[pmwiki-devel] Persistent Authorization

Dominique Faure dominique.faure at gmail.com
Fri Apr 24 02:13:44 CDT 2009

On Fri, Apr 24, 2009 at 01:08, Daniel Roesler <diafygi at gmail.com> wrote:
> Howdy all,
> I'm starting to look into writing a patch/recipe for implementing a
> cookie-based option for authorizations. Basically, you can stay logged
> in during multiple visits. This is fairly common on other sites (with
> the "Remember Me?" checkbox and whatnot), so I thought I'd check here
> first to see if anything already exists in PmWiki. I've read through
> the SessionAuth() function in /pmwiki.php, but I don't see any spot
> for checking to see if authorizations are in cookies. So what it looks
> like now, is adding a step in SessionAuth() that looks for cookies if
> a config.php variable (say $CookieAuth) is set to 1. Obviously, other
> variables could be implemented (default cookie lifespan, etc.), but
> that's further down the road. Anyone have a better idea for patching
> PmWiki to add persistent authorizations?
> Avast!
> Daniel Roesler
> diafygi at gmail.com
> _______________________________________________
> pmwiki-devel mailing list
> pmwiki-devel at pmichaud.com
> http://www.pmichaud.com/mailman/listinfo/pmwiki-devel


IMHO, I would be nice to have this implemented as a full wrapper function.
Ie. this new function would only have to handle the user password via
cookie persistence/encryption/... and provide it to the regular auth
function itself. No need to patch anything:

## recipe.php
$OriginalAuthFunction = $AuthFunction;
$AuthFunction = 'CookiePersistentPmWikiAuth';

function CookiePersistentPmWikiAuth($pagename, $level,
$authprompt=true, $since=0) {
  global $OriginalAuthFunction;

  # [do there what you need to retrieve and make persist the user password...]

  # [...then provide it to the original function]
  $_POST['authpw'] = 'user_password';
  return $OriginalAuthFunction($pagename, $level, $authprompt, $since);


More information about the pmwiki-devel mailing list