Member Avatar for unikorndesigns

Hi guys,
I am trying integrate piwik site analysis graphs with my web app. There is a way to represent the data from the locally hosted piwik in the webapp but it requires the user to log into piwik through its UI. I am thinking of integrating the piwik graphical data with my webapp without having the user to log into the piwik app via the user interface because it results into double login from the user's side, which really sucks. I want to login to the piwik webapp via my own web app so that my client will have seamless experience. Is this possible?
Lets get our thinking caps on! :D

Thanks in advance!

Cheers!

  • 3 Contributors
  • 3 Replies
  • 142 Views
  • 17 Hours Discussion Span
  • Latest Post Latest Post by veedeoo
Member Avatar for oop_php

Hello,

Integrating two login systems is quite tricky. The simplest way of doing this is to evalute the member's database table of both side. Once you evaluated the tables, look for the similarities of the two i.e. username, password, email

The next thing to do, is to find out what password hashing method is used on the other application.

After evaluating the application, the bridging application( your application) must use the same password hashing method, for your application to use similar authentication as the piwik..

Possible Scenarios:

piwik password hashing mechanism : md5 (this is an example only..most applications now does not use md5 hashing anymore).

your application hashing mechanism: you must use the same hashing to validate.

piwik Session set: normally, upon successful login validation a piwik session and cookies might have been set.

Your application: check if piwik set session or cookies are present.

What are the most common items between the two login systems..
1. Email address- this is more likely
2. username - this is likely, but you can always import to and from between the two login systems.
3. Password - this I already mention above..

example of a rough script..NOT implementing the password match,but session only

<?php

 session_start();

    // check if piwik session exist..
    // items are assumptions
    if($_SESSION['piwik_user']){
    // use the session from piwik to to search your app for a match
    $query = "select from your appTable where user_name ='". $_SESSION['piwik_user'] ."'";

    // execute the query, use PDO wrapper as much as possible.

    // if the above does not work use JOIN
    //say, it worked..
    $_SESSION['yourApp_'] = $row['yourApp_user_name'];

    }

    else{
    // this is not a valid user on your application

    }
Edited by oop_php because: updated
Member Avatar for unikorndesigns

Piwik doesn't store its password in the database. It has a config file having the password in it. So do u think it will be an added advantage for me?

Member Avatar for veedeoo

Hi,

Yes, it will be a lot easier for you, because you don't have to deal with all the extra coding trying to create a bridge between two applications..

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.