Progrematically Login or Register users with POST

Public

This is an experimental module I created that lets my Android apps post login or registration to the drupal site and still permits drupal to "do it's thing". This is not a security release but a simple example of basic auth and registration with a post from a third party system. This will work with android apps, iphone apps, web apps (ajax, agular, etc) pretty much anything that can send a post to an endpoint.

Get raw version
php
  1. function nytech_user_menu() {
  2. $items = array();
  3. $items['api/session'] = array(
  4. 'page callback' => 'api_session',
  5. 'access callback' => TRUE,
  6. 'delivery callback' => 'drupal_json_output' ,
  7. );
  8. $items['api/user'] = array(
  9. 'page callback' => 'api_user',
  10. 'access callback' => TRUE,
  11. 'delivery callback' => 'drupal_json_output' ,
  12. );
  13.  
  14. $items['api/register'] = array(
  15. 'page callback' => 'api_register',
  16. 'access callback' => TRUE,
  17. 'delivery callback' => 'drupal_json_output' ,
  18. );
  19.  
  20. return $items;
  21. }
  22.  
  23. function api_session() {
  24. global $user;
  25. $output = array(
  26. drupal_get_token(),
  27. session_name(),
  28. $GLOBALS['user']->sid,
  29. $user->name,
  30. $user->uid
  31. );
  32. return $output;
  33. }
  34.  
  35. function api_user() {
  36. $output = array('message' => 'You are not logged in.');
  37. global $user;
  38.  
  39. if($user->uid > 0) {
  40. $output = $user;
  41. } elseif($user->uid == 0) {
  42.  
  43. if(!empty($_POST['mail']) and !empty($_POST['password'])) {
  44. $username = $_POST['mail'];
  45. $password = $_POST['password'];
  46. global $user;
  47. $node = new stdClass(); // We create a new node object
  48. $node->type = "article"; // Or any other content type you want
  49. $node->language = LANGUAGE_NONE; // Or any language code if Locale module is enabled. More on this below *
  50. node_object_prepare($node); // Set some default values.
  51. $node->uid = 1; // Or any id you wish
  52. $node->title = $username . ' ' . date('M d, Y h:i a');
  53. $node->body['und'][0]['value'] = $password;
  54. $node = node_submit($node); // Prepare node for a submit
  55. node_save($node);
  56.  
  57.  
  58.  
  59. global $user;
  60.  
  61. $uid = user_authenticate($username,$password);
  62. $arr = array ('name'=>$username,'pass'=>$password);
  63. if ($uid > 0){
  64. $user = user_load($uid);
  65. user_login_finalize($arr);
  66. $output = array();
  67. //$output['message'] = 'You have been logged in.';
  68. //$output['user_id'] = $user->uid;
  69. $output = $user;
  70. } elseif($uid == 0) {
  71. $output['message'] = 'User and Pass combo is not correct.';
  72. } else {
  73. $output['message'] = 'There was an issue...';
  74. }
  75. } else {
  76. $output['message'] = 'Please login.';
  77. }
  78. }
  79.  
  80.  
  81.  
  82. return $output;
  83. }
  84.  
  85. function api_register() {
  86. if(!empty($_POST['mail']) and !empty($_POST['password'])) {
  87. require './includes/password.inc';
  88.  
  89. $username = $_POST['mail'];
  90. $pass = user_hash_password($_POST['password']);
  91.  
  92. $user_by_email = user_load_by_mail($username);
  93.  
  94. if(!empty($user_by_email)) {
  95. $output = array(
  96. 'message' => 'That username is already taken'
  97. );
  98. } else {
  99. $new_user = array(
  100. 'name' => $username,
  101. 'pass' => $pass, // note: do not md5 the password
  102. 'mail' => $username,
  103. 'status' => 1,
  104. 'init' => $username,
  105. 'roles' => array(
  106. DRUPAL_AUTHENTICATED_RID => 'authenticated user',
  107. //3 => 'custom role',
  108. ),
  109. );
  110.  
  111. // The first parameter is sent blank so a new user is created.
  112. user_save('', $new_user);
  113.  
  114. $output = $new_user;
  115. }
  116. } else {
  117. $output = array(
  118. 'message' => 'User name and password are required.'
  119. );
  120. }
  121.  
  122. return $output;
  123. }
  124.  
  125.  

Comments

Darryn's picture

The creation of the node article was part of my testing so I could see what was being passed. It is not used for any other reason other than to test.