Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

Customising the CMS /

[SOLVED] Different Login/Authenticator for Site/CMS


Reply


2 Posts   1186 Views

Avatar
Dave L

Community Member, 60 Posts

1 October 2009 at 12:03pm

Edited: 03/10/2009 12:59pm

Hi,

The site I'm working on has a different authentication model for web users. However, it's not secure enough for admin so I disabled admin access using this method use the main authentication for admin. Is there any way to show my CustomAuthenticator when requesting access to the website, but normal MemberAuthenticator when requesting access to the CMS?

I've got as far as showing both when anonymous users are trying to access secure pages. However, I don't want web users to see the admin authentication. When I unregister MemberAuthenticator, admins have no access method.

I've tried unregistering MemberAuthenticator and calling MemberLoginForm independently, but when login fails it sends you to Security/login and the site Login (not the independent CMS login).

Ideally, I'd like some way to unregister MemberAuthenticator when Director::siteMode() = 'site' (requesting site), and register it when Director::siteMode() = 'cms' (requesting cms)

Avatar
Dave L

Community Member, 60 Posts

3 October 2009 at 12:59pm

Edited: 03/10/2009 1:00pm

Workaround:

1. Disable MemberAuthenticator, so only customer login shows on normal /Security/login requests

_config.php:

Authenticator::register_authenticator('CustomerAuthenticator');
Authenticator::set_default_authenticator('CustomerAuthenticator');
Authenticator::unregister_authenticator('MemberAuthenticator');

2. Create rule to have a new CMS entry point (in this case "/manager" ), in reality this is just a pointer to the standard MemberAuthenticator, now disabled for all standard security login requests.

_config.php:

Director::addRules(100, array('manager' => 'AdminLogin_Controller',));

3. Create a new controller to handle this entry point, ensure any bad logins get redirected back to it.

class AdminLogin_Controller extends Page_Controller {

function init() {
Session::set('BadLoginURL', '/manager'); parent::init();
}

function Form() {
return new MemberLoginForm?($this, "LoginForm");
}

function Title() {
return "Admin Log in";
}
}