User and hashed password

[lmizz92]

Hi all,

I would like to ask if it is possible to collect all users and hashed passwords in a consolidated file rather than placing them in the config.php file? Therefore, if new users are created, users are deleted and passwords have been updated, the change is reflected immediately on this consolidated user file.

An alternative to this is to use the PHP REMOTE_USER for user authentication, how can this be done?

Thanks and Regards.

[dgw]

I don't understand how config.php isn't already "a consolidated file". Nonetheless, this all sounds Possible With A Plugin.

[ozh]

config.php is just a PHP file : you can insert any PHP code in there, like including user/pwd from another location.

There are several plugins dealing with authentication, you might find something to hack from there

[lmizz92]

Thanks for the feedback, but I was thinking of integrating YOURLS with MySQL database (where user and hashed passwords are kept) so that from the user's point of view it is SSO, since login would be already done in another log in page.

[lmizz92]

Hi,

I was able to include user credentials in a separate file, but the passwords remain as clear text and get this message on the admin page:

Could not auto-encrypt passwords. Error was: "preg_replace problem". Get help.

Tried giving full permission but to no avail.

Thanks and Regards

[ozh]

the auto encryption deals with config.php. Did you tell the function to look at another file instead? I'm not sure there's a hook to do so