Home/ Questions/Q 6732425
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-26T10:38:58+00:00

Atk4 has basic login functionality and I could build it out to add user

  • 0

Atk4 has basic login functionality and I could build it out to add user registration, forgotten password link, email verify etc using atk4, tmail templates and so on. But if I want to integrate it with an existing open source application that already provides that functionality, what do I need to do to allow that systems login to be allowed so that atk4 protected pages can be viewed after login on the third party app?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    There are four alternatives.

    Separate sites, separate domains, separate servers, separate database

    The most secure way to do that is by passing secure token from the other system to Agile Toolkit. The token should contain the username and hash of some secret passphrase along with that username $user.":".md5($secret.":".$user)

    You can check the argument inside API Class:

    $this->auth=$this->add('YourAuth');

if($_GET['login_token'])){
    list($user,$token)=explode($_GET['login_token']);
    if(!verify_token($token))throw $this->exception('Break-in attempt');
    $this->api->auth->login($user);
}

$this->auth->check();

    Separate site, domain, but same user access

    You would need to build same encryption in Agile Toolkit Auth class. Fortunately you can easily do that, by re-defining encryptPassword

    class MyAuth extends SQLAuth {
    function encryptPassword($password,$salt=null){
        return ....
    }
}

    If you need different connection to database you can also add:

       function init(){
       parent::init();

       // Ouch, last occurrence of static method use!
       $newdb=DBLite::connect(
           $this->api->getConfig('user_dsn'));

       $this->db=$newdb->dsql();
   }

    Sharing session – same domain and same computer, but no code access

    Agile Toolkit uses the Application’s realm as a name. That’s the argument you specify to the constructor when you create your app instance inside index.php:

    $api=new MyFrontend('myrealm');

    You would need to call

    session_name('myrealm');
session_start();

    Then you need to set the session variable, something like myrealm_MyAuth_info, you can probably get this by dumping contents of $_SESSION from Agile Toolkit. You need to set it to something like array(‘user’=>’john’), as long as it’s not “false” anything is ok.

    Sharing computer, domain, session and some code

    This is similar to previous approach, but it should be easier to do:

    include 'yourapp/atk4/loader.php';
include 'yourapp/lib/Frontend.php';
$api = new Frontend();
$api->auth->login('john');

    This assumes that your “Frontend” class properly sets the “auth”. If this does not work, some tweaks might be needed, for example you might want to move $auth->check() into initLayout() function, if you are calling it from within API.

    • 0