I'm building an Intranet site with Trongate framework and needing people to login before being allowed to navigate the site. Using the Members module and not sure best way to use it. I think the best way to avoid having code duplication of every module checking for 'members->_make_sure_allowed' was to add the code to my template method in the templates controller. This works fine until I try to wrap the login screen with the template. When I do that then I get: ERR_TOO_MANY_REDIRECTS. Is there any code to make it possible to wrap my design template around the login view? If not then I guess I just duplicate my template code in the login.php, but would rather not have to do that.

It would seem that in the Welcome.php controller, have your function index Then change redirect in function submit Dan

I'm not sure my question was fully understood. What's the best way to secure modules so people have to login before they can access the module? In Trongate if someone has a URL to go directly to a module/method there is nothing to prevent them from rendering the view unless either checking in every module function that they have logged in, or so far my best option is to put the token verification in the template. It looks like I'll just have to have a public template and a private template to get around the too many redirects error. Unless someone has a better idea.

So far this looks to be a good solution. I'm using my 'dark' theme in the Members controller [$template_to_use]. Then in any other module/methods that need to be secured I'm calling the same theme with a 'dark_private' template method. Templates.php function dark Templates.php function dark_private Config file themes.php

Hi cisnez, You could use your method and check for module name and then skip if coming from the 'members' module. Another way is to pass in an array of allowed methods and check for those too.

I ended up adding globals to the config.php for TEMPLATE_PUBLIC, TEMPLATE_SECURE, and TEMPLATE_ADMIN. Then in members controller I changed every function that called it's internal template variable to use one of these globals instead. Doing my best to keep everything object oriented and not doing special case scenarios on any modules.