Introduction
This article shows you can authenticate a user by login and password. It also shows you how to log off a current user.
Implementation
We start with creating an external script <X-Cart>/test.php with the following content:
<?php
// test.php
//X-Cart initializtion
require_once 'top.inc.php';
$login = 'bit-bucket@x-cart.com';
$password = 'master';
if ($_GET['mode'] == 'login') {
$profile = \XLite\Core\Auth::getInstance()->login($login, $password);
if ($profile !== \XLite\Core\Auth::RESULT_ACCESS_DENIED) {
echo 'You are logged in';
} else {
echo 'You could not be logged in. Check your login and password.';
}
} elseif ($_GET['mode'] == 'logoff') {
\XLite\Core\Auth::getInstance()->logoff();
echo 'You are logged off';
}
As you can see, this script can work in two modes: logging in – if ($_GET['mode'] == 'login') – and logging off – elseif ($_GET['mode'] == 'logoff').
When we pass mode=login in request, then we try to log a user in with $login and $password credentials. Logging in is as simple as calling one function:
$profile = \XLite\Core\Auth::getInstance()->login($login, $password);
If result equals to \XLite\Core\Auth::RESULT_ACCESS_DENIED constant, it means that we failed to log this user in and you need to make sure that a user with given login exists and the password is correct.
When we pass mode=logoff in request, we log off the current user and this operation is simple as well:
\XLite\Core\Auth::getInstance()->logoff();
Now, you can check this script in action:
- Adjust
$loginand$passwordvariables intest.phpscript to contain actual login/password of some user. - Open the script as
test.php?mode=logoffand then opencart.phpscript in a new tab. You should be logged off. - Open the script as
test.php?mode=loginand then reloadcart.phpscript in that new tab. You should be logged in now.