the following code...
public function returnFromPaypal($token)
{
$this->_getApi();
$this->_api->setToken($token)
->callGetExpressCheckoutDetails();
// import billing address
$billingAddress = $this->_quote->getBillingAddress();
$exportedBillingAddress = $this->_api->getExportedBillingAddress();
// import shipping address
$exportedShippingAddress = $this->_api->getExportedShippingAddress();
if (!$this->_quote->getIsVirtual()) {
$shippingAddress = $this->_quote->getShippingAddress();
if ($shippingAddress) {
if ($exportedShippingAddress) {
foreach ($exportedShippingAddress->getExportedKeys() as $key) {
if('firstname' == $key || 'lastname' == $key){
continue;
} // if
$shippingAddress->setDataUsingMethod($key, $exportedShippingAddress->getData($key));
$billingAddress->setDataUsingMethod($key, $exportedShippingAddress->getData($key));
}
// Correct First- and Lastnames
list($_firstname, $_lastname) = explode(' ', $exportedShippingAddress->getData('firstname'));
$shippingAddress->setDataUsingMethod('firstname', $_firstname);
$billingAddress->setDataUsingMethod('firstname', $_firstname);
$shippingAddress->setDataUsingMethod('lastname', $_lastname);
$billingAddress->setDataUsingMethod('lastname', $_lastname);
$shippingAddress->setCollectShippingRates(true);
}
// import shipping method
$code = '';
if ($this->_api->getShippingRateCode()) {
if ($code = $this->_matchShippingMethodCode($shippingAddress, $this->_api->getShippingRateCode())) {
// possible bug of double collecting rates :-/
$shippingAddress->setShippingMethod($code)->setCollectShippingRates(true);
}
}
$this->_quote->getPayment()->setAdditionalInformation(self::PAYMENT_INFO_TRANSPORT_SHIPPING_METHOD, $code);
}
}
$this->_ignoreAddressValidation();
// import payment info
$payment = $this->_quote->getPayment();
$payment->setMethod($this->_methodType);
Mage::getSingleton('paypal/info')->importToPayment($this->_api, $payment);
$payment->setAdditionalInformation(self::PAYMENT_INFO_TRANSPORT_PAYER_ID, $this->_api->getPayerId())
->setAdditionalInformation(self::PAYMENT_INFO_TRANSPORT_TOKEN, $token)
;
$this->_quote->collectTotals()->save();
}
The modified code replaces the whole billing address with the shipping address and pushes the name given in $firstname into $firstname and $lastname.
not clean, but working. :-)
any luck finding a solution to this, I'm having the same issue.
--- update ---
I finally figured out what was happening on this one for me. I had the Custom Shipping Admin module installed and it was overriding the address controller that validates the order. I updated the overrided module to reflect the version of Magento I was on and it worked.. no problems. Hope this helps someone.