Login from external site

Hello there,

as title says, i need to log in elgg from an external site and i need to use this external site's login form.

I got webservices working for other purposes but using webservices for login don't work since it uses Sessions which is logical. am i right?

I'm already using webservices to register the user into elgg when he registers into my external site, so he uses same credentials for both sites and register only once.

Then, i'd like to make a plugin exposing a function just like webservices would, to login using the same credentials as my external site's login. Something like 'function login($username, $password, $persistent)' that i could put into the action file following the external site's login form.

Can i do that using AJAX? and how ? maybe there's another way?

If this project is a success i'll publish the plugin asap.

Anyway, i love this community, i got so much done from all the brainstorming happening here. Thank you.

  • //set POST variables
    $fields = array(
        'firstname' => 'Joe',
        'lastname' => 'Smith'
    //urlify the data for the POST
    $fieldsString = join('&', array_map('urlencode', $fields);
    //open connection
    $ch = curl_init();
    //set the url, number of POST vars, POST data
    curl_setopt($ch,CURLOPT_URL, 'http://somewebsite.com');
    curl_setopt($ch,CURLOPT_POST, count($fields));
    curl_setopt($ch,CURLOPT_POSTFIELDS, $fieldsString);
    //execute post
    $result = curl_exec($ch);
    //close connection
    // view the results
    echo $result;

    QuickBooks Hosting Provider
  • Thanks for the reply but that's pretty much the client's code i use for webservices.

    But as i said, it doesn't work for login.

    Or maybe i'm wrong ?

  • you can do it using:


                     array("uname" => array('type' => 'string',
                                              'required' => true),
                            "pass" => array('type' => 'string',
                                              'required' => true)),
                     'log a user in',

    function login_user_rest($username, $password) {
    if (true === elgg_authenticate($username, $password)) {
    $user =  get_user_by_username($username);
    return "user logged in!!";
    }else {return 'error';}

  • Ok, i'm very close to succeed with a similar piece of code.

    Yes IT WORKS but only if i actually go directly to the page "mysite/service/api/rest/xml/?method=site.login ..." using my webbrowser.

    BUT if i call this same method using my curl client it doesn't work. It logs 'success' for every login step but im not logged in. I'm pretty sure it's because elgg stores $SESSION tokens to keep the user logged. How could i modify my curl client so it works this way?

  • Maybe this plugin is helpful: http://community.elgg.org/plugins/1504035/0.1/embedded-login. I've not tried it myself yet, but the description made me think it might be of interest for you.

  • I've already checked the code of this plugin but it doesn't help. It just loads the login form from elgg with javascript. I don't want a new login form, i have to use my external site's form.

  • Is there a way to fully open (i mean loading $SESSION tokens, cookies and stuff) a web page and then close it without the user being aware of this process?

  • Tell cURL to follow redirects, that might fix your first problem.

    Not sure what you mean with fully opening a page? What are you trying to do anyway? Explain how your two web services interact with each other.

  • Hello everyone.

    I think I am in a similar situation.
    (My English is very rough it can not be the case.)

    I've developed the extranet in eZ Publish. And I must now create the site under Elgg Community.

    All my users are already stored in eZ Publish. My site Elgg must use existing accounts seamlessly.

  • @ Ismayil It didn't fix it. I don't have 2 webservices, only the elgg one.
     Every user is in both elgg database and external site's database. What i'm tryng to do is to make the user logged in elgg when he is logged in my external site. I exposed a login function (pretty much the content of the login elgg action) but this function only work if i actually go to this function's URL using my browser. It does'nt work with my webservice Curl CLIENT. It's because elgg's login process is using $SESSIONs which can't be loaded with curl.

    That's why i need a client-side solution (javascript / iframe / anything) to open my login function's URL in background without the user being aware of all this process.

    At the moment i'm using hidden iframes and it works, but ideally i'd prefer using javascript or something else, cause i'd like to put this code into the action file following the login form of my external site.


Beginning Developers

Beginning Developers

This space is for newcomers, who wish to build a new plugin or to customize an existing one to their liking