Chris89 Posted June 11, 2020 Posted June 11, 2020 This is a continuation of this topic: What I'd like to do here is integrate the authentication from IPB to my own website, so that i.e. when a user logs into my IPB forum they are also logged in on my own site... so that I can display things on my own website depending on whether they are a guest/logged in user, admin, etc. for example. This isn't login forms on my site, but integrating the whole website with IPB. I was initially told that in my above topic I could include the init.php page and this would allow me to use the framework, but I contacted support who at first wouldn't even speak to me unless I renewed my license, so I renewed my license to get the help I needed and they basically threw it back in my face saying they couldn't (or wouldn't) help me. All I want to be able to do is be able to extend the functionality of the forum to work on my website as well. I've taken a look in the developer section and there's virtually nothing in it other than creating new plugins or apps for the forum. I doubt I'm the first person who is having this issue, I'd be grateful if someone could point me in the right direction. I'm not asking anyone to do anything for me, just first of all, whether what I'm wanting to do is actually possible so I don't waste more time/money on this if it isn't, & secondly maybe point me in the right direction a bit as to how to include & use IPB functions etc on my own pages. Thank you
Chris89 Posted June 12, 2020 Author Posted June 12, 2020 So I managed to get this working yesterday, but I returned today and it's throwing the same error that I originally got. Every time I load the page I'm getting a load of different numbers which looks like some kind of hash, probably a session ID. It changes on every page load. This is an example: 010e622493ff272b02e786c86ba7c990 This is the code I'm using, virtually exactly as it is in the docs: <?php define('IPS_ROOT', __DIR__.'/include/subdomains/community/'); require IPS_ROOT.'init.php'; \IPS\Session\Front::i(); echo \IPS\Member::loggedIn()->name; For some reason it seems to think I'm a guest, even though I AM logged in on the forum. I've even refreshed the page in the forum to make sure the session is still valid, but it's showing me the same result. Any idea why this might be happening?
Eudemon Posted June 12, 2020 Posted June 12, 2020 are both of your site under same domain / subdomain?
Chris89 Posted June 12, 2020 Author Posted June 12, 2020 When I do this for real, my site will be on the domain and my forum will be under the subdomain. But at the moment I'm running both locally, so yeah they're both on the same domain.
Eudemon Posted June 12, 2020 Posted June 12, 2020 I think you might have problem with session if you use subdomain, or maybe you can wildcard it at some point I was thinking about hooking a laravel installation to IPS, but I haven't done it yet so i won't be much help atm
Chris89 Posted June 12, 2020 Author Posted June 12, 2020 Thanks for your reply. I honestly have no idea why this is happening but it's also happening with other things, such as when I try to request data using methods such as this: \IPS\Request::i()->app Even when I use an 'app' query string in the URL, it's returning NULL when I var_dump it. Yet other methods, such as when I try getting the current URL (\IPS\Request::i()->url()) actually bring back a result. Confusing is an understatement. Clearly IPS aren't going to help me so I'll try for a little longer and if I still can't get anywhere I think I'll just give up on it all. Thank you for your help.
Daniel F Posted June 12, 2020 Posted June 12, 2020 Well, looking at the code you're using which is clearly out of our framework( AKA it's not going to use an IPS app) , I'm not sure what you're expecting to get returned from : \IPS\Request::i()->app. It's clearly not an app;) But if everything else (the constats) is set correct at least the session should work. <?php define('IPS_ROOT', __DIR__.'/include/subdomains/community/'); require IPS_ROOT.'init.php'; \IPS\Session\Front::i(); echo \IPS\Member::loggedIn()->name; Chris89 1
jesuralem Posted June 12, 2020 Posted June 12, 2020 You should have a look at the ips cookie domain setting. Chris89 1
Chris89 Posted June 13, 2020 Author Posted June 13, 2020 (edited) Thanks guys for all your help. For some incredibly bizarre reason, I managed to get it working again. I have no idea how, I started in a fresh file, with exactly the same code and it worked. 20 hours ago, Daniel F said: Well, looking at the code you're using which is clearly out of our framework( AKA it's not going to use an IPS app) , I'm not sure what you're expecting to get returned from : \IPS\Request::i()->app. The reason I'm using app is because I use an MVC setup on my own site, and app is one of the parameters I use as well. I just wanted to make sure I could get something from it. I've started my integration and I've gotten myself to a point where I need to check if a user is a guest or not..... I'm checking like this: if (\IPS\Member::loggedIn()->member_id) { $links['profile'] = \IPS\Member::loggedIn()->url(); if (!\IPS\Member::loggedIn()->members_disable_pm) $links['inbox'] = \IPS\Http\Url::internal('app=core&module=messaging&controller=messenger', 'front', 'messaging'); $links['logout'] = \IPS\Http\Url::internal('app=core&module=system&controller=login&do=logout', 'front', 'logout')->csrf(); } else { $links['login'] = \IPS\Http\Url::internal('app=core&module=system&controller=login', 'front', 'login'); $links['register'] = \IPS\Http\Url::internal('app=core&module=system&controller=register', 'front', 'register'); } There are two things I've noticed from this- the first and most important one, is that regardless of whether the user is a guest or not, it's always triggering the first condition. I've checked both output and when I'm logged in the 'member_id' of the user returns 1, and when I'm not it returns null. I've even tried reversing the condition to check if they ARE a guest, but it's still happening. I have no idea why this is happening, but I can only assume I'm missing code somehow. This also follows some weird glitchy behaviour where if I visit my site before I visit my forum (and I'm logged in), then the site doesn't necessarily always detect I'm logged in unless I go to the forum first. This isn't always the case but does happen sometimes. It makes me wonder whether there's some kind of code for updating the online list or something that I'm missing. I would also have actually done a full check on the PM link to make sure that uers could use that application as well, but it won't let me saying that it's not a subclass of Dispatcher. That's not really a big deal in the grand scheme of things as I've just missed that part of the condition out, but it is an error that keeps coming back on different things. Also thanks for the tip about the IPS Cookie settings @jesuralem - I think that will come in useful. Edited June 13, 2020 by Chris89
Chris89 Posted June 14, 2020 Author Posted June 14, 2020 I've managed to fix the problem with the if statements always triggering. Turns out it was a template error (I'm using Twig) so this is triggering fine now. However, I have included a custom login form on the sidebar of my site, which I'd like to integrate with IPS.... I've so far managed to get it to post the login data to the IPS login page and it will succesfully log the user in. Although when it comes to the redirect, it's redirecting back to the forum, rather than my site. I've included the 'ref' query string argument with a base64 encoded URL of where the user currently is on my site. This is used as follows: \IPS\Http\Url::internal('app=core&module=system&controller=login', 'front', 'login')->setQueryString('ref', base64_encode(\IPS\Request::i()->url())); I've taken a look at the IPS code to see why this might be the case, and I've noticed this particular block in the 'manage' method of the login page: if ( $success = $login->authenticate() ) { if ( $ref and $ref = @base64_decode( $ref ) ) { try { $ref = \IPS\Http\Url::createFromString( $ref ); if ( !( $ref instanceof \IPS\Http\Url\Internal ) or $ref->base !== 'front' or $ref->openRedirect() ) { throw new \Exception; } } catch ( \Exception $e ) { $ref = \IPS\Http\Url::internal(''); } } else { $ref = \IPS\Http\Url::internal(''); } if ( $success->mfa() ) { $_SESSION['processing2FA'] = array( 'memberId' => $success->member->member_id, 'anonymous' => $success->anonymous, 'remember' => $success->rememberMe, 'destination' => (string) $ref, 'handler' => $success->handler->id ); \IPS\Output::i()->redirect( $ref->setQueryString( '_mfaLogin', 1 ) ); } $success->process(); \IPS\Output::i()->redirect( $ref->setQueryString( '_fromLogin', 1 ) ); } The way I read this, it's trying to get my URL but only seems to want to work if it's an internal URL. It's triggering the exception, & then setting the URL back to the default all of the time. Now I'm not denying there are security issues involved here, but is it actually possible to redirect back to my own site after login/logout?
Recommended Posts