I am trying to use this module in place of ip_authenticator which (like core drupal) blocks authenticated (and ip_authenticated) users and admin from accessing pages typically only used by anonymous users, specifically:

user/login
user/register

Is it possible to make a "switch user" link or a login link or a register link for authenticated users?

I use ip_authenticator to automatically log in visitors from computers WITHIN our corporate facilities to our intranet. So anyone sitting down at a terminal in our hospitals sees the site which is not seen by the rest of the world. These users, however, each have individual accounts which they need to log into from the same terminal. They also need to be able to register for a new account.

Any help would be greatly appreciated.

CommentFileSizeAuthor
#6 ip_login.patch2.75 KBpluess

Comments

davidbessler’s picture

davidbessler commented

No takers?

davidwhthomas’s picture

davidwhthomas commented

hmm, tempted to mark as "won't fix" since this module is designed to keep users logged in according to their IP address.
however, that use case is a possibility - where users need IP login at a terminal _and_ another separate user account...
Unfortunately, I don't have time to work on a patch myself, but patches are welcome.

I'd suggest setting a $_SESSION variable ( e.g manual login ) at some point and checking that prior to authenticating them by IP address.

DT

davidwhthomas’s picture

davidwhthomas commented
Status: Active » Needs work
davidbessler’s picture

davidbessler commented

Thanks. I will research that variable and see if I can get something started.

pluess’s picture

pluess commented

Is someone busy with this? I'm ready to create the patch but like to avoid duplicated work.

pluess’s picture

pluess commented
Assigned: Unassigned » pluess
Status: Needs work » Needs review
StatusFileSize
new ip_login.patch2.75 KB

Here's the patch. It adds a "Login as a different user" link to the navigation in case you're logged in by the ip_login module.

davidbessler’s picture

davidbessler commented

Applied patch. Seems to be working as expected. Thanks SO much for doing this! This patch seems to provide the functionality of allowing new registration as well. I will be adding another link called "Register," since for my purposes, this is the main reason I needed this patch.

davidbessler’s picture

davidbessler commented

Is there a way to reactivate the IP login again after I click the log out button? If my users click the new link but they don't have a username, they need to be able to get back into the account which was logged in by IP. Does that make sense?

davidbessler’s picture

davidbessler commented

Please respond to this. Can you create a link which, when clicked, requests that the system try to authenticate by IP again. If an IP Authenticated user is logged in, then clicks "log in as a different user" accidentally, there is no way for that person to log back in by IP. My users are anonymous users who don't have a username and password. A link entitled, "Try to log me in by IP" would be great.

pluess’s picture

pluess commented
Status: Needs review » Needs work

I'm going to have this problem with one of our customers as well. Will fix this, but it may take a weak or two, since I'm very busy currently.

davidwhthomas’s picture

davidwhthomas commented

Looks like it needs a link with a callback to clear the $_SESSION variables

LOGIN_AS_DIFFERENT_USER and
ip_login_complete

DT

P.S Would be nice if the two session vars followed the same naming convention.

davidbessler’s picture

davidbessler commented

Can you help me with this? Right now people in my facilities have to find someone with a login to login and then log out to "reset" the ip_login.

generalelektrix’s picture

generalelektrix commented

I need the same functionnality, Some users will click Login as different user and then they are stuck if they don't have an account. I need a way to log them back by IP address. Thanks.

generalelektrix’s picture

generalelektrix commented

I worked something out.

Added this menu callback to the ip_login_menu() function:

  $items['ip_login_back'] = array(
      'title' => 'Log me back by IP',
      'access callback' => 'ip_login_alwaystrue',
      'page callback' => 'ip_login_back',
      'type' => MENU_CALLBACK,
  );

And then added these two functions:

function ip_login_back() {
  ip_login_login($_SERVER['REMOTE_ADDR']);
  drupal_goto();
}

function ip_login_alwaystrue() {
  return TRUE;
}

Then, I just added a link to /ip_login_back somewhere in my site and it worked like a charm!

Please let me know if you see any issue with this way of solving the problem.

davidbessler’s picture

davidbessler commented

That seems to work perfectly! I just put that link on my access denied page "Try to [login by ip address]." Can somebody check to make sure this is secure?

generalelektrix’s picture

generalelektrix commented

The only doubt I have is with the ip_login_alwaystrue() function, but I don't see a reason why this menu callback would need to be restricted access. Maybe it could be disabled by returning false when a user is already logged in by IP. Anyway, I think the call to ip_login_login would have no effect with a user already logged in by IP. I have made sure that the link to /ip_login_back is only available to anonymous users, so it's not something that stresses me much.

jim kirkpatrick’s picture

jim kirkpatrick commented

Hi, I've integrated the patch by pluess (THANKS!) and further suggestions by davidbessler and generalelektrix into a new, more flexible version - please see #791410: Improved: now supports logging in as alternate user plus comma separated values, IP ranges and wildcards for more.

jim kirkpatrick’s picture

jim kirkpatrick commented
Status: Needs work » Closed (fixed)