Best way to authenticate user without show login page

pgr · 7 February 2020 17:46

It seems in the entry point registry you can specify auth=false and it will skip authentication?

salesagility/SuiteCRM/blob/master/include/MVC/Controller/SugarController.php#L1033


        }
    }
}


/**
 * Checks to see if the requested entry point requires auth
 *
 * @param  $entrypoint string name of the entrypoint
 * @return bool true if auth is required, false if not
 */
public function checkEntryPointRequiresAuth($entryPoint)
{
    $this->loadMapping('entry_point_registry');


    if (isset($this->entry_point_registry[$entryPoint]['auth'])
        && !$this->entry_point_registry[$entryPoint]['auth']
    ) {
        return false;
    }


    return true;

bf.ts90 · 8 February 2020 07:54

Hi @pgr,

I have interpreted this parameter: auth=false, in this sense: If I set auth=true, I must be logged into SuiteCRM before to access to the entry point, otherwise (auth=false) you can execute the entry point code always.
So, I set the parameter = false.
In the doc in this link create custom entry point
i found this phrase

In addition we supply an “auth” parameter. If “auth” is true then anyone accessing the entry point will need to be logged into SuiteCRM.

pgr · 8 February 2020 09:55

Ok, so the logic would be: let the entrypoint always run without auth, as far as SuiteCRM is concerned; you will provide the necessary restrictions yourself, in your code. So why isn’t it working?

You can try tracking the flow of the code from here:

github.com

salesagility/SuiteCRM/blob/master/include/MVC/SugarApplication.php#L100


    $this->default_module = $sugar_config['default_module'];
}
$module = $this->default_module;
if (!empty($_REQUEST['module'])) {
    $module = $_REQUEST['module'];
}
insert_charset_header();
$this->setupPrint();
$this->controller = ControllerFactory::getController($module);
// If the entry point is defined to not need auth, then don't authenticate.
if (empty($_REQUEST['entryPoint']) || $this->controller->checkEntryPointRequiresAuth($_REQUEST['entryPoint'])) {
    $this->loadUser();
    $this->ACLFilter();
    $this->preProcess();
    $this->controller->preProcess();
    $this->checkHTTPReferer();
}


SugarThemeRegistry::buildRegistry();
$this->loadLanguages();
$this->loadDisplaySettings();

This should take you to the crucial point where it starts to complain about something.

If you haven’t set up an IDE and XDEBUG… you really should. It will be tricky at first, but eventually your productivity will grow like x20!

bf.ts90 · 10 February 2020 07:45

Hi, all works good when I call the entry point using a new tab into the browser. It doesn’t work when I call the entry point from our application. The code is the same, and I don’t know why I have 2 different behaviors.

pgr · 10 February 2020 09:43

I think it’s because there are other checks for cross-site scripting that are reacting to your, well, benevolent cross-site scripting

That’s why I suggest you follow the code until it takes you to the place of the error…

bf.ts90 · 10 February 2020 11:31

Thank you so much for your kindly help.
I must modify apache2.conf configurations in particular
Access-Control-Allow-Credentials and Access-Control-Allow-Origin
and change a little bit che request made from out application.

B.

pgr · 10 February 2020 12:40

When you have that working, please share all the details here, for others facing this situation in the future. Thanks