Team Planer allows to implement custom authentication providers which are used for logging into the application frontend.

By default the authentication is disabled ("DefaultAuthUser" provider).

You can write your own authentication provider which, for example, can then be used to retrieve the permissions from LDAP or similar.

Getting started

An authentication provider is a simple class in PHP implementing the iUserAuth interface.

The class has to implement the following methods:

• public function checkAuth()
• public function forceAuth()
• public function logout()
• public function checkPermissions()
• public function getUsername()

See the section Methods for more details.

An authentication provider is an extension which has to be placed into the extensions folder.

See the Extensions wiki page for more information about extensions.

After that define the class path in your config.json (config value userAuth).

Methods

checkAuth

This method is called to check whether the user is logged in.

The method should not redirect the user to another location.

If the user is logged in the method should return true, otherwise the method should return false.

forceAuth

This method is called once the user should be redirected to a login page or similar.

This method does not have to return a value.

logout

Called once the user clicks the logout button.

You may redirect the user to another location.

This method does not have to return a value.

checkPermissions

Called to check whether the currently logged in user has the required permissions.

This method should return true if the user is allowed to access the application, otherwise it should return false.

getUsername

This method should return the name of the logged in user.

The username should be the same as defined in the users table in the database.