No announcement yet.

Call login function to authenticate user (AuthToken creation + Cookie)

  • Filter
  • Time
  • Show
Clear All
new posts

  • Call login function to authenticate user (AuthToken creation + Cookie)

    Hello all,

    I am trying to achieve an SSO login method with EspoCRM.
    I successfully setup an SAML exchange with Azure Active Directory and I am able to login on it.
    on return, I reach a callback URL within ESPO where I can get from parameters all the information I need to recognise the user.

    I am generating an Auth Token with the following Code :

    PHP Code:
            $authToken $this->getEntityManager()->getEntity('AuthToken');
    $token $this->generateToken();
    $secret $this->generateToken();
    $authToken->set('lastAccess'date('Y-m-d H:i:s'));
    I am then generating a Cookie :

    PHP Code:
         setcookie('auth-token-secret'$secrettime() + (86400 30), "/"); 
    setcookie('auth-token'$tokentime() + (86400 30), "/"); 
    setcookie('auth-username''$userName'time() + (86400 30), "/"); 
    However, if I then go to any page of the CRM, I am not logged.

    I check in the DB, the Auth Token is present and the Cookie is also created on my browser.

    Is there a method we can call to login an user (for example there is a login method in appplication/Espo/Core/Utils/Auth.php).
    Is there any "easy"way to call such method that will create Auth Token / Cookie the right way ?

    Best Regards,

  • #2
    Nevermind, I got it done.


    • tothewine
      tothewine commented
      Editing a comment
      Could you please tell how you did it? For the posterity...

  • #3

    - I have overridden the login view to add an additional SSO login button in my login tpl. (
    - If the user clicks the SSO login button under the login page, the user will redirect to the custom entrypoint page.
    - Here, I will get the verified user info from 3rd party authenticator and redirect it back to the same entrypoint page.
    - I am generating the Auth token and setting cookies using a similar login function like {/application/Espo/Core/Utils/Auth.php} in my entry point.

    But still, the user is not logged in!!!

    How I can perform login of the user from entrypoint page with verified email only (no password) and also how to redirect the user from the entrypoint page to the application home page with successful login?

    Can you please help me with this?
    Last edited by Ananya K; 07-23-2020, 07:10 AM.


    • #4
      Could somebody fix this issue? I have the same problem


      • #5
        You should probably use a custom authenthication class.