Welcome to the Question2Answer Q&A. There's also a demo if you just want to try it out.

Exclude the original admin account from custom login plugin?

0 votes
110 views
asked Jan 3 in Q2A Core by Diane
I'm trying to write a custom login plugin. I've succeeded with it, except that if I try to log in as the original account created during Q2A installation I cannot do so. I have looked at some other custom login plugins but so far have not seen that anyone includes any code to specifically exclude the first account created. I'm wondering if there's something I'm missing, perhaps if there's a function that can be called to bypass the plugin for the admin account, or if I have to specifically write some hokey 'if username == admin' kind of exclusion in order to allow the admin account to log in.

Sorry to have to ask such a dumb question but a lot of the plugins are really out-dated anyway and the developer documentation is pretty minimal.
Q2A version: 1.8.0-beta1
commented Jan 3 by pupi1985
There shouldn't be any issue to login using any account. The thing is that you're the one who implements the login procedure, so the faulty code is most likely only in your hands
commented Jan 4 by Diane
Maybe I'm not being clear. Once I am using a custom login plugin, the original super user account is no longer accessible. Is there some way to keep that super user account accessible? Here are the steps I took:

1. Installed the application fresh, created the initial super user account.
2. Enabled my custom login plugin.
3. Tested it by logging out and logging in as someone else. Yay, it works.
4. Attempted to login to the super user account. Cannot do it.

Now I am wondering if there is a method within the Q2A code to use to check if this user is the super user and bypass the rest of the program. Various other plugins I've looked at don't appear to have any such thing.

2 Answers

0 votes
answered Jan 4 by mshah
Well, when you wrote the custom login plugin, it looks like you have a new column that stores user email. In that case, first disable the plugin, log in with your credentials and activate the plugin.

Also, make sure that you have an option to connect existing account to the account created using the plugin.

Hope that helps!
0 votes
answered Jan 4 by Diane
I guess I'll answer my own question for anyone who comes by later.

I had to write my own method to check the login to see if it was an attempt to log in the super user. I borrowed code from the login.php file. I verify the username/password combo, set all the necessary user information in the session, then call the qa_set_logged_in_user($inuserid, $result['handle'], false, 'XXX'); making sure that XXX is the "source" name of my login plugin (otherwise you can't log in or out without redirect errors.)
...