In order to provide special options to the SSO, you need to place them between the “require_once” and the “authenticate”. Your final line before proceeding to the page must be “$sso->authenticate();”. This triggers the authentication. Without that line, they will not be asked to log in, nor will their existing session be used if they have one. And any restrictions placed after that line won’t matter.
Sometimes you want to allow visitors in without requiring a login, but you want to provide custom information to people who are logged in. Use $sso->loginNotRequired() and a login will be used if available but will not be required:
This hands access control back to you, but you will now also need to check for authorization yourself.
If you use custom logins, you must verify that people are logged in before making any changes that are limited to logged-in users, such as changes to database tables, sending out e-mails, or creating files.
If you allow guests and want to provide different content for logged-in visitors, use $sso->authorized. For example:
<?IF ($sso->authorized):?> <p>Here is your cake…</p> <?ELSE:?> <p>The cake is a lie.</p> <?ENDIF;?>
The login form will automatically use the secure server, and redirect back to your page when done.
If you display a button on your page and the visitor is not logged in, the button will let them log in; it will automatically switch between “login” and “logout” depending on whether the visitor has logged in or not.
Login buttons will read either “Login” or “Login to my site” (or whatever text you provide to the button method).
Information about the visitor
- $sso->email() provides their USD e-mail address.
- $sso->account() provides their USD account name without the domain name.
- $sso->name() provides their given name.
- $sso->surname() provides their surname.
- $sso->fullName() provides their full name.
$sso->member('group name') returns true if they are a member of that group, false if they are not. You can provide an array to see if the visitor is in any of those groups. The valid groups are:
There is also a special group, ‘employee’, which matches any administrator, staff employee, or faculty member. This special group can’t be used in an array.
For example, you might provide a special message to students:
<?IF ($sso->member('student')):?> <p>Remember to sign up for rollerball before November 13!</p> <?ENDIF;?>Only students will be shown the option to sign up for the rollerball team.