Appzio makes user authentication very simple by giving you everything out of the box, including integration with third party services such as Facebook and Instagram. The Mobile Login action provides you with all that functionality including logging out and resetting passwords.
This method is the main point of entry for the action. It’s responsible for two thing, setting up the login model and executing the correct controller method depending on the menu id.
This will create a loginmodel property available on the controller. This object represents the controller’s connection with the database and it is used to authenticate and store user data.
After the model initialization, the controller will execute a method depending on any saved variables or the menu id.
Called when the menu id is equal to do-regular-login. This happens when the user submits the regular login form using his email and password. In order to authenticate our user we validate if his credentials match.
$id_email = $this->getVariableId('email'); $id_password = $this->getVariableId('password'); $email = strtolower($this->getSubmitVariable($id_email)); $password = sha1(strtolower(trim($this->getSubmitVariable($id_password)))); $saved_email = strtolower($this->getSavedVariable('email')); $saved_password = strtolower($this->getSavedVariable('password'));
We get the submitted email and password using their variable id’s, then we get the email and password stored as variables for the user. Even when the user logs out we still store his id, so when we call the getSavedVariable method, it will take the values for the previously logged user. We check if the submitted values match those stored in the database and we authenticate the user.
Sometimes you may wish to logout and sign in with another account, therefore the stored credentials that are accessed with getSavedVariable won’t match the submitted ones. When this is the case, we use the doLogin() method on the loginmodel. It will attempt to authenticate the user and will return his ID.
If the authentication is successful we call the finishLogin() method on the controller.
This method is called upon finishing the user login. It closes the registration and login branches, sets the logged_in variable to true and then completes the action.