After login hook to lock user from accessing members area?

Discussion in 'Customization & add-ons' started by anybody99, Jul 28, 2015.

  1. anybody99

    anybody99 New Member

    Joined:
    Oct 27, 2010
    Messages:
    21
    I am building the following setup after my previous setup wasn't working, after paying $100 to amember for custom mod that isn't working correctly:

    User pays paypal (paypal in front of amember) > ipn post back > amember creates password, username is empty, emails are used for login.
    > email sent to client with email + password for login.

    user redirected back to site from paypal payment > auto login working fine > username redirected to edit page.

    Few problems:
    1. I need the hook that is being used when user wants to view members area, is there one?
    I need to block the user from accessing members area if conditions are not met.

    Not sure i can use the redirect hook.

    2. the conditions are that the user must change the generated password he was given to one of his own, i can test this against the db i suppose. If this is possible, the user doesn't have to know he has a password since after payment user is auto logged in. In this setup, after auto-login there will be presented to him copy of the edit form, and if new password is entered he can continue. he will also be able to edit his other info.

    3. usernames, what is the best method out there to handle this, is it keeping empty usernames, inserting ids as usernames, or email addresses as usernames? I wont be needing usernames and don't want the generated usernames trashing the database. Will use only emails for login.

    Thanks.
    Last edited: Jul 28, 2015
  2. thehpmc

    thehpmc Member

    Joined:
    Aug 24, 2006
    Messages:
    901
    Why use a hook? There is a direct link.
    They will need to know original password for example something goes wrong and they loose their connection to Internet for example. Without it they couldn't re-access site without assistance.

    One way to achieve what you are aiming for is to have script in 'site.php' file that hides all the tabs in the members area if the password hasn't been changed and add your own custom tab asking for passwords to be changed to one of their choosing.


    Why is it important to change their password immediately? If you are wanting regular, automatic, changes of passwords there is available a plugin that will do just that.
  3. alexander

    alexander Administrator Staff Member

    Joined:
    Jan 8, 2003
    Messages:
    6,279
    Robert,
    As I remember, I told you about possible issues three years ago when mod was implemented? ;) The problem is not in mod itself, but in the way how you want to handle signup.

    No there is no such hook. You can add hook which will be executed on login, or even when user access any amember's page, but this will not work for protected area. When user access folder which is protected by new-rewrite, amember code is not even executed. (It is executed on login only, but user will be logged in already if you are using auto login).



    To simplify such process you can change Return URL in your paypal account and set user to be redirected to profile page.
    Also we have a plugin which ask user to change password each X days. That plugin can be modified so user will be asked to change password on first login.


    If you to set user's login to email address you can use this simple code in site.php:
    PHP:
    Am_Di::getInstance()->hook->add(Am_Event::GENERATE_LOGIN, function(Am_Event $e){
        
    $user $e->getUser();
        
    $e->setReturn($user->email);
        
    });
    Code requireslatest version on aMember.
  4. anybody99

    anybody99 New Member

    Joined:
    Oct 27, 2010
    Messages:
    21
    Are you sure there's a Am_Event::GENERATE_LOGIN hook? can't find it
  5. caesar

    caesar aMember Pro Developer Staff Member

    Joined:
    Oct 16, 2009
    Messages:
    2,295
    Yes, amember has such hook in latest version.

Share This Page