Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

Customising the CMS /

Moderators: martimiz, Sean, Ed, biapar, Willr, Ingo, swaiba

Extend Authentication Rules

Go to End

4 Posts   1761 Views


Community Member, 2 Posts

24 September 2009 at 11:28am

Hi all, I need to extend the authentication rules used by default in the CMS, so not just a user/password and status checking. I need to add some rules based on some other cirteria on things like account expiration date, etc...

Any ideas on what files need to be modified or created will help a lot.



Community Member, 904 Posts

24 September 2009 at 5:41pm


Should be possible, although I never did this.
Have a look at the sapphire/security folder. There you'll find the MemberLoginForm and MemberAuthenticator which are the classes used to login a member.
The Security class is the Controller that's being called when you visit It gets the registered authenticators and displays their login form(s).

You can create your own LoginForm/Authenticator (or inherit from MemberLoginForm/MemberAuthenticator) and register it as default authenticator (see Authenticator::set_default_authenticator).
This should be doable without altering core files, so you can place all your code in the mysite/code directory (maybe in a subfolder named "security").


Community Member, 2 Posts

25 September 2009 at 1:39pm

Thanks banal, makes sense I'll give it a crack.

Dave L

Community Member, 60 Posts

1 October 2009 at 2:55am

I've just done this and documented it on my blog.