Intercepting Login Process

[grstearns]

I'm trying port a highly customized MediaWiki install to MindTouch. One of the custom extensions hooks into the logon process, checks the users against a special table with names and IPs and if the user is listed and the IP they're requesting from isn't, will abort the logon.

I would like to avoid writing an entire Authentication Provider just for this simple process. Is there a better way? Can I even pass the requester's IP to the provider?

[royk]

Since Lyons (9.02), we have hooks on the front-end; you could do a conceptually similar action - I'd take a peek at: http://developer.mindtouch.com/en/MindTouch/PHP/Plugins

[grstearns]

http://developer.mindtouch.com/en/MindTouch/PHP/Plugins

Excellent, thank you. I did see http://developer.mindtouch.com/Deki/Specs/Lyons/Hooks but it only listed Logout as completed.

[crb]

That doesn't mean the programming is complete, it means the hook runs after a logout is complete

[grstearns]

Actually I was referring to where it said "Locations in blue have been implemented. This is an idea list." and login wasn't on the list at all.

[royk]

Probably time for Guerric to update that documentation The complete list of hooks (I know they are poorly doc-ed right now) is available on that first link (at the bottom).

[Guerric]

You can see a list of the hooks in /deki/plugins/deki_plugin.php. I've also started a new section on the developer wiki to facilitate documenting the plugins API. http://developer.mindtouch.com/en/MindTouch/PHP

For user login, there are 2 hooks:
const MAIN_LOGIN = 'Main:Login';
const MAIN_LOGIN_COMPLETE = 'Main:LoginComplete';

MAIN_LOGIN is invoked when creds are passed in. MAIN_LOGIN_COMPLETE fires after the user has already been authenticated in the system. You'll want to intercept the MAIN_LOGIN request.

Bare in mind that these tactics only restrict the user from logging in through the UI.