Forcing a dummy user to be logged in.
Created 6 years ago by edsterI am integrating with a 3rd party service to be able to access a module on a site. They login on the 3rd party, and submits a hashed key to me that I then use to verify its legit and get in return there name and other data needed for my system to complete there request.
That being said, I don't want to manage all these users (100k +) in my pyro install.
I was thinking of verifying the request from the 3rd party and then sign in a dummy user with the users module.
Is this a good idea? What is the other ways of tackling this that might make more sense? This type of thing is new to me.
Thanks!
Thanks Ryan, for clarification
if I were to do like $user->setAttributes() //containing name,email other important shit
then $authenticate->login($user);
This would persist across multiple pages (need to do some ordering and cart stuff), but no actual DB user would be created. And basically gets trashed once you log them out?
I would keep a DB user per API / 3rd party user.
Could add a static callback to the UserTableBuilder
A lot of SSO stuff still creates users and auths them that way. I've done this too. You can basically populate the dummy user with 3rd party information then force them in with your own strategy.
Check out the authentication services here: https://pyrocms.com/documentation/users-module/latest#services/authentication