I'm creating a document management system where employees (members) can view PDF files and managers (admins) can upload them. I'm struggling with logins. Currently I've got separate logins for administrators and members. What's the best way to do a single sign on where someone logged in as an admin doesn't have to login as a member to view the PDF files? It looks like I have to figure out how to get a login function to check both the members table and the trongate_administrators table since passwords are stored in these tables. Then a function that can check for a token created either through the members module or the trongate_administrators module. Wishing Trongate would have just one controller for all logins. I'm so confused.

No need to be confused. Logging in from the admin panel is the same for the members. You make scenarios and check for each before continuing into the method.

Only use the Trongate admin for yourself for overall admin tasks. Then add two levels, manager and member and they can login using the member's module. I did something similar for a client and it became confusing having two places to login (Tongate admin and member's module). I added 3 levels: manager, vendor and client. As far as I know, you can only provide one level access per method, i.e. $this->trongate_security->_make_sure_allowed('manager'); so you have to duplicate a method if you want two or more levels to have the same access to that method. Would be great if we could use an array of levels instead but this works for now.

Either I'm confused still or I just got two contradicting replies. DaFa, are you saying to not use the members module and just use admin login for all other users? If that's viable then I just need to figure out how to send users to my website after login instead of the admin template. Shouldn't be too hard to figure that out. mjim, I need department managers to be able to do admin tasks, like deleting files and uploading new versions for a document control system. I need more than just members and managers. I don't see how to do that with the members module. Thank you both for the replies.

I would use the Members module and add a Members User Level Table. You can code it ------------------- Like the Make Sure Allowed ------------------- In the Trongate Administrator Controller file. Use the Members Login and your Home Page in your Config file. Then when user logs in get the Members Object and check Members User Level and redirect to proper page. Dan

Hi cisnez, Sorry if my first reply has compounded your confusion - what I meant was logging in from the admin panel or the Members module is virtually the same. What I failed to go into was what 'mjim' mentioned in his/ her post - and that is what each method should be used for. Personally, I would use the admin panel login for your access and have a secret URL to get to it once you have set the ENV variable to anything other than 'DEV', as Trongate will automatically log you in otherwise. If the client or admin for the client wants access to this too, then create an account for them so they can come in via this too. As for general users of the site, the members module would be the preferred login method here. This is a rather open topic and really depends on how you wish to allow access. Using the Trongate admin panel login for general users is not recommended and that's why the 'Simple Members Module' was created. I hope that clears things up somewhat :)

Using both modules doesn't solve the single sign on issue. If I create a document control module then the quality control guys have to have admin logins in order to get to the module/manage page. The admin logins are in a separate table than member logins, so two accounts are required, and two different login pages are required, and probably lots of two different code duplications are going to have to happen. I'll investigate mjim's reply and see if I can avoid using admin login for anything.

I suppose you can create a sign-on page ===================== then in submit function check and see if you have a match in Members table ===================== then check for a match in the Admin table. Be careful here as you pass information to the Trongate Administrator Controller ===================== That way you can have your Single page login. ===================== Dan