Authentication Providers

An Authentication Provider is a piece of custom code that you need to develop in order to check users against any authentication source you wish. Most of the code is already prepared. You'll only need to add things specific to your authentication source.

Important Note

Authentication Providers are not a replacement for activeCollab authentication, they are a bridge to connect it to other applications. The provider will still need to return an instance of a User class that exists in the activeCollab users table.

Here are four important methods in the Authentication Provider:

  1. initialize() - Called automatically on every request. This method is good for checking if you already have someone logged in (based on a cookie, server or session variable etc);
  2. authenticate() - Check a user's credentials against an authentication source. This method is called after the login form is submitted and forwards the data entered in the login form;
  3. logUserIn() - Set a user as logged in and does everything required in such a situation: set a session ID; save a cookie so a user gets authenticated on the next request; contact another application to let it know that the user is logged in. etc;
  4. logUserOut() - Makes sure that the user is logged out and it is great to undo everything you did with the logUserIn() method: such as destroying session and cookie variables; informing external application that the user left and so on.