- Login user automatically with user's blazerid
- Authenticate user with blazerid
- Creat account for a first time user
- Logout and login as a different user
In index.php check if $_SERVER['REMOTE_USER'] has been set (which means pubcookie authentication is enabled) and $_USER['uid'] hasn't been set (which means user hasn't logged in). If that is the case, redirect to users.php by setting a Refresh header. I have also tried the Location header, which always leads to a pubcookie error page saying the user has already loged in.
In order to prevent user from seeing the blinking effect of redirecting, the php processing is terminated with exit() after setting the header.
In addition, geeklog will also redirect to users.php when a user try to access a proteced web page directly. So the user can bookmark any page and go back after passing webiso authentication.
After being redirected to users.php, the login process of geeklog starts. If no login name has been provided (this is the case when redirected from index.php), the login name will be set to the REMOTE_USER. When the login name is the same as REMOTE_USER, the password verfication is skipped. So if no login name has been provided or login name is the same as blazerid, the user will be loged in without checking password.
An account can be created for a first time user automatically. The geeklog required both the login name and email address to be unique, so a faked email addres $loginame@foo.com is used to create a new account.
Initially the user cannot logout. Because after logout the user will be redirected to the index.php, which see userid hasn't been set and login the user again. Current solution is to set a 'logout' session cookie when user logout and clear it when user login. As result, users can be in three different states: logout without 'logout' cookie set, login and logout with 'logout' cookie set. Only in the first state will the automatical login process start.
