WebHare community

Master password for wh-wrdauth__loginform forms

Since the master password functionality is removed from WRD, what would the best way to create the same functionality when using a default wh-wrdauth__loginform form?

A solution would probably be to set a master password in a library, compare the entered password and if it’s the same, just login as the user… but how can I hook into the login process server side in such a form?

Look at https://www.webhare.dev/reference/wrdauth/symbol/wrdauthsupportbase/verifypassword - that could test against a hardcoded string or eg a registry key

Hmm okay, but how do I hook (code) into the login process, if it’s handled by WebHare due to using wh-wrdauth__loginform (since I have no whlib code handling the login at the moment)?

You set up a supportobject that <wrdauth> points to. It doesn’t matter how you trigger the login then. https://www.webhare.dev/reference/wrdauth/setup

Thanks, works!

For reference, this is what I did:

<?wh

LOADLIB "mod::system/lib/configure.whlib";

LOADLIB "mod::wrd/lib/auth.whlib";


PUBLIC OBJECTTYPE Login EXTEND WRDAuthSupportBase
<
  UPDATE PUBLIC INTEGER FUNCTION VerifyPassword(OBJECT userentity, STRING password)
  {
    IF (password = ReadRegistryKey("xxxxxxx.xxxxx.xxxxxx"))
    {
      INTEGER userid := this->LookupLogin(userentity->GetField("EMAIL"));
      IF (userid != 0)
        RETURN 1;
    }

    RETURN WRDAuthSupportBase::VerifyPassword(userentity, password);
  }
>;

In siteprl:

    <wrdauth ... supportobjectname="lib/internal/login.whlib#Login" />