auth::require_login (public)

 auth::require_login [ -level level ] \
    [ -account_status account_status ]

Defined in packages/acs-authentication/tcl/authentication-procs.tcl

If the current session is not authenticated, redirect to the login page, and aborts the current page script. Otherwise, returns the user_id of the user logged in. Use this in a page script to ensure that only registered and authenticated users can execute the page, for example for posting to a forum.

Switches:
-level (defaults to "ok") (optional)
-account_status (defaults to "ok") (optional)
Returns:
user_id of user, if the user is logged in. Otherwise will issue a returnredirect and abort the current page.

See Also:
Source code:
    set user_id [auth::get_user_id  -level $level  -account_status $account_status]

    if { $user_id != 0 } {
        # user is in fact logged in, return user_id
        return $user_id
    }

    set message {}
    if {[ad_conn auth_level] eq "expired"} {
        set message [_ acs-subsite.lt_Your_login_has_expire]
    }

    set return_url [ad_get_login_url -return]

    # Long URLs (slightly above 4000 bytes) can kill aolserver-4.0.10, causing
    # a restart. They lead to empty Browser-windows with AOLserver 4.5 (but no
    # crash so far). May browsers have length limitations for URLs. E.g.
    # 2083 is the documented maximal length of MSIE.
    #
    # Long URLs will be generated e.g. when
    #   a) a user edits a form with text entries
    #   b) before submitting the form logs out of OpenACS from a different browser window
    #   c) submits the form.
    # When submitting needs authentication, OpenACS generates the redirect to
    # /register with the form-data coded into the URL to continue there.....

    # set user_agent [string tolower [ns_set get [ns_conn headers] User-Agent]]
    # ns_log notice "URL have url, len=[string length $return_url] $user_agent"

    if {[string length $return_url] > 2083} {
        set message "Your login expired and the computed URL for automated continuation is too long. "
        append message "If you were editing a from, please use the back button after logging in and resubmit the form."
        set return_url [ad_get_login_url]
    }

    # The -return switch causes the URL to return to the current page
    ad_returnredirect -message $message -- $return_url
    ad_script_abort
Generic XQL file:
packages/acs-authentication/tcl/authentication-procs.xql

PostgreSQL XQL file:
packages/acs-authentication/tcl/authentication-procs-postgresql.xql

Oracle XQL file:
packages/acs-authentication/tcl/authentication-procs-oracle.xql

[ hide source ] | [ make this the default ]
Show another procedure: