HybridAuth

Topic: HybridAuth (Read 3748 times) previous topic - next topic

0 Members and 1 Guest are viewing this topic.

HybridAuth

June 30, 2014, 07:36:53 am

I've been making lots of progress with my community's new Elkarte forum, but there's one essential feature missing: social logins.

I had a look around the net for PHP authentication libraries for social platforms and came across HybridAuth: https://github.com/hybridauth/hybridauth

A search on this board showed a topic where this has been discussed in the past: http://www.elkarte.net/community/index.php?topic=576.msg4284#msg4284

How much progress was made towards this integration? I need it for my community and I'll be coding some sort of solution anyway, so I'd like to implement it to Elkarte too. Shall I just go ahead, or are there bigger plans already in motion for the login system? Should I make it an addon or PR it to the core?

Re: HybridAuth

Reply #1 – June 30, 2014, 08:12:24 am

None^[1] from my side.
Authentication and jumping around sites is not exactly the think I understand best. LOL

¹I mean no progress↵

Re: HybridAuth

Reply #2 – June 30, 2014, 09:20:52 am

Well I'll go ahead and see what I can concoct with HybridAuth and Elkarte and I'll post back here when I make some progress

Re: HybridAuth

Reply #3 – July 13, 2014, 01:06:30 pm

Just to keep everyone up to date, I am still working on this

I've got some free time this weekend, so I've managed to get HybridAuth integrated into Elkarte.

I've done everything in a new "ProfileConnections" controller. It's all very self-contained at the moment, and HybridAuth's library itself exists at BOARDDIR/hybridauth/ currently. The login system will also need to use the authentication functions, so I'll find the appropriate place to break-out those functions to once I've tested this. I'm building a UI page now in the profile so I can attach social accounts and check they work correctly, try and pull some data from them etc. Then I can look into how I can integrate this into Elkarte for the purposes of registering new members, pulling all the data across and then mapping that to Elkarte's registration script.

EDIT: Also not too sure on session handling. HybridAuth does it's own sessions.

Re: HybridAuth

Reply #4 – July 13, 2014, 03:22:57 pm

Cool!

If you want, there is an /ext/ directory in sources that already contains some external libraries and is accessible by the EXTDIR constant, but of course BOARDDIR is fine too.

If you are planning on releasing it as an addon (maybe for later integration), and you find some place that is not "easily accessible" with hooks, feel free to drop a line so that it can be improved.

Re: HybridAuth

Reply #5 – July 13, 2014, 03:52:45 pm

Quote from: emanuele – July 13, 2014, 03:22:57 pmIf you want, there is an /ext/ directory in sources that already contains some external libraries and is accessible by the EXTDIR constant, but of course BOARDDIR is fine too.

That's perfect, thanks for the tip!

Quote from: emanuele – July 13, 2014, 03:22:57 pmIf you are planning on releasing it as an addon (maybe for later integration), and you find some place that is not "easily accessible" with hooks, feel free to drop a line so that it can be improved.

Well I was hoping to submit it as a PR to 1.1, since I intend to integrate it tightly into Elkarte, and provide an easy way for people to drop-in other HybridAuth-compatible providers.

Re: HybridAuth

Reply #6 – July 14, 2014, 04:12:46 pm

I need some help with sessions

I've been battling with HybridAuth to accept the configuration passed to it. It assumes I'm trying to access the libvrary directly, and I've finally worked out why: it's not getting session data.

Can someone explain why inside Elkarte, I get this session output:
- redacted -

Yet on the same domain, elsewhere (including HybridAuth) I get this:
- redacted -

Re: HybridAuth

Reply #7 – July 14, 2014, 05:18:06 pm

I'm not sure it's a good idea to show on the internet sessions data... (like those facebook keys and stuff)

Anyway, Elk uses the $_SESSION variable to store quite a bit of stuff, and by default it uses session handling "database-based" (so it stores the session data in the database).
It's a bit late now for details, tomorrow...

Re: HybridAuth

Reply #8 – July 14, 2014, 05:23:55 pm

Quote from: emanuele – July 14, 2014, 05:18:06 pmI'm not sure it's a good idea to show on the internet sessions data... (like those facebook keys and stuff)

Crap! :O I didn't even think -_-

Quote from: emanuele – July 14, 2014, 05:18:06 pmAnyway, Elk uses the $_SESSION variable to store quite a bit of stuff, and by default it uses session handling "database-based" (so it stores the session data in the database).
It's a bit late now for details, tomorrow...

I just can't get my head around why when I set session data from within Elkarte, it's not available on the $_SESSION superglobal elsewhere on the same domain :S Fair enough, hopefully I can get a bit closer to the problem by tomorrow too

Re: HybridAuth

Reply #9 – July 14, 2014, 05:32:30 pm

Just wanted to say that this is great to see that someone is working on this. I like having the ability to have users connect via their FB accounts.

Re: HybridAuth

Reply #10 – July 14, 2014, 06:01:35 pm

From what I am seeing this is just going to be the "Login" for Social Media sites... Correct? Not with all of the buddy lists, posting to FB and all that other stuff?

Re: HybridAuth

Reply #11 – July 15, 2014, 08:26:55 am

Quote from: ant59 – July 14, 2014, 05:23:55 pmI just can't get my head around why when I set session data from within Elkarte, it's not available on the $_SESSION superglobal elsewhere on the same domain :S Fair enough, hopefully I can get a bit closer to the problem by tomorrow too

That one is probably because of the way Elk handles sessions by default.
As I wrote, by default Elk stores the sessions data into the database, and not with the default php session handler (that AFAIR is a text file in /tmp/ or something like that), so you have two options: 1) let the rest of the site use Elk's session handling (i.e. use SSI.php), or 2) let Elk use the custom php session handler (i.e. in the admin page disable "Use database driven sessions").