Loggin a user in programmaticaly

This forum is only for questions or discussions about working with the mojoPortal source code in Visual Studio, obtaining the source code from the repository, developing custom features, etc. If your question is not along these lines this is not the right forum. Please try to post your question in the appropriate forum.

Please do not post questions about design, CSS, or skinning here. Use the Help With Skins Forum for those questions.

This forum is for discussing mojoPortal development

You can monitor commits to the repository from this page. We also recommend developers to subscribe to email notifications in the developer forum as occasionally important things are announced.

Before posting questions here you might want to review the developer documentation.

Do not post questions about design, CSS, or skinning here. Use the Help With Skins Forum for those questions.

This thread is closed to new posts. You must sign in to post in the forums.

5/29/2008 7:42:24 AM

keef666

Total Posts 5

View Posts

Loggin a user in programmaticaly

hiya!

i'm trying to automatically log-in users from an external site into a instance of mojoportal... i figured the easiest way to do it was to pass in the mojo userId from the original site in the request argumants to a custom page on the portal .. then let that page log-in the user programmatically...

after hours of trying i've finally given up and resorted to the discussion board...

here's some of the code i'm trying it with...
userId is set from the request string.. then...

// get the user from the id
SiteUser user = new SiteUser(CacheHelper.GetCurrentSiteSettings(), userId);
// log them in
SiteUser.Login(CacheHelper.GetCurrentSiteSettings(), user.LoginName, user.Password);

obviously i'm missing something...

any ideas how to log the user in programmatically with just the userId? thanks a bunch!

5/29/2008 7:57:23 AM

keef666

Total Posts 5

View Posts

Re: Loggin a user in programmaticaly

oh.. and i probably should mention.. both those lines of code are working.. and finding the correct user... it's just that the user isn't logged in after i redirect! thanks

5/29/2008 8:03:10 AM

Joe Audette

Total Posts 18439

View Posts

Re: Loggin a user in programmaticaly

Hi,

SiteUser.Login is just a boolean function for validating login credentials so looking up valid credentials and passing them to that function is useless.

Logging in is a matter of setting a cookie. You should google for FormsAuthentication.SetAuthCookie and FormsAuthentication.RedirectFromLogin to learn how to set a login cookie.

However, what you are doing sounds like pretty much bypassing any real security and making it completely insecure with only some illusion of security. If you create a page where all one has to do is pass in a username it it logs you in as that user that means any user who knows about it can pass in someone else's username and login as that user without knowing the password. Sounds like a very bad plan to me.

Joe

5/30/2008 2:55:05 AM

keef666

Total Posts 5

View Posts

Re: Loggin a user in programmaticaly

Hi Joe..

thanks so much for your reply! ha ha .. yea.. you're right.. it's pretty dodgy... i'd love to do it better but i can't work out a better way

i am encrypting the id and the data really isn't something that i care about keeping too secure though...

does anyone know a better way to automatically log someone in to mojo externally? The mojo site is in a subdomain, so i could potentially set the cookie from the main site... but that would make testing a nightmare... any other ideas?

ta k

5/31/2008 7:39:05 AM

Joe Audette

Total Posts 18439

View Posts

Re: Loggin a user in programmaticaly

If you can read the cookie from the other site (which may be psossible if boths sites are in the same domain) and use that as a basis for logging in automatically on the mojoPortal site it will be somehwat better than passing the user in a query string param.

Joe

You must sign in to post in the forums. This thread is closed to new posts.