New Community Forums are coming. Watch this space for news.
Subscribe: RSS
  • Modx Revo 2.6.

    I am trying to figure out why I can't automatically log all users into a very low level so I can allow them to all upload. The website is running on an Intranet so security is not so much of an issue. Their user credentials are picked up from a third party login, so the application knows who they are if only they could be logged in.

    I have tried to log them in by calling:
    $output = $modx->runProcessor('security/login', array(
                'username' => 'xxxxx',
                'password' => 'xxxxx'
            ) 
    )
    


    But when I run that in a snippet, I get a 500 server error.

    I tried temporarily using the Login Extra to generate a login form and use that. I am not able to log in with that either.

    I have also tried creating a separate file are attempting a direct login there:
    require_once '/xxxx/xxxxx/xxxxx/config.core.php';
    require_once MODX_CORE_PATH . 'config/' . MODX_CONFIG_KEY . '.inc.php';
    require_once MODX_CORE_PATH . 'model/modx/modx.class.php';
    $modx = new modX();
    $modx->initialize('web');
    $modx->getService('error','error.modError');
    
    $output = $modx->runProcessor('security/login', array(
                'username' => 'xxxxx',
                'password' => 'xxxxx'
            ), array (
                'processors_path' => '/xxxxx/xxxxx/xxxxx/core/model/modx/processors'
            ));
    $modx->toJSON($modx->error->failure('Error!'. $output));
    print_r($output);
    
    


    But this does not log the user in either and returns nothing at all.

    Any ideas what I am doing wrong? Managers are able to login without a problem. And managers also have privileges in the web context so it seems my contexts and privileges are working correctly.

    Thanks
    • That first code bock above is missing its final semicolon; -- that would likely cause a 500 error;

      You might find this three-part series helpful: https://bobsguides.com/blog.html/2016/04/06/bypassing-the-modx-manager-login-i/.

      If you want this for the front end, change 'OnManager...' to 'OnWeb...' in the code and in attaching the plugin to events.

      Another way to go would be to adapt the plugin in the article to validate the user (to bypass the MODX login) and to log them in in code like this:

      $user->addSessionContext('web_or_whatever');


      This assumes that you have a valid user object, and you may also have to do something like this:

      $modx->user = &$usr;

        Did I help you? Buy me a beer
        Get my Book: MODX:The Official Guide
        MODX info for everyone: http://bobsguides.com/modx.html
        My MODX Extras
        Bob's Guides is now hosted at A2 MODX Hosting
      • Thanks Bob, I didn't appreciate that I would need to add a plugin:

        $modx->event->_output = (bool) $authenticated;
        return;


        As well as trigger a login once authenticated:

        $output = $modx->runProcessor('security/login', array(
                    'username' => $fullName,
                    'password' => $password
                ));
        • You don't necessarily have to do all that. If you have your own login page, you could just authenticate them yourself, give them a session context for the 'mgr' Context, set $modx->user, and forward them to any Manager page.
            Did I help you? Buy me a beer
            Get my Book: MODX:The Official Guide
            MODX info for everyone: http://bobsguides.com/modx.html
            My MODX Extras
            Bob's Guides is now hosted at A2 MODX Hosting