Download the PHP package dpc-sdp/tide_authenticated_content without Composer
On this page you can find all versions of the php package dpc-sdp/tide_authenticated_content. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Download dpc-sdp/tide_authenticated_content
More information about dpc-sdp/tide_authenticated_content
Files in dpc-sdp/tide_authenticated_content
Package tide_authenticated_content
Short Description Allows content administrators to protect pages and sections with user authentication
License GPL-2.0-or-later
Informations about the package tide_authenticated_content
tide_authenticated_content
Authenticated Content feature for Tide distribution.
- Exposes New Custom API Endpoints for register, login, reset and forgot password.
- Adds "site" field to user to present the correct Front end login/reset URLs.
- Adds a module configurations option to set Backend users.
- Updates activation and reset password emails with the Frontend URLs of the users site.
- Adds a "user_authentication_block" paragraph that presents a login form on the Frontend which directs users to the selected page.
- Adds a "Restricted Content" term vocabulary used as groups for protecting content.
Register
- Accepts standard user fields, name, email, password + customer fields "field_"...
- Frontend users are assigned the site they register on.
- Site configuration must be set to "guest" or "guest with admin approval" registrations, otherwise requests will be rejected.
Configuration
Drupal Config
Enable Authenticated Content Field on Landing Page
/admin/structure/types/manage/landing_page/form-display
- Drag up "Authenticated Content" to enable
Add Authenticated Content Login Paragraph to Landing Page
admin/structure/types/manage/landing_page/fields/node.landing_page.field_landing_page_component
- Enable "Authenticated Content"
Create and install private key
paste key here: /admin/config/system/keys/add
Set key for JWT Issuer
/admin/config/system/jwt
- Algorithm: RSASSA-PKCS1-v1_5 using SHA-256 (RS256)
- Key:
Configuration Options
The following config options exist and can be exported for your site: backend_user_roles is a list of Drupal Roles that are considered "Backend" roles. Users who use the password reset feature who are not in one of these roles will have the URL in their reset email switched to the Front End url defined on the site defined in the tide_site module for the current Drupal installation.
backend_user_roles:
- "administrator"
- "editor"
- "approver"
auto_apply_user_roles is similar to backend_user_roles. Roles defined in this list will be automatically assigned to new users registered via the API.
auto_apply_user_roles:
- "member"
default_site_id is the default site ID to use if no other site is defined against individual users. This works together with backend_user_roles to define the Front End url to use on the outgoing password reset email.
default_site_id: 1
block_be_user_registration is a boolean. If it's set to 1, the ability for users to register via the Drupal interface will be blocked. This is to allow the site Drupal settings to be set to Allow user registrations via the API, whilst blocking registration for the CMS.
block_be_user_registration: 1
protect_jsonapi_user_route is a boolean. Usees the jsonapi_user_route value to protect specific json api routes.
protect_jsonapi_user_route: 1
jsonapi_user_route is an array of strings. Add the routes that you need to
protect, eg /api/v1/user/user
route will be protected from external access.
jsonapi_user_route:
- "/api/v1/user/user"
Usage - Content Admin
Add Term
/admin/structure/taxonomy/manage/authenticated_content/add
- Set Name
- Set permissions
Add Authenticated Content
/node/add/landing_page
- Title: ...
- Protect Content: < name of term above >
Publish Page
Add Authenticated Content - Login Page
/node/add/landing_page
- Title: ...
- Protect Content: Leave Blank (leave it open to public)
- Body
- Add Authenticated Content
- Set Next Page: < Authenticated Content Page Title >
Publish Page
Usage (API Authentication)
Register
POST: /api/v1/user/register
Success status 200
Failed status 400
Error status 500 HTML/Text Error
Login Request
POST /api/v1/user/login?_format=json
Status Code: 200
Failed Status: 400
Password Reset (Request)
POST: /api/v1/user/request_reset
OR
Success: 200
Failed: 400
Password Reset
POST: /api/v1/user/reset_password
Success: 200
Failed: 400
TODOs
- TODO: implement flood control
- TODO: respect site config for allowing user registrations
- TODO: Replace hard-coded link expiry
- TODO: remove @skipped once the module is extracted to its own repo.
- TODO: Replace hard-corded alpha.vic.gov.au domain with users site
- TODO: Only replace url for frontend users
- TODO: Replace backend login link (http://content-vicgovau.docker.amazee.io/user) with the frontend-link the user registered on (eg a custom landing page)
All versions of tide_authenticated_content with dependencies
dpc-sdp/tide_event Version ^4.0.0
dpc-sdp/tide_landing_page Version ^4.0.0
dpc-sdp/tide_media Version ^4.0.0
dpc-sdp/tide_site Version ^4.0.0
drupal/jsonapi_extras Version ^3.8
drupal/jwt Version ^1.0
drupal/permissions_by_term Version ^3.1