Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Joomla 3 External authentication script
<?php
/**
* Joomla! External authentication script
*
* @author vdespa
* Version 1.0
*
* Code adapted from /index.php
*
* @package Joomla.Site
*
* @copyright Copyright (C) 2005 - 2014 Open Source Matters, Inc. All rights reserved.
* @license GNU General Public License version 2 or later; see LICENSE.txt
*/
if (version_compare(PHP_VERSION, '5.3.1', '<'))
{
die('Your host needs to use PHP 5.3.1 or higher to run this version of Joomla!');
}
/**
* Constant that is checked in included files to prevent direct access.
* define() is used in the installation folder rather than "const" to not error for PHP 5.2 and lower
*/
define('_JEXEC', 1);
if (file_exists(__DIR__ . '/defines.php'))
{
include_once __DIR__ . '/defines.php';
}
if (!defined('_JDEFINES'))
{
define('JPATH_BASE', __DIR__);
require_once JPATH_BASE . '/includes/defines.php';
}
require_once JPATH_BASE . '/includes/framework.php';
// Instantiate the application.
$app = JFactory::getApplication('site');
// JFactory
require_once (JPATH_BASE .'/libraries/joomla/factory.php');
// Hardcoded for now
$credentials['username'] = 'adam';
$credentials['password'] = 'adam';
/**
* Code adapted from plugins/authentication/joomla/joomla.php
*
* @package Joomla.Plugin
* @subpackage Authentication.joomla
*
* @copyright Copyright (C) 2005 - 2014 Open Source Matters, Inc. All rights reserved.
* @license GNU General Public License version 2 or later; see LICENSE.txt
*/
// Get a database object
$db = JFactory::getDbo();
$query = $db->getQuery(true)
->select('id, password')
->from('#__users')
->where('username=' . $db->quote($credentials['username']));
$db->setQuery($query);
$result = $db->loadObject();
if ($result)
{
$match = JUserHelper::verifyPassword($credentials['password'], $result->password, $result->id);
if ($match === true)
{
// Bring this in line with the rest of the system
$user = JUser::getInstance($result->id);
echo 'Joomla! Authentication was successful!';
}
else
{
// Invalid password
// Prmitive error handling
die('Invalid password');
}
} else {
// Invalid user
// Prmitive error handling
die('Cound not find user in the database');
}
?>
@nickkraakman

This comment has been minimized.

Copy link

@nickkraakman nickkraakman commented Apr 12, 2019

Instead of the database query and the verifyPassword() function, an easier way would be $loggedIn = $app->login($credentials);. This logs the user in and returns true if successful, so you can simply do if ($loggedIn) { ... }.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment