Automated login

As off version 1.2.0, it’s possible to facilitate automated login with your Pagestead application. This essentially means you can allow your users to log into their Pagestead account by clicking a simple link.

 

Configuration

Automated login is configured under “Settings > Integration”. You’ll find a panel there labeled “Automated login”. For security reasons, by default this functionality is turned off. To turn it into, set the switch labeled “Activate automated login” to ON.

The next requirement for using automated logins is setting a “Hash key”. This key can be any string or number. For security reasons, we suggest creating a string of random letters and numbers of at least 20 characters long. Basically, you wan to make sure people can’t easily guess this key. Please keep this key private; do not distribute it or share it with others.

 

A proper automated login link will look this:

https://yourpagesteaddomain.com/auth/alogin/?token=[usertoken]&hash=[hashstring]

 

User token

In the above link, [usertoken] refers to a unique token identifying the user who’s account will be used when logging in. To retrieve the user token for a specific user, you can either use the REST API or log into your copy of Pagestead (as an user with ADMIN rights) and navigate to the Users panel. Assuming you have already activated the automated login, for reach user you will see a field labeled “Auto-login token”. If this field is empty, you can click the button labeled “Generate” to generate a new token (be sure to click the save button to save the new token).

Pagestead auto login token

 

Hash string

The next parameter you’ll need to include in the link is the [hashstring]. This string is a md5 hashed string consisting of the domain hosting the link and the hash key configured in the Integration settings panel (“Settings > Integration”).

Let’s assume you’re hosting the link on a website located at “https://mysite.com/” and the hash key is configured to be “SecretHash_12345”. You would then need hash the following string using the md5 protocol: “https://mysite.com/SecretHash_12345”.

Please a code example below of how we’d achieve this using basic PHP:

$hash = md5( "https://mysite.com/" . 'SecretHash_12345' );

When creating the hash string, be sure to only include the domain (with a trailing “/”) and the protocol (“http://” or “https://”). If you include anything else, the automated login will fail.

Was this article helpful?

Related Articles

Leave A Comment?

You must be logged in to post a comment.