auth::require_login (public)

 auth::require_login [ -level level ] \
    [ -account_status account_status ]

Defined in packages/acs-authentication/tcl/authentication-procs.tcl

If the current session is not authenticated, redirect to the login page, and aborts the current page script. Otherwise, returns the user_id of the user logged in. Use this in a page script to ensure that only registered and authenticated users can execute the page, for example for posting to a forum.

(defaults to "ok") (optional)
(defaults to "ok") (optional)
user_id of user, if the user is logged in. Otherwise will issue a returnredirect and abort the current page.
See Also:

Partial Call Graph (max 5 caller/called nodes):
%3 test_link_tests link_tests (test xowiki) auth::require_login auth::require_login test_link_tests->auth::require_login test_package_normalize_path package_normalize_path (test xowiki) test_package_normalize_path->auth::require_login test_path_resolve path_resolve (test xowiki) test_path_resolve->auth::require_login test_slot_interactions slot_interactions (test xowiki) test_slot_interactions->auth::require_login test_xowiki_test_cases xowiki_test_cases (test xowiki) test_xowiki_test_cases->auth::require_login _ _ (public) auth::require_login->_ ad_conn ad_conn (public) auth::require_login->ad_conn ad_get_login_url ad_get_login_url (public) auth::require_login->ad_get_login_url ad_returnredirect ad_returnredirect (public) auth::require_login->ad_returnredirect ad_script_abort ad_script_abort (public) auth::require_login->ad_script_abort Class ::Generic::Form Class ::Generic::Form (public) Class ::Generic::Form->auth::require_login ad_restrict_entire_server_to_registered_users ad_restrict_entire_server_to_registered_users (public) ad_restrict_entire_server_to_registered_users->auth::require_login auth::self_registration auth::self_registration (public) auth::self_registration->auth::require_login ds_require_permission ds_require_permission (private) ds_require_permission->auth::require_login notification::security::require_admin_request notification::security::require_admin_request (public) notification::security::require_admin_request->auth::require_login

package_normalize_path, xowiki_test_cases, link_tests, slot_interactions, path_resolve
Source code:
    set user_id [auth::get_user_id  -level $level  -account_status $account_status]

    if { $user_id != 0 } {
        # The user is in fact logged in, return her user_id.
        return $user_id

    set message ""
    if {[ad_conn auth_level] eq "expired"} {
        # The login has expired. 
        set message [_ acs-subsite.lt_Your_login_has_expire]
        # If the login was issued from an external_registry, use this
        # as well for refreshing.
        set external_registry [sec_login_get_external_registry]
    } else {
        set external_registry ""
    # The -return switch causes the URL to return to the current page.
    set return_url [ad_get_login_url -return -external_registry $external_registry]

    # Long URLs (slightly above 4000 bytes) can kill aolserver-4.0.10, causing
    # a restart. They lead to empty Browser-windows with AOLserver 4.5 (but no
    # crash so far). May browsers have length limitations for URLs. E.g.
    # 2083 is the documented maximal length of MSIE.
    # Long URLs will be generated e.g. when
    #   a) a user edits a form with text entries
    #   b) before submitting the form logs out of OpenACS from a different browser window
    #   c) submits the form.
    # When submitting needs authentication, OpenACS generates the redirect to
    # /register with the form-data coded into the URL to continue there.....

    # set user_agent [string tolower [ns_set iget [ns_conn headers] User-Agent]]
    # ns_log notice "URL have url, len=[string length $return_url] $user_agent"

    if {[string length $return_url] > 2083} {
        set message "[_ acs-authentication.Login_expired_url_too_long]"
        append message "[_ acs-authentication.Editing_form_text]"
        set return_url [ad_get_login_url]

    ad_returnredirect -message $message -- $return_url
Generic XQL file:

PostgreSQL XQL file:

Oracle XQL file:

[ hide source ] | [ make this the default ]
Show another procedure: