My plan as of the moment is:
- Have link on an outside-site that leads to my kirby-site; so it would be outside-site->login authentication by outside-site->profile page on kirby-site that authenticated user can edit.
- user can use the panel to edit their page and save so the profile page is updated
I have an authentication helper for the .htaccess file.
My understanding is that to access my kirby-site I will put the .htaccess bit in and anyone who tries to go to the link will needs to login. All good.
The link I would like the user to be taken to is the username from the .htacess authentication. So, mine would be fatmushroom on the outside-site and on my kirby-site, and I would be able to edit the profile/fatmushroom page only. I assume I would create a user when the page loads using https://getkirby.com/docs/reference/api/users/create
Do I use the https://getkirby.com/docs/guide/api/authentication for getting the username from the .htaccess authentication? Then once the user is created I can have them auto login-in using https://getkirby.com/docs/reference/api/auth/login?
Does this sound about right?
What is the use case for the “outside site”?
1 Like
The outside-side is a main DB/web interface for the academic department I work for. I want to use kirby to create a way for the students to request one of their exams that the department doesn’t want to build into the main system.
So the student logs into the outside-site with their credentials and in their myoutside-site there would be a “request exam” link. That request exam link takes them to my site, as mentioned in the original post.
Is that the info you are looking for? I am never sure how much background to give.
edit: I don’t need kirby to give any information /back/ to the outside-site, as I am pretty sure the support people would have a cow at that idea. The site just helps me keep my own bits of info for students to use, like an up-to-date listing of the faculty (emails and names, that I import to kirby with a cvs) so the students can select which faculty members will be on their exam committee and and what not. I’ll also use the info the students put into kirby to make like-“powerpoint slides” of the student exam info for the quarterly faculty meeting.
Inspect what $_SERVER gives you on the outside site, there should be something like $_SERVER['REMOTE_USER'] or so that contains the username the user logged in with. You could then pass this username as a parameter in your link.
This link could lead to a route and inside the route you could create the new user. Still, the question is how would the user log in to the Kirby site after they are created?
1 Like
I will read up on $_SERVER. Thanks!
My thought about the Kirby user is, it would be created as soon as the student is authenticated, and then I’d just have them reauthenticate to have access to the user permission. That seems like I can bypass the Kirby login all together, and still benefit from the panel editing capabilities.
Thinking about your questions…I am now wondering if I could just let authenticated users edit pages via the panel? I also learned how to import csv into kirby for virtual pages, so if a student is taken to their page, clicks an “edit” button, authenticates with my Shibboleth and their username matches the field of the student, then they can use the panel and save their answers?
I don’t really understand what you mean. A single password for everyone? Or a single sign-on solution?
reading what single sign-on is, I believe that is what I am referring to.