Public user login - what are we meant to extend

Silverstripe Version: 4.1

Goal:
Have a customised login screen for the CMS at URL: /admin.
Have another (completely different) login screen at URL /login.

What I have.
I have the first /admin login screen with a custom styled page(s) like Security_login.ss, Security_changepassword.ss etc.

It’s just :

g

For the non-CMS side of logins, it needs to be a lot different, something like this:

Should I be creating a controller extending Security?
Do I need to make my own Authenticator extending MemberAuthenticator?
Do I need to make my own form extending MemberLoginForm?

1 Like

Hey Lance, did you ever get this sorted? If so could you post a gist/solution?

Hi Chris,

I did. I basically created my own controller to wrap around SilverStripes code. Using their MemberAuthenticator LoginHandler and IdentityStore

I was migrating existing users between systems so my login code is a bit cluttered. The stripped down version is:

private function _process_login(HTTPRequest $request)
{
	$email      = $request->postVar('login_email');
	$password   = $request->postVar('login_password');
	$rememberMe = $request->postVar('login_remember');

	$data = [
		'Email' => $email,
		'Password' => $password,
		'Remember' => $rememberMe
	];

	$MemberAuthenticator = new MemberAuthenticator;

	# Create a Validation object so we can get errors out
	$result = ValidationResult::create();

	$loginHandler = new LoginHandler('auth', $MemberAuthenticator);

	if ($member = $loginHandler->checkLogin($data, $request, $result))
	{
		if ( ! $member->inGroup('site-users'))
		{
			# Admin user has logged into front end.
			# Only want login's from site users.

			Injector::inst()->get(IdentityStore::class)->logOut($request);
			$result->addError('The provided details don\'t seem to be correct. Please try again.');
		}
		else
		{
			# Logged in and in the right group
			$loginHandler->performLogin($member, $data, $request);
		}
	}

	return $result;
} 

The stripped down version of a registering:

	private function _process_register(HTTPRequest $request)
	{
		$first_name = $request->postVar('register_first_name');
		$last_name  = $request->postVar('register_last_name');
		$email      = $request->postVar('register_email');
		$password_1 = $request->postVar('register_password_1');
		$password_2 = $request->postVar('register_password_2');

		# Create the member
		$member            = Member::create();
		$member->FirstName = $first_name;
		$member->Surname   = $last_name;
		$member->Email     = $email;
		$member->write();

		# Add them to the site-users group
		$member->addToGroupByCode('site-users');

		# Set the password
		$member->changePassword($password_1);

		$rememberMe = 1;

		# Let's log this person in
		$data = ['Email' => $email, 'Password' => $password_1, 'Remember' => $rememberMe];

		$MemberAuthenticator = new MemberAuthenticator;

		# Create a Validation object so we can get errors out
		$result = ValidationResult::create();

		$member = $MemberAuthenticator->authenticate($data, $request, $result);

		if ($member !== null)
		{
			# Authenticated ok, log in.
			$identityStore = Injector::inst()->get(IdentityStore::class);
			$identityStore->logIn($member, $rememberMe, $request);

			$return['success'] = true;

			$email = Email::create()
				->setHTMLTemplate('Email\\RegisterEmail')
				->setData($member)
				->setSubject("Welcome to Website")
				->addData('first_name', $member->FirstName)
				->setTo($member->Email)
				->setSender('no-reply@website.co.nz', "Some website");

			$email->send();
		}
1 Like