By brownas98 on
I am trying to write an authentication module which will allow me to use my existing user table to authenticate users. The problem is that the hook_auth() function only seems to be called when the username ends with "@domain.com".
I have read the bug report about this and it says that this was fixed in 5.0, i kind of get the feeling that i am not enabling some option somewhere but i can't find it.
Thanks for the help
Comments
bump
bump
My observations
I've just been playing with a clean Drupal 5.1 installation and discovered that myauthmodule_auth() gets called whenever Drupal's default authentication fails.
That is, I tried authenticating with a valid 'local' user ID (ie. without an @domain.com suffix) and used the wrong password and myauthmodule_auth() got called. When I used the right password it didn't call my auth() function. So it seems that Drupal will call the custom auth() function for user IDs without domain names, as long as those user IDs are not in the Drupal database already.
The only options I discovered during my own investigation that could affect the code path for authentication in a default Drupal installation are in the Drupal module, which provides a distributed authentication facility. I do not have this module enabled.
I would be interested to know if and why your installation behaves differently.
- James
this is still a problem
this is still a problem, at least in Drupal 5.7
i am writing a module that will sync up with another system's Web Services, and according to what it spits out, properly set some roles within Drupal. I have created the hook_auth function, and it does not get called on a successful login with a local username. so if i had an account with the username 'myname', it would not get called when trying to log in. but if i type in 'myname@localhost', i get an unsuccessful login, but the hook_auth does get called in my module.
essentially, hook_auth is no good for a box in which people aren't going to be inputting email addresses, which is unfortunate. in a situation like mine, where i not only need to verify someone's account in google, but also their account within another system (via Web Services), it would be nice to have the hook_auth called. i am going to have to edit the user.module and call my own module's hook_auth, which goes against the idea of drupal in general.
all well.
as i understand it, in d5
as i understand it, in d5 hook_auth() is used for alternate logins
you may want to instead do your work in hook_user() for $op == 'login' ?
and then add _auth() to implement alternate login (thus causing _user() to be called on success)
(is that the right approach? seems better than hacking user.module)