I have developed a custom PHP application. The application has its own very basic login and authentication built into (please see the [url removed, login to view] file attached to this project). My client asked me to integrate basic edition capabilities, and I achieved that using CouchCMS. The results are great, but now I want to integrate the security of both products using only the login process from my custom product. This is, after logging in succesfully to my custom app, I want also to create a CouchCMS session, in such a way that I can just add a link into my app that will lead to the CouchCMS edition, without to have to login again using separate credentials.
To achieve this, you will need to review the KAuth class that handles all authentication matters for CouchCMS. This class is located in the file 'couch/auth/[url removed, login to view]'. The global singleton KAUTH has a user object (KAUTH->user) that is always checked for granting access. This user object is created in the constructor of KAuth by checking for a cookie (_authenticate_cookie() that was originally created at login (using set_cookie() method of KAuth).
So the cookie is the central entity in Couch authentication.
For my site, what we can do is create this cookie in your code at the point where you login the user. Similarly, at the point where you logoff the user by invalidating session, destroy the cookie as well.
Assume that we will one common admin level account for all users in Couch. Use this account name in creating the cookie above.
I have some additional requirements that you must comply:
* I will NOT accept any changes on the CouchCMS source code. You can include the libraries that you need to make the authentication, but you MUST leave the CouchCMS code alone. This is because I don't want to go out of sync with the CouchCMS source code, since future updates might break any custom code. So the deliverable I am expecting is the file [url removed, login to view] I am providing here with the code you created to complete my requirement.
* My preference is that you work on your computer locally. You can download CouchCMS yourself, get the [url removed, login to view] page I am attaching to the project, and simulate at your end the single sign on. However, if you give me a reasonable explanation, I can provide a testing site in my server for you to work on.
* On your bid, I need you to include the URL of the official CouchCMS page. This is to make sure that you read the WHOLE project description. Just Google CouchCMS and the very first result will give you the URL. If you fail to open your bid with this URL, your bid will be rejected.
* Please explain how do you intend to solve this project. I don't need a very detailed explanation, a few words will do. But please do NOT send me one of those premade copied and pasted proposals that you sent to everybody and their dogs here in freelancer. Generic proposals will be ignored (even if you include the URL I asked in the previous point).
* Please send me any questions you may have if you need further information for your bid.
Thank you for your time, happy bidding!