Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision
Previous revision
internals:internals-auth [2008/06/17 16:12]
serge.aumont@cru.fr created
internals:internals-auth [2017/06/10 11:05] (current)
ikeda@conversion.co.jp
Line 4: Line 4:
 (start with version 6.0) (start with version 6.0)
  
-A new authentication ​mecanism as been introduced. It is a welknown ​method in many web sites where new users or users who have lost there password can choose a new password (or a first one). A chalenge ​email is sent to the user with an url that contain ​a unique random number. This URL look like http://​host/​sympa/​ticket/​12345789 . When using this URL a new Sympa session is initialized. This session trusted by Sympa as unn authenticated web session. The email used is of course the same as the email used for the chalenge+A new authentication ​mechanism has been introduced. It is a well known method in many web sites where new users or users who have lost there password can choose a new password (or a first one). A challenge ​email is sent to the user with an URL that contains ​a unique random number. This URL looks like `http://​host/​sympa/​ticket/​12345789`. When using this URL a new Sympa session is initialized. This session ​is trusted by Sympa as an authenticated web session. The email used is of course the same as the email used for the challenge
  
-This is done via a new table : one_time_ticket_table ​. This table is used both to store the email that will applied to the session ​but also to store the wwsympa ​action that will be appled.+This is done via a new table : one\_time\_ticket\_table ​. This table is used for both storing ​the email that will applied to the session ​and for storing ​the web action that will be applied.
  
  
 ====create_one_time_ticket ()==== ====create_one_time_ticket ()====
  
-This function ​create ​a ticket and store it in one_time_ticket_table ​. The result is the ticket number : a random used as key in database. ​+This function ​creates ​a ticket and stores ​it in one\_time\_ticket\_table ​. The result is the ticket number : a random ​number ​used as key in the database. ​
  
 **IN** **IN**
-  * $email the email to be appled if the ticket is used for creating a session +  * $emailthe email to be appled if the ticket is used for creating a session 
-  * $robot the domain  +  * $robotthe domain  
-  * $data_string a char string that will be used to create the context of the session if used. This string look like PATH_INFO in URL. +  * $data_stringa char string that will be used to create the context of the session if used. This string look like PATH_INFO in URL. 
-  * $remote_addr the client remote host, used to specify the host who request the ticket creation+  * $remote_addrthe client remote host, used to specify the host who request the ticket creation
  
 **OUT** **OUT**
   * a random integer   * a random integer
 +
 +====get_one_time_ticket====
 +
 +Read one_time_ticket from table and remove it. It is performed by wwsympa web action //ticket//. This action have only one parameter : a ticket id. The ticket is checked if success a session is created and the wwsympa web action specified in feld data is performed.
 +
 +**IN**
 +  * $ticket_number a ticket id
 +
 +**OUT**
 +return a hash with 
 +  * result = closed|expired|success|error
 +  * email = the email to be used with the new session
 +  * date = the date the ticket was updated (for information purpose)
 +  * remote_addr = the host from which the ticket was requested or updated
 +  * robot = the domain
 +  * data = the path_info to perform a web action. example: '​subrequest/​foo'​ in order to go to action subrequest related to list foo
 +  * status = the status of the ticket
  
  • internals/internals-auth.1213711960.txt.gz
  • Last modified: 2008/06/17 16:12
  • by serge.aumont@cru.fr