Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
internals:internals-auth [2008/06/17 16:23]
serge.aumont@cru.fr
internals:internals-auth [2017/06/10 11:05]
ikeda@conversion.co.jp
Line 4: Line 4:
 (start with version 6.0) (start with version 6.0)
  
-A new authentication ​mecanism as been introduced. It is a welknown ​method in many web sites where new users or users who have lost there password can choose a new password (or a first one). A chalenge ​email is sent to the user with an url that contain ​a unique random number. This URL look like http://​host/​sympa/​ticket/​12345789 . When using this URL a new Sympa session is initialized. This session trusted by Sympa as unn authenticated web session. The email used is of course the same as the email used for the chalenge+A new authentication ​mechanism has been introduced. It is a well known method in many web sites where new users or users who have lost there password can choose a new password (or a first one). A challenge ​email is sent to the user with an URL that contains ​a unique random number. This URL looks like `http://​host/​sympa/​ticket/​12345789`. When using this URL a new Sympa session is initialized. This session ​is trusted by Sympa as an authenticated web session. The email used is of course the same as the email used for the challenge
  
-This is done via a new table : one_time_ticket_table ​. This table is used both to store the email that will applied to the session ​but also to store the wwsympa ​action that will be appled.+This is done via a new table : one\_time\_ticket\_table ​. This table is used for both storing ​the email that will applied to the session ​and for storing ​the web action that will be applied.
  
  
 ====create_one_time_ticket ()==== ====create_one_time_ticket ()====
  
-This function ​create ​a ticket and store it in one_time_ticket_table ​. The result is the ticket number : a random used as key in database. ​+This function ​creates ​a ticket and stores ​it in one\_time\_ticket\_table ​. The result is the ticket number : a random ​number ​used as key in the database. ​
  
 **IN** **IN**
-  * $email the email to be appled if the ticket is used for creating a session +  * $emailthe email to be appled if the ticket is used for creating a session 
-  * $robot the domain  +  * $robotthe domain  
-  * $data_string a char string that will be used to create the context of the session if used. This string look like PATH_INFO in URL. +  * $data_stringa char string that will be used to create the context of the session if used. This string look like PATH_INFO in URL. 
-  * $remote_addr the client remote host, used to specify the host who request the ticket creation+  * $remote_addrthe client remote host, used to specify the host who request the ticket creation
  
 **OUT** **OUT**
Line 24: Line 24:
 ====get_one_time_ticket==== ====get_one_time_ticket====
  
-Read one_time_ticket from table and remove it.+Read one_time_ticket from table and remove it. It is performed by wwsympa web action //ticket//. This action have only one parameter : a ticket id. The ticket is checked if success a session is created and the wwsympa web action specified in feld data is performed.
  
 **IN** **IN**
  • internals/internals-auth.txt
  • Last modified: 2017/06/10 11:05
  • by ikeda@conversion.co.jp