Authentication in blaze

blaze's authentication component is primarily made to handle the backend authentication. You can also use it to provide an easily branded frontend login for pages you want to protect.

Usage is super easy. The authentication component is available like this:

    $blaze->auth

In order to protect a frontend page with a login, just setup at least one guest user in the security section of the backend. Call the following function somewhere in the sourcecode of the page you want to protect:

    $blaze->auth->requireLogin();

This feature relies on the configuration option 'public access'. If public access is deactivated, also guests won't be able to login to your site.

Any visitor who is not logged in as a user with the role 'guest' will be redirected to a branded login page.

If you do want to require one specific username/password combination, just provide the username you want to request as an attribute to the function. Like this:

    $blaze->auth->requireLogin('requestedusername');

Old browser compatibility

blaze's login view is not compatible with older versions of Internet Explorer. All users of Internet Explorer lower than version 9 will not be redirected to the login view, but they will see a Digest login panel.

Output caching

Please be aware that static output caching will prevent the login component from working properly. So you will have to disable static output caching for the page you want to protect if you do use static output caching. See the usage example below and read the output caching documentation.

Usage example

This is an example of how to use the function:

    <?php
        $blaze->output->disableCaching(); // Only needed if you do use static output caching.
        $blaze->auth->requireLogin();
    ?>
    <html>
        <head>
            // Head elements here
        </head>
        <body>
            Protected body text.
        </body>
    </html>

This page will not be loaded if the page visitor is not logged in as a guest user (or above).