[TYPO3-dev] Auth service, authentication against external db and session
Peter Russ
peter.russ at 4many.net
Tue Feb 14 11:26:20 CET 2006
Daniel Pötzinger schrieb:
> Hello
>
> I think this will require a query each time a request is made by the
> logged in user to check if the userrecord is still correct. (additional
> performance...)
>
> But a fe_session will only be valid for some time (timeout). So if the
> user gets invalid, there is only a given time for still being logged
> in.. I mean it would be scarce to find a website were this is critical?
>
>
> But for a more flexible auth service in this case maybe a function
> getUserSessionData() or something similar (Service-call from
> fetchUserSession()) would be great for auth service?
>
> I just saw the Hook on Line 275 (t3lib_userauth), for filling
> $this->user. I think this way should be possible too?
Hallo Masi,
Hallo Daniel,
1) with TYPO3 t3lib_userauth always checks "by default" if *_user is
still valid as fetchUserSession always queries the *_sessions table
against *_user. So if the user gets deleted there will be an automatic
log off.
2)Thanks for the HOOK. This might work. IMHO it would be more clean to
get some further functionaliy to the auth service. But for the moment I
will have a look at the hook.
Thanks.
Regs. Peter.
--
Fiat lux!
Docendo discimus.
_____________________________
4Many® Services
openBC: http://www.openbc.com/go/invuid/Peter_Russ
More information about the TYPO3-dev
mailing list