aboutsummaryrefslogtreecommitdiffstats
path: root/doc/hook/authenticate.bb
diff options
context:
space:
mode:
Diffstat (limited to 'doc/hook/authenticate.bb')
-rw-r--r--doc/hook/authenticate.bb29
1 files changed, 29 insertions, 0 deletions
diff --git a/doc/hook/authenticate.bb b/doc/hook/authenticate.bb
new file mode 100644
index 000000000..eb8071e73
--- /dev/null
+++ b/doc/hook/authenticate.bb
@@ -0,0 +1,29 @@
+[h2]authenticate[/h2]
+
+Invoked when a POST request is made with non-null $_POST['auth-params'] such as from the login form.
+If the hook handler does not set the 'authenticated' parameter of the passed array, normal login functions continue;
+
+The 'user_record' is in fact an account DB record. To provide automatic provisioning of accounts from other authentication realms, this record should be generated and stored during the verification phase.
+
+
+[code]
+ $addon_auth = array(
+ 'username' => trim($_POST['username']),
+ 'password' => trim($_POST['password']),
+ 'authenticated' => 0,
+ 'user_record' => null
+ );
+
+ /**
+ *
+ * A plugin indicates successful login by setting 'authenticated' to non-zero value and returning a user record
+ * Plugins should never set 'authenticated' except to indicate success - as hooks may be chained
+ * and later plugins should not interfere with an earlier one that succeeded.
+ *
+ */
+
+ call_hooks('authenticate', $addon_auth);
+[/code]
+
+
+See include/auth.php