ewiki

Everything into auth_perm

As seen above the ["auth_perm"], ["auth_query"] and ["auth_userdb"]
chains do not need to get implemented completely by your plugin;
everything could be put altogether into just ["auth_perm"], as it is in
fact itself responsible for retrieving the username and printing a login
<form> when required.  If you don't have a separate login page you may
then need to handle even password comparison herin.

And as stated earlier it is the best option to use ["auth_perm"] for
full customization of access granting, because it completely replaces
the code of ewiki_auth().
Because authentication frameworks like phplib intermix <html> output,
session management, database queries, password checking and permission
granting into a single API, writing a ["auth_perm"] plugin is often also
the only possible way to combine them with ewiki.
Not separating ["auth_perm"] and ["auth_query"] only may have the
disadvantage, that the login <form> could appear more often than
necessary. And you should therefore let users login before they browse
through the Wiki, because phplib and alike are not very $_REQUEST safe.
prev << "Everything into auth_perm"
next >> "Old notes"


You cannot modify the ProtectedMode file, but anyhow any ideas or suggestion should as usually get filed on BugReports, UserSuggestions or even better the ProtectedMode.Discussion.