[dev] available api authentication routines?

Chuck Hagenbuch chuck@horde.org
Tue, 4 Jun 2002 17:24:43 -0400


Quoting Eric Rostetter <eric.rostetter@physics.utexas.edu>:

> > Looks like you found it, but, for the archives: Auth::getAuth() and 
> > Auth::getCredential('password').
> 
> Thanks!  Do any of the other modules have a similar API (IMP, Gollem?).
> (In case you have, say, seperate authentication for Horde and IMP)

No - and they shouldn't, imho.

> It would seem to be a good idea to me.  There are still issues, but
> it might provide some functionality for my passwd module...

And maybe for other things, too. I've just committed some cleanup to the 
Auth API that lets you do this. Let me know what you think?

> Anyway, to get the current settings, I need the username and password. 
> So I can get the Horde username/password via the above Auth:: calls, no
> problem. However, there is no guarantee that this Horde login 
> username/password is the same as the one needed to login via ftp, so this 
> may still not work in all cases.  But whenever I point this out, the 
> users say "yeah, but in most cases it will be, so you should do it 
> anyway..."  So the idea would be to make this a config option the admin 
> could allow/disallow.  They would still need to enter the password to 
> *change* the info, so that if the user walks away with the web browser 
> logged in to Horde, someone else can't just play willy-nilly with the 
> password/forwards/vacations.  But it would allow them to see the 
> forwards/vacations (if possible) before they start, and/or to verify they 
> were really set/removed/changed when they use the form.

As long as it's an option, that sounds fine to me.

> What is the possible place for them?  I'd like to see also maybe an
> "example code usage" section added as needed.  Want to work together a 
> bit on getting this started?  I'm not saying I'd be willing or able to
> provide details for all the api calls.  But we could start piecemeal as
> long as we have a standard way of doing it.

Info about parameters - what is valid as a credential, for example - should 
go into the API docs. More things - like example code usage - could be done 
as Orator presentations. Take a look at http://www.horde.org/orator/; maybe 
we can start a few presentations, one for each API, with examples, how to 
use it, etc. How's that sound?

-chuck

--
Charles Hagenbuch, <chuck@horde.org>
"What was and what may be, lie, like children whose faces we cannot see, in 
the arms of silence. All we ever have is here, now." - Ursula K. Le Guin