This project is not covered by Drupal’s security advisory policy.
The User Data Connector module allows you to perform user authentication and obtaining information about users from a Drupal-external PHP script using a simple and compact API. It is especially useful if your script environment (session, error callback, exception callback, shutdown function, defined variables, defined functions) must not be changed, as it would happen if you bootstrap Drupal and use its functions and classes.
The API you include in your external script has three classes, all located in the directory "<root>/sites/all/modules/udc/client/", where <root> is the Drupal root folder, which is usually the $_SERVER['DOCUMENT_ROOT']. The class source code is php/javadoc documented, so that IDEs like Eclipse or NetBeans can auto-complete the object methods and instance variables for you.
- The
DrupalUserAuthclass allows you to check if a login name/password pair matches. This will not affect the Drupal page login state of the user because only a password check using the corresponding Drupal core functions is performed. The return values are stored in the object's properties and include username (correct key case like in database), email, roles, fields (only allowed fields in the module configuration), an 'active' flag that indicates if the user is active or blocked/cancelled, and the "valid" flag that indicates that the password was correct. - The
DrupalUserInfoclass enables you to get detailed information about a user without performing an authentication check. The object properties are equivalent to the properties ofDrupalUserAuth. - The
DrupalUserListclass can be used to retrieve a list of users. The only instance variable is "list", which will contain an associative array with the users. Each entry implies name, email and active flag. If you invoke the request method with the corresponding arguments, each entry contains the roles of the user as well.
Applications
Here a list of fictive and realized usages:
- Admin server log statistic RSS feed
- Connecting Drupal to SabreDAV
Module documentation
To get more information about how the module works and API examples, please take a look at this module documentation page.
Requirements
The implementation of the API and the server requires a PHP version >= 5.2, if you want to enable SSL/HTTPS for the client-server connections, you need PHP with the cURL library. The configuration form shows you if this feature can be enabled or not. There are no special Drupal module dependencies.
As your web server configuration might disallow the execution of scripts that are not located in the document root, you should ensure that the server script (/sites/all/modules/udc/server/server.php) can be accessed.
Maintainers
Stefan Wilhelm (7.x-xx): http://drupal.org/user/1344522
Brief example - Request user authentication
This is an example for an authentication check using the DrupalUserAuth class. You get more information out of the class than shown in this example. Take a look at the documentation page for more examples and further informtion.
// Include and initialize the authentication class, assuming that your require_once($_SERVER['DOCUMENT_ROOT'] . '/sites/all/modules/udc/client/DrupalUserAuth.class.inc'); DrupalUserBase::setToken('The-token-I-set-on-the-config-page'); // Let's say these are your login script variables. $login_user = '....'; $login_pass = '....'; // Let's say this is the variable you use to check if the user is valid. $is_authenticated_user = false; try { // Now the UDC lookup: $dpu = new DrupalUserAuth(); $dpu->request($login_user, $login_pass); $is_authenticated_user = $dpu->valid; } catch (Exception $e) { // Handle the exception - in this example we just exit die("Exception: \n\n$e\n\n"); }
Project information
- Project categories: Integrations, Access control
2 sites report using this module- Created by stfwi on , updated
This project is not covered by the security advisory policy.
Use at your own risk! It may have publicly disclosed vulnerabilities.
