Reputation: 1732
Magento: Detect if admin is logged in in frontend pages
I have created a magento extension. I want to implement access to the extension. The extension creates a page in frontend and i want only admin to access that page. So basically i need something that would detect that if admin is logged in in frontend pages.
I have tried several solution but noting seem to work .
if(Mage::getSingleton('admin/session', array('name' => 'adminhtml'))->isLoggedIn()) echo 'logged in'; else echo 'not logged in';
Check on frontend if admin is logged in
Mage::getSingleton('core/session', array('name'=>'adminhtml'));
$adminSession = Mage::getSingleton('admin/session');
$adminSession->start();
if ($adminSession->isLoggedIn()) {
echo 'logged in';
}
Upvotes: 25
Views: 15253
Answers (12)
Reputation: 418
If you are using cm redis session try this: (worked for me)
$sesId = isset($_COOKIE['adminhtml']) ? $_COOKIE['adminhtml'] : false ;
if($sesId){
$session = Mage::getSingleton('core_mysql4/session')->read($sesId);
}
$loggedIn = false;
if($session)
{
if(stristr($session,'Mage_Admin_Model_User'))
{
$loggedIn = true;
}
}
var_dump($loggedIn);
because if you are using cm redis its rewrites db session module with its own model.
Upvotes: -1
Reputation: 1240
there is a new magento module, written by alan storm: https://github.com/astorm/Magento_CrossAreaSessions
$adminhtml = Mage::getModel('pulsestorm_crossareasession/manager')->getSessionData('adminhtml');
$adminUser = $dataAdminhtml['admin']['user'];
$loggedIn = $adminUser->getId() && $adminUser->getIsActive();
Upvotes: 7
Reputation: 103
Christoph Peters posted a link which solved my problem (Detect if admin is logged in in frontend pages):
//check if adminhtml cookie is set
if(array_key_exists('adminhtml', $_COOKIE)){
//get session path and add dir seperator and content field of cookie as data name with magento "sess_" prefix
$sessionFilePath = Mage::getBaseDir('session').DS.'sess_'.$_COOKIE['adminhtml'];
//write content of file in var
$sessionFile = file_get_contents($sessionFilePath);
//save old session
$oldSession = $_SESSION;
//decode adminhtml session
session_decode($sessionFile);
//save session data from $_SESSION
$adminSessionData = $_SESSION;
//set old session back to current session
$_SESSION = $oldSession;
if(array_key_exists('user', $adminSessionData['admin'])){
//save Mage_Admin_Model_User object in var
$adminUserObj = $adminSessionData['admin']['user'];
echo 'ADMIN USER IS LOGGED IN';
}
else
{
echo 'ADMIN USER IS NOT LOGGED IN'
}
}
Thank you very much Christoph Peters!
Upvotes: 7
Reputation: 335
It is quite simple but not a recommended solution. I myself spend number of hours to do this. For, windows based server try below solution:
$sessionFilePath = Mage::getBaseDir('session').DS.'sess_'.$_COOKIE['adminhtml'];
$sessionFile = file_get_contents($sessionFilePath);
$exp_cookie = explode(';',$sessionFile);
if(count($exp_cookie) > 100)
{
return "login";
}
return "expire";
For, Linux based server try below solution:
$sessionFilePath = Mage::getBaseDir('session').DS.'sess_'.$_COOKIE['adminhtml'];
$sessionFile = file_get_contents($sessionFilePath);
$exp_cookie = explode('--',$sessionFile)
if(count($exp_cookie) > 10)
{
return "login";
}
return "expire";
Thanks, Kashif
Upvotes: 1
Reputation: 83
require_once $dir.'app/Mage.php';
umask(0);
$apps = Mage::app('default');
Mage ::getSingleton('core/session', array('name'=>'adminhtml'));
$adminSession = Mage::getSingleton('admin/session');
$adminSession->start();
if ($adminSession->isLoggedIn()) {
//echo "logged in";
}
else {
//echo "Not logged in";
exit();
}?>
Upvotes: 0
Reputation: 39
Here is a solution this works with Magento 1.7.0.2 (tested) and on each frontend site, I use this in an controller not extending from Mage_Adminhtml_Controller_Action.
https://peters-christoph.de/tutorials/magento-pruefe-admin-session-logi-im-frontend/
Upvotes: 3
Reputation: 8179
This code will works
//get the admin session
Mage::getSingleton('core/session', array('name'=>'adminhtml'));
//verify if the user is logged in to the backend
if(Mage::getSingleton('admin/session')->isLoggedIn()) {
//do stuff
}
else
{
echo "404 page not found";
}
OR
$adminsession = Mage::getSingleton('admin/session', array('name'=>'adminhtml'));
if($adminsession->isLoggedIn()) {
//do stuff
} else {
echo "404 page not found";
}
Did you try to dump the $_SESSION variable? Maybe it will help you get on the right track.
Upvotes: 1
Reputation: 46
Apart from trying to pull session id from adminhtml cookie, which may or may not work IMHO is better just to "skin" page you need to show to look like its in frontend and use admin controller so it will run under admin session.
Another solution is to "copy" customer from admin to frontend and log them in before hitting your page and then its the matter of just checking if logged in customer is member of some group.
Upvotes: 1
Reputation: 3938
The above solutions doesn't work!
Here is a solution that works ( its not that clean ! but this will work anywhere in your application in phtml view or model or controller or helper ! )
$sesId = isset($_COOKIE['adminhtml']) ? $_COOKIE['adminhtml'] : false ;
$session = false;
if($sesId){
$session = Mage::getSingleton('core/resource_session')->read($sesId);
}
$loggedIn = false;
if($session)
{
if(stristr($session,'Mage_Admin_Model_User'))
{
$loggedIn = true;
}
}
var_dump($loggedIn);// this will be true if admin logged in and false if not
Upvotes: 14
Reputation: 981
The key to be able to use:
// Ensure we're in the admin session namespace for checking the admin user..
Mage::getSingleton('core/session', array('name' => 'adminhtml'))->start();
$admin_logged_in = Mage::getSingleton('admin/session', array('name' => 'adminhtml'))->isLoggedIn();
// ..get back to the original.
Mage::getSingleton('core/session', array('name' => $this->_sessionNamespace))->start();
is that the controller must extends Mage_Adminhtml_Controller_Action
than you can use this code in the preDispatch function.
And setup the routers for this controller in the admin section of your config.xml.
Upvotes: 0
Reputation: 4486
If you're trying to make it work within the template / phtml files, and/or inside the Block's class you're going to have a hard time. Mainly because magento (aggressively) caches your PHTML blocks for performance purposes thus undoing any program flow control statements you have especially stuff related with cookie checking. I have no direct / lengthy / indepth explanation why but that's just how I've encountered it over and over again.
However, your solution should be correct, but you need to do the check within a controller's preDispatch method like so to avoid the aformentioned aggressive caches since controllers are never cached. (shown in Nick's solution in the question that you linked.):
// Ensure we're in the admin session namespace for checking the admin user..
Mage::getSingleton('core/session', array('name' => 'adminhtml'))->start();
$admin_logged_in = Mage::getSingleton('admin/session', array('name' => 'adminhtml'))->isLoggedIn();
// ..get back to the original.
Mage::getSingleton('core/session', array('name' => $this->_sessionNamespace))->start();
IF you really do need to perform the above checks inside PHTML files or named blocks, check out the following code on how to turn off block-level caching and possibly make it work. What I did before was disable caching for the footer block (in which the child block, not phtml, contains code to check
for a specific cookie)
First off, the block call (found in your local.xml, or module layout update xml, or anywhere you can do layout updates, really. I prefer breaking up my customizations into modules so definitely module layout update xml is the way to go):
<reference name="footer">
<action method="unsetData"><key>cache_lifetime</key></action>
<action method="unsetData"><key>cache_tags</key></action>
<block type="newsletterpopup/popup" name="newsletterpopup_footer" template="newsletterpopup/popup.phtml"/>
</reference>
And this is the newsletterpopup's block class:
<?php
class Launchpad_Newsletterpopup_Block_Popup extends Mage_Core_Block_Template {
public function canRender() {
// Check if cookie exists here
}
public function afterRender() { // if block has rendered, this is called.
// Set cookie, if it doesn't exist here.
}
}
And the phtml would be something like:
<?php if($this->canRender()): ?>
// stuff
<?php endif; ?>
Good luck!
Upvotes: 3
Reputation: 1869
Check this blog, I think you need not check with start() before checking with isLoggedIn().
Mage::getSingleton('core/session', array('name'=>'adminhtml')); // get sessions
$check = Mage::getSingleton('admin/session', array('name'=>'adminhtml')); //get admin sessions
if($check->isLoggedIn()) { //check is admin logged in
echo "Admin is logged in";
} else {
echo "Admin is offline";
}
Upvotes: -1
Related Questions
- Show Admin Panel pages on WordPress depending on User logged in
- Magento how to check if Admin is logged in (Frontend)
- Check on frontend if admin is logged in
- Joomla - Determining whether logged-in user is an Admin
- Joomla: How to check if admin is logged in
- Check if Admin is Logged in Within Observer
- Check if user is admin PHP
- Magento : How to check if admin is logged in within a module controller?
- Wordpress - Check if logged as admin with javascript
- Magento - Checking if an Admin and a Customer are logged in