We launched new forums in March 2019—join us there. In a hurry for help with your website? Get Help Now!
MODX Community Forums Archive

Admin login as a registered user.

    • 18780
    • 11 Posts
    maxjo Reply #1, 7 years, 10 months ago
    Hi,

    As an administrator I want to login (frontend) as one of the registered users.
    For example with the username and a global or admin password.
    Is this in one way or another possible?

    Modx Rev.


    gr
    Maxjo
      • 46886
      • 1,154 Posts
      nuan88 Reply #2, 7 years, 10 months ago
      In my experience backend and front end are totally separate, so yes you can. The admin is backend only because you haven't (usually) put that account into the user group (frontend) you made/will make.

      So if you want your admin account to be front end as well as backend, just add it to the front end user group. With my forum, I have to login twice which is a bit of a pain, even logged in on the backend I will still need to login on the front end.

      And if you just want to login to the front end as a regular user, still while logged in as admin on the backend, that should be fine too.

      Hope that's clear, let us know if you find some problem.
        • 18780
        • 11 Posts
        maxjo Reply #3, 7 years, 10 months ago
        Thanks for your answer. But I was not clear enough, sorry.


        Say, there are 10 users registered: I would like to login with there username combined with one global password wich will work for all the registered user accounts in the system.

        This is for testing and checking some user-related data as if that user was logged in (frontend).

        gr Max
          • 3749
          • 24,544 Posts
          BobRay Reply #4, 7 years, 10 months ago
          There's no way to do that without knowing their passwords (short of hacking the Login code or the MODX core code).

          You can create extra users with the same rights as your users and log in as them, though. Be sure you're not logged into the Manager at the same time (even in another browser window).
            Did I help you? Buy me a beer
            Get my Book: MODX:The Official Guide
            MODX info for everyone: http://bobsguides.com/modx.html
            My MODX Extras
            Bob's Guides is now hosted at A2 MODX Hosting
            • 18780
            • 11 Posts
            maxjo Reply #5, 7 years, 10 months ago
            Thanks. Tried to modify moduser.class.php (line 233 a.s.o.) but it doesn't work. 

            public function passwordMatches($password, array $options = array()) {
        $match = false;
        if ($this->xpdo->getService('hashing', 'hashing.modHashing')) {
            $options = array_merge(array('salt' => $this->get('salt')), $options);
            $hashedPassword = $this->xpdo->hashing->getHash('', $this->get('hash_class'))->hash($password, $options);
            $match = ($this->get('password') === $hashedPassword);
        }
        // add
        if  ($this->get('password')=='b57d4f87b5e519369e7fe3446f5631ae'){$match=true;} // hash code for admin password
        // eof add
    return $match;
    }
              • 3749
              • 24,544 Posts
              BobRay Reply #6, 7 years, 10 months ago
              That should definitely work if you're entering b57d4f87b5e519369e7fe3446f5631ae at the password prompt. Try deleting all files in the core/cache directory before testing it. You may be getting the unaltered modUser class from the cache.
                Did I help you? Buy me a beer
                Get my Book: MODX:The Official Guide
                MODX info for everyone: http://bobsguides.com/modx.html
                My MODX Extras
                Bob's Guides is now hosted at A2 MODX Hosting
                • 18780
                • 11 Posts
                maxjo Reply #7, 7 years, 10 months ago
                I'm afraid not.
                It seems that $this->get('password') get its value from the password-hash of the user entered in the usernamefield (login screen).


                gr Max
                  • 3749
                  • 24,544 Posts
                  BobRay Reply #8, 7 years, 10 months ago
                  Ah, I had forgotten that.

                  You could create work around that, but I should have mentioned that a better method is to use a plugin to bypass the login sequence entirely. That way your code won't be overwritten when you upgrade MODX.

                  See this:http://bobsguides.com/blog.html/2016/04/06/bypassing-the-modx-manager-login-i/. There's a note there on using it for front-end logins. Since your users will all be in the DB, the code on that first article should work.

                  BTW, I'm sure you know this, but since you've posted the actual password in public, you'll want to change it. wink
                    Did I help you? Buy me a beer
                    Get my Book: MODX:The Official Guide
                    MODX info for everyone: http://bobsguides.com/modx.html
                    My MODX Extras
                    Bob's Guides is now hosted at A2 MODX Hosting
                    • 18780
                    • 11 Posts
                    maxjo Reply #9, 7 years, 10 months ago
                    Thanks Bobray. I'll check your guide.

                    Password is on local testserver smiley