Posted by peterx on October 5, 2011 at 10:00pm
4 followers
Jump to:
| Project: | IP Login |
| Version: | 7.x-2.x-dev |
| Component: | Code |
| Category: | feature request |
| Priority: | normal |
| Assigned: | Unassigned |
| Status: | postponed |
Issue Summary
An address range is set to automatically login with no messages. A user wants to use their private account to get extra features. Present a login box instead of a logout box.
Instead of the link to logout, present a login box titled something like Login to your private account. If they login, you could keep the same session and just replace the user. They stay on the same page doing the same thing.
I will implement this by hand for a current site. The code is already modified for other things, making a patch useless. Would be nice to work the change into the mainstream code as a switchable option.
Comments
#1
What would be the difference with a 'normal user', who (in my case):
- is logged in automatically, (without messages)
- wants to login by his own account, to use his privileges (without entering the account page).
What advantage has not changing the session?
If your (proposed) change IS an improvement, a switch wouldn't be necessary, but can be normal behaviour.
#2
The current system presents a logout. After the logout, you log back in. Presenting a direct login from within the already logged in system reduces the steps from two to one.
The current logout and login wipes the existing session. If the person is in the middle of a faceted search or some other process, the settings are lost. Swapping the user, while retaining the current session, should keep all the exisitng work in place.
#3
ad 1. Indeed, the 'anonymous corporate user' has no clue he has already signed in. "Log in" is better then "Login as other" or "Logout". Once the user has logged in with his personal account, then the logout/login-link should change to "Logout", wouldn't it?
I have tried to do this, but didn't find a satisfying solution. ( :-) )
ad 2. The Devel-module (devel_switch_user) does this: you can hotswap the user. When implementing the D7-user I tried to re-use that, but stopped half-way, mainly because I was implementing the hook_user_logout, where devel isn't. Would be nice if you can complete it!
#4
devel_switch_user starts by logging the current user out then checks the new user and destroys the session if the new user is invalid. Should check if the new user is valid before logging out the current user. You then avoid the session destroy and leave the IP login in place.
For our use, we also want to copy the IP login roles from the IP login user to the personal login before switching to the personal login.
devel_switch_user uses drupal_session_regenerate. What does that do to current selections?
There is a goto at the end of devel_switch_user. I am thinking of a block changing users without changing the page. Does the goto go to the same page in all situations?
I also looked at reusing functions from http://drupal.org/project/masquerade. Masquerade does something more complex than what we need and has database overheads.
#5
Postponing major changes like this to the forthcoming 2.1 branch, want to get 2.0 out the way and bug-free first.
#6
Connecting to the Masquerade module would be good. Masquerade could handle the recording of the original user. If masquerade had a nice API, the modules could play together.
#7
Masquerade module connected as described in http://drupal.org/node/1416136 + http://drupal.org/node/1425380