Skip to content

Instantly share code, notes, and snippets.

Last active April 26, 2017 01:00
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
Star You must be signed in to star a gist
What would you like to do?
The code implements an after_login logic hook that invalidates the login for any standard user without at least a Role. The sample code purposely does not apply to Administrators as Roles do not apply to them in any case. The code below works on the current version
// Enrico Simonetti
// custom/logichooks/modules/Users/afterLoginUsers.php
class afterLoginUsers
public function callAfterLogin($bean, $event, $args)
// check if there are roles for this user
$roles = $bean->aclroles->getBeans();
if(!empty($roles)) {
$roles_output = array();
foreach($roles as $role_id => $role_obj) {
$roles_output[$role_id] = $role_obj->name;
$GLOBALS['log']->debug('User with user_name: '.$bean->user_name.' and id: '.$bean->id.' logged in successfully and is part of the following roles: "'.implode($roles_output, '", "').'"');
// force logout if no roles are related to the user for security purposes and if not an admin
if(!$bean->isAdmin() && empty($roles)) {
$GLOBALS['log']->security('User with user_name: '.$bean->user_name.' and id: '.$bean->id.' logged in without a valid Role provisioned. Forcing logout.');
protected function forceLogout()
// start - from logout.php
foreach($_SESSION as $key => $val) {
$_SESSION[$key] = '';
if(isset($_COOKIE[session_name()])) {
setcookie(session_name(), '', time()-42000, '/');
$GLOBALS['logic_hook']->call_custom_logic('Users', 'after_logout');
//$authController = AuthenticationController::getInstance();
// end - from logout.php
// Enrico Simonetti
// custom/Extension/modules/Users/Ext/LogicHooks/install.afterLogin.php
$hook_array['after_login'][] = array(
'after_login check for Roles',
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment