Warning

This document hasn't been checked for compatibility with current versions of Plone. Use at your own risk.

Provide optional auto-login

by Tim Morgan last modified Dec 21, 2012 05:34 AM
Let your users choose whether or not to be logged in automatically on each visit unless they explicitly log out.

Plone provides the facility to automatically login returning users: it can be enabled by setting portal_properties/site_properties/auth_cookie_length to a value larger than zero. Technically, this just sets an expiration date on the login cookie X number of days in the future. When set to zero, the login cookie expires when the browser is closed.

But setting this auth_cookie_length to a value greater than zero may also cause unwanted security issues. Most obvious is the fact that users logging in from public locations may forget to log out, thus giving free access to others who use the same computer.

My solution is to hijack the exising "remember my name" feature and use it as a "remember me" option. This gives the user the ability to not use auto-login. To make this happen, we must customize and edit three files:

  • portal_skins/plone_scripts/setAuthCookie
  • portal_skins/plone_forms/login_form
  • portal_skins/plone_portlets/portlet_login

setAuthCookie

Customize setAuthCookie and add the following lines right after the except ValueError: length = 0 line:

    remember_me = int( container.REQUEST.get( "__ac_persistent", 0 ) )
    if not remember_me:
        length = 0

login_form

Customize login_form and change the text Remember my name to Remember me. You will also want to change the help text nearby.

portlet_login

Customize portlet_login. After the label tag containing for="ac_password" add the following lines (make sure you add this after the closing label tag):

    <br />
    <label for="cb_remember">
      <input type="checkbox" id="cb_remember" name="__ac_persistent" value="1" class="noborder"
        tal:attributes="tabindex tabindex/next;"/>
        <strong i18n:translate="label_password">Remember Me</strong>
    </label>

Change auth_cookie_length

Now all you have to do is change the portal_properties/site_properties/auth_cookie_length property to a value greater than zero. 100 or 1000 should be plenty.

Notes

If you want the checkbox to be checked by default, add checked="checked" to the input tag in login_form and portlet_login Get cash via sms apply @ www.textaloan.org.uk

Filed under:

Contribute

Something wrong or out of date? Anybody can edit or create a new article in the knowledge base. Simply create an account on this site, log in, and click the Edit button to contribute.