[imp] Re: How do you throw an error to the user from preauth hook?

Eli eli-list at experthost.com
Wed Mar 23 16:12:09 PST 2005 

Jan wrote:
> Zitat von Eli <eli-list at experthost.com>:
> 
> > Is there any way to put up an error message to the users browser if 
> > the preauth hook returns false?  I would like to show why the auth 
> > failed rather than it just fail and have the user guessing.
> 
> Use Auth::_setAuthError().

Perfect, that's the trick.  However, Horde itself seems to take control of
the error scene from the pre and post auth hooks (didn't check other hooks,
probably the same).

I had to edit the Auth class to allow the use of AUTH_REASON_MESSAGE from
within a hook (any other choice and you can't override the default error):


--- /lib/Horde/Auth.php    Tue Mar 22 08:38:39 2005
+++ /lib/Horde/Auth.php    Wed Mar 23 19:06:04 2005
@@ -140,7 +140,9 @@
             include_once HORDE_BASE . '/config/hooks.php';
             if (function_exists('_horde_hook_preauthenticate')) {
                 if (!call_user_func('_horde_hook_preauthenticate', $userId,
$credentials, $realm)) {
-                    $this->_setAuthError(AUTH_REASON_FAILED);
+                    if ($GLOBALS['__autherror']['type'] !==
AUTH_REASON_MESSAGE) {
+                        $this->_setAuthError(AUTH_REASON_FAILED);
+                    }
                     return false;
                 }
             }
@@ -159,7 +161,9 @@
                 include_once HORDE_BASE . '/config/hooks.php';
                 if (function_exists('_horde_hook_postauthenticate')) {
                     if (!call_user_func('_horde_hook_postauthenticate',
$userId, $credentials, $realm)) {
-                        $this->_setAuthError(AUTH_REASON_FAILED);
+                        if ($GLOBALS['__autherror']['type'] !==
AUTH_REASON_MESSAGE) {
+                            $this->_setAuthError(AUTH_REASON_FAILED);
+                        }
                         return false;
                     }
                 }


Worth commiting to Horde?  If so, I would think allowing the
AUTH_REASON_MESSAGE error type from all hooks to control error messages
would be best.  I might also say that I don't know if there's a
class/function or whatever that's designed to return the
$GLOBALS['__autherror'] variables - if so using that would be best since
although this patch works, if for any reason the underlying _setAuthError
group of functions changed where they want to store the message, this patch
would require modification too.

Eli.

More information about the imp mailing list