I'm supposing your external application will have access to Joomla's database and is written in php as well.
I've already answered a similar question about creating a user outside joomla, you could use the same approach, but instead of calling the save method from JUser, you could use bind to check if the password is correct.
Or something better: simply copy and paste Joomla's own authentication mechanism after creating an "environment" outside Joomla! Check JOOMLA_PATH/plugins/authentication/joomla.php:
function onAuthenticate( $credentials, $options, &$response ){
jimport('joomla.user.helper');
// Joomla does not like blank passwords
if (empty($credentials['password'])){
$response->status = JAUTHENTICATE_STATUS_FAILURE;
$response->error_message = 'Empty password not allowed';
return false;
}
// Initialize variables
$conditions = '';
// Get a database object
$db =& JFactory::getDBO();
$query = 'SELECT `id`, `password`, `gid`'
. ' FROM `#__users`'
. ' WHERE username=' . $db->Quote( $credentials['username'] )
;
$db->setQuery( $query );
$result = $db->loadObject();
if($result){
$parts = explode( ':', $result->password );
$crypt = $parts[0];
$salt = @$parts[1];
$testcrypt = JUserHelper::getCryptedPassword($credentials['password'], $salt);
if ($crypt == $testcrypt) {
$user = JUser::getInstance($result->id); // Bring this in line with the rest of the system
$response->email = $user->email;
$response->fullname = $user->name;
$response->status = JAUTHENTICATE_STATUS_SUCCESS;
$response->error_message = '';
} else {
$response->status = JAUTHENTICATE_STATUS_FAILURE;
$response->error_message = 'Invalid password';
}
}
else{
$response->status = JAUTHENTICATE_STATUS_FAILURE;
$response->error_message = 'User does not exist';
}
}
与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
