<<

NAME

MT::Auth

DESCRIPTION

CREATING AN AUTHENTICATION MODULE

METHODS

MT::Auth->invalidate_credentials(\%context)

A routine responsible for clearing the active logged-in user. Some authentication modules may take advantage of this time to redirect the user or synchronize other operations at this time.

MT::Auth->is_valid_password($author, $password, $crypted, \$error_ref)

A routine that determines whether the given password is valid for the author object supplied. If the password is already processed by the 'crypt' function, the third parameter here will be positive. The \$error_ref is a reference to a scalar variable for storing any error message to be returned to the application. The routine itself should return 1 for a valid password, 0 or undef for an invalid one.

MT::Auth->fetch_credentials(\%context)

A routine that gathers login credentials from the active request and returns key elements in a hashref. The hashref should contain any of the following applicable key fields:

  • app - The handle to the active application.
  • username - The username of the active user.
  • password - The user's password.
  • session_id - If a session-based authenication is taking place, store the session id with this key.
  • permanent - A flag that identifies whether or not the credentials should be indefinitely cached.

MT::Auth->delegate_auth

A boolean flag that identifies whether this authentication module provides a delegate authentication system. This would be the case where MT itself does not ask for authentication information, but instead defers to another web service or protocol. Typically, a delegated authentication also involves using request redirects to the authentication service when necessary.

MT::Auth->password_exists

A boolean flag that identifies whether this authentication module utilizes a password or not (that is, whether one is required for an account and stored with the user profile).

MT::Auth->validate_credentials(\%context)

A routine that takes the context returned by the 'fetch_credentials' method and determines if they are valid or not. It is also responsible for assigning the active user if the credentials are correct.

MT::Auth->can_logout

A boolean flag that identifies whether this authentication module allows for a 'Logout' link and logout mechanism within the application interface.

MT::Auth->login_form

A method that returns a snippet of HTML code for displaying the necessary fields for logging into the MT application.

MT::Auth->sanity_check

A method used by the MT application to determine if the form data provided for creating a new user is valid or not.

MT::Auth->is_profile_needed

A boolean flag that identifies whether this authentication module expects the local management of the user's profile.

MT::Auth->can_recover_password

A boolean flag that identifies whether this authentication module provides a password recovery function. This is only valid when passwords are locally stored and managed.

MT::Auth->new_user

A method used in the login attempt to give chance to each authentication layer to process the user who is going to be created upon loggin in for the first time. The method must return boolean value indicating whether or not the method actually saved the new user to the database or not.

MT::Auth->new_login

A method used in the login attempt to give chance to each authentication layer to process the existing user logging in.

AUTHOR & COPYRIGHT

Please see "AUTHOR & COPYRIGHT" in MT.

<<