Sharing session with an external php application

Hi, I'm almost new to Elgg, and I don't know which is the best way to solve the following. I want to have an external php application associated to Elgg. What I want from this is that if you log in on Elgg, you are logged in in App2. I mean, use the users of Elgg for both applications. App2 just need the users to get their names and photos, and to authenticate them, basically.

I now I can use the api for bringing information from Elgg to App2, but can I share elgg users too? If I could have access to Elgg Session from App2 that would be really easy, but I don't know if it's possible and recommendable to to that. I know LDAP/CAS, but that's more sophisticated than what I'm looking for.

Also, ¿can I put an Elgg login form, register form and recovery password in App2? How do I set the tokens, having in mind that we are talking of App2.

Hope someone can help me with this. Thank you very much

  • Just include engine.php in your script, the API should be available after that. Use gatekeeper() to check for auth etc. You can also use a combination of authenticate() and login() from your App2 form should you want to avoid using Elgg's login.php action.

  • I'm going to try that, thank you very much.

  • I suppose that you want to use ELgg as the primary Auth/SocNet Controller
    and your "App2" then becomes the subordinate to Elgg's features/functions ?

     

  • That's true. I want to use Elgg users to avoid creating another one for App2. Also, I only want users in App2 to display their name and a link to the profile, if they are logged in to Elgg/App2, and maybe to know if an user is an administrator of Elgg (cause that means it is App2 administrator too).

    The problem I see with the requiring engine.php solution, I couldn't test it yet, is that maybe I have the problem that I find myself with two different sessions, and maybe I'm authenticated in Elgg and not in App2 and viceversa.

  • I've tried, requiring engine.php and doing an authenticate and login in App2, unfortunately it seems that it doesn't log me on elgg

  • I've changed persistent to true and now it logs me on Elgg.

  • Still have problems with this. So using authenticate and login on App2, logs me in successfully on Elgg, but it's like there are two different seasons. If I logout on elgg, checking session on App2 still has the "user" key, the user is logged in. I checked and [__elgg_session] key is different in App2 and in Elgg. Any advice? Thank you very much

  • By default, Elgg uses PHP sessions which are cookie based. See engine/lib/sessions.php for details on how that works.

    Elgg also supports cookie-based login but only one cookie at a time (meaning you cannot log in to Elgg from two different browsers with the cookie-login - also called remember me).

    What you may want to do is create a plugin for Elgg and one for App2 that use the same cookie and require that cookie for log in to either site.

  • Thank you Cash, that's a good idea. Anyhow, my last commentary wasn't correct. It seem I came to that conclussion with two different sessions already created. Thing is that destroying all sessions and starting again, both applications seems to share session. So, I login in one of them and I'm logged in to both, and viceversa. Also, I have access to Elgg functions on App2, as I'm requiring engine.php To this point, though I have to test it more, the problem seems solved. Maybe "remember me" is not working, I don't know. If after trying I have more problems, I will try your plugin option. Thanks to everyone.

  • @Sam did you find the way to create an external site that share elgg users? I need to do this because I want users to have some kind of external little profile to be able to use this content in other sites using iframes, like ID cards.

    It'd be very aprecieted if you can help me do this, I'm new to Elgg world and PHP, so I don't know how to do all these things of include engine.php and such.