wwProcess::OnShowAuthenticationForm

Event that is fired when an authentication form should be displayed to prompt for login information. Hook this method to override the behavior of the user interface.

The form displayed should have the following form fields:

  • WebLogin_txtUsername
  • WebLogin_txtPassword
  • WebLogin_chkRememberMe (not used currrently)

Form variables are forwarded to Authenticate() which verifies these form vars.

o.OnShowAuthenticationForm(lcUserName, lcErrorMsg)

Parameters

lcUserName

lcErrorMsg

Example

The following demonstrates the full process of authentication:

*********************************************************************
* Function ttprocess :: OnProcessInit
************************************
FUNCTION OnProcessInit
LOCAL lcScriptName, llForceLogin

THIS.InitSession("ttw")

lcScriptName = LOWER(JUSTFNAME(Request.GetPhysicalPath()))

llIgnoreLoginRequest = INLIST(lcScriptName,"default","login")

IF !THIS.Authenticate("any","",llIgnoreLoginRequest) 
   IF !llIgnoreLoginRequest
	  RETURN .F.
   ENDIF
ENDIF


Response.Encoding = "UTF8"
Request.lUtf8Encoding = .T.

RETURN .T.
ENDFUNC


************************************************************************
*  Login
****************************************
***  Function: Handles display of the login form if directly accessed
***            and routes postbacks to the Authenticate() method.
***    Assume:
***      Pass:
***    Return:
************************************************************************
FUNCTION Login()

pcErrorMessage = ""
IF Request.IsPostback()
   pcUsername = Request.Form("WebLogin_txtUsername")
   IF this.Authenticate("ANY",@pcErrorMessage)
      Response.Redirect("~/default.ttk")
   ENDIF
ENDIF

Response.ExpandScript(Config.cHtmlPagePath + "views\common\login.wcs")
ENDFUNC
*   Login

************************************************************************
*  Logout
****************************************
***  Function: Just a routing mechanism to allow logging out.
***    Assume:
***      Pass:
***    Return:
************************************************************************
FUNCTION Logout()
this.Authenticate("Logout")
Response.Redirect("default.ttk")
ENDFUNC
*   Logout

************************************************************************
*  OnShowAuthenticationForm
****************************************
***  Function: Show the authentication form. In this case it's simply
***            showing the application template.
***    Assume:
***      Pass:
***    Return:
************************************************************************
FUNCTION OnShowAuthenticationForm(lcUsername, lcErrorMsg)

pcUsername = lcUsername
pcPassword = ""
pcRedirectUrl = ""
pcErrorMessage = lcErrorMsg
IF EMPTY(pcUsername)
  pcUserName = ""
ENDIF

Response.ExpandScript(Config.cHtmlPagePath + "views\common\login.wcs")
ENDFUNC
*   OnShowAuthenticationForm


************************************************************************
*  OnAuthenticated
****************************************
***  Function: Called after a user has authenticated so we can read
***            values out of the session.
***    Assume:
***      Pass:
***    Return:
************************************************************************
FUNCTION OnAuthenticated()

*** Read custom Process Properties from Session which should be 
*** there since they were created when user originally signed in
this.cAuthenticatedUserName = Session.GetSessionVar("AuthenticatedUserName")
this.nAuthenticatedUserPk = VAL(Session.GetSessionVar("AuthenticatedUserPk"))

RETURN .T.   
ENDFUNC
*   OnAuthenticated

************************************************************************
*  OnAuthenticateUser
****************************************
***  Function: Handles validating username and password for the user
***    Assume:
***      Pass:
***    Return:
************************************************************************
FUNCTION OnAuthenticateUser(lcUsername, lcPassword, lcErrorMsg)
LOCAL loUser

loUser =  CREATEOBJECT("ttUser")

*** This is not actually derived from user security but basic structure
*** is similar. Save/Load methods.
THIS.oUserSecurity = loUser

IF !loUser.AuthenticateAndLoad(lcUserName, lcPassword)
   this.cAuthenticatedUser = ""
   this.cAuthenticatedUserName = ""
   this.nAuthenticatedUserPk = -1
   lcErrorMsg = this.oUserSecurity.cErrorMsg 
   RETURN .F.
ENDIF

*** Assign our own variables we use in the application
this.cAuthenticatedUserName = loUser.oData.UserName
this.nAuthenticatedUserPk = loUser.oData.Pk

*** Assign Session vars so we can read them back in OnAuthenticated()
Session.SetSessionVar("AuthenticatedUserName",this.cAuthenticatedUserName)
Session.SetSessionVar("AuthenticatedUserPk", this.nAuthenticatedUserPk)

RETURN .T.
ENDFUNC
*   OnAuthenticateUser

See also:

Class wwProcess | Custom Authentication with UserSecurity (Example) | UserSecurity Authentication

© West Wind Technologies, 1996-2018 • Updated: 09/09/15
Comment or report problem with topic