Securesite bypass hook
Hugo Wetterberg - November 4, 2009 - 08:29
| Project: | Secure Site |
| Version: | 6.x-2.4 |
| Component: | Code |
| Category: | feature request |
| Priority: | normal |
| Assigned: | Unassigned |
| Status: | active |
Description
I'm currently developing a site that uses services & needs to be protected by securesite. The problem is that services often defines it's own authentication scheme. So I need to bypass securesite for the menu-items that are managed by services.
The following addition to _securesite_forced() should allow any module to get a chance to override securesite.
<?php
// Load the menu-item and check if there are modules that
// want to bypass securesite.
$menu_item = menu_get_item($_GET['q']);
$modules = module_implements('bypass_secure_site');
foreach ($modules as $module) {
if (call_user_func($module . '_bypass_secure_site', $_GET['q'], $menu_item)) {
return FALSE;
}
}
?>This would allow bypass implementations like the following:
<?php
function services_bypass_secure_site($path, $menu_item=NULL) {
$bypass = FALSE;
if ($menu_item && $menu_item['page_callback'] == 'services_server') {
$context = services_get_context($menu_item['page_arguments'][2]);
// Only bypass securesite if a authentication module is enabled.
$bypass = $context && !empty($context['authentication']);
}
return $bypass;
}
?>| Attachment | Size |
|---|---|
| hook_bypass_securesite_1.patch | 685 bytes |