By redndahead on

My site uses CAS for it's authentication. I would like it so that only uid 1 can login via the user login form. What I need is to be able to check the username logging in. Check if they are uid 1 and if not then send back access denied.

Any ideas on how to do this?

red

Categories: Drupal 6.x

Comments

toddk’s picture

toddk commented

Have you taken a look at the user hook (http://api.drupal.org/api/function/hook_user/6)? I think you would be able to implement the needed logic.

Todd Krokowski
http://toddkrokowski.blogspot.com

redndahead’s picture

redndahead commented

Thanks for the help. I just tried hook_user and $op never seems to have the value "login" after login. It just has "load". Any reasons for this?

bboldi’s picture

bboldi commented

...it can be useful in some cases. Put this into init hook.

    global $user;

    $last_user_id = $_SESSION['last_user_id'];
   
    $_SESSION['last_user_id'] = $user->uid;

    if(!($last_user_id>0) && $user->uid > 0)
    {
        // USER JUST LOGGED IN ... DO SOMETHING (for example verify its id, and redirect)
    }

----------------------------------------
Boldizsár Bednárik ing.
http://www.bboldi.com

redndahead’s picture

redndahead commented

Thanks that was an interesting solution. Issue is I can't tell if they are coming from a CAS login or a regular login. Maybe I can check the referring url to determine where it came from. Any good suggestions?