Prestashop logout user programmatically - prestashop

I am developing a module in Prestashop. I want to know how to logout user programmatically, and how can I redirect a user to custom url?

You can use
$customer->logout();
Or
$customer->mylogout();
The first one is a complete logout, the second one will leave affiliate information in customer's cookies.
Both methods fire actionCustomerLogoutBefore and actionCustomerLogoutAfter hooks, so you can attach to them for your redirect.
Speaking of redirect - it depends on what page you want to redirect your customers to, if it's an internal page, you can use either:
$redirect_link = Context::getContext()->link->getPageLink(...); // or "getModuleLink", etc., see classes/Link.php for details.
Or
$redirect_link = $this->context->link->getPageLink(...);
You would then use either redirect, redirectLink or redirectAdmin (probably the other two, as redirectAdmin only makes sense if you're in Back Office) of Tools class to redirect to that link.

Related

VueJs Address Bar

Hi friends,
The company I work for has a website with an Admin Dashboard. Pages that users can use according to their authorization are listed in the menu. Beautiful so far. However, there is a problem. The person can reach the pages that he cannot see in the menu at the moment, without authorization, from the address bar, by entering the link of the page. How can I prevent access to unauthorized pages from the Address Bar by redirecting them from one place? I don't want to check each page individually. This doesn't make sense. For example, a component with the message "You are not authorized to view this page" may be displayed or automatically redirected to the home page.
I'm waiting for your help. Thanks.
You will need to use a global router navigation guard/hook called beforeEach - as explained in multiple tutorials:
https://css-tricks.com/protecting-vue-routes-with-navigation-guards/
https://www.permify.co/post/implementing-role-based-access-control-in-vue-js

Separating redirection logic in angular pages

In my application we have a summary page having a link to take the user to the different pages of the application. For example, we have separate pages for collecting personal details, address details, education details etc., and there is a summary page giving the summary of a student's data. Users of the application will go to the summary page and then navigate to any individual pages in case if the data is not filled up yet. After the user goes to the individual page, they can enter the required details, and upon saving the entered details, they will be eventually redirected back to the summary page.
I have implemented the above functionality as below at the moment,
When the user clicks on a link to the address details page from the summary page, I will pass the redirect url as a query string to the summary page, and upon the user saves the address details in the address page, I will redirect the user back to the summary page using the redirect url passed on the query string.
Each individual pages have a common base class
Redirection logic is present in each individual pages now. This logic checks if there was a redirection url present in the query string, then if present it will direct the user to the summary page after the user clicks on the save button on the current page.
I feel the above solution is elementary, there is potential for adding new pages to our application.
I wonder if there is anyway to implement the above requirement in a elegant way in such a way that the redirection logic is separated as a angular service, route or any other angular technique so that we dont have to do any thing extra for the new pages that will be added in the future.

Additional pages with SPA

I'm creating a SPA app using Durandal and I would like to include a credit card payment facility. The guys that I'm looking at requires you to give return URLs to success, cancel and a view other pages, is that possible?
To me it would be breaking the 'single page' part of SPA, but is it possible? Could I do it all in a window?
Disclaimer: I don't know Durandal, but you would solve this in an SPA using either "hashbang URIs" or actually re-serving the SPA in your webserver for the requested return URI and adjusting the content using the same technique as hangbash URIs but using history.pushstate/history.popstate instead, see here: https://developer.mozilla.org/en-US/docs/Web/Guide/API/DOM/Manipulating_the_browser_history
A more general article from Google is available here that covers the same principle: https://developers.google.com/webmasters/ajax-crawling/
This "works" because SPAs are SPAs only in that the browser requests a new HTML document from the server once (or in your case, twice), the SPA should still be updating the history and address-bar state of the UA as the user navigates the application, just as though it were a regular multi-page application.
A great example of this is GitHub's source navigator: Try here ( https://github.com/angular/angular.js ) and navigate the repository, observe that the contents of the file-listing change as does the address bar, but your browser doesn't reload the whole page... yet if you copy+paste the (modified) address bar address into a new browser window, you get the same page back.
I looked into doing credit card processing from a SPA and the best option I had found was Stripe. They supply a javascript file that looks like it would work, I never implemented it on my project due to time constraints so I can't confirm that it works but it looked very promising.
IFRAMEs are quite good for this sort of thing. You can use jQuery to hook an event handler to the page load event and this will tell you when the other end has responded. Load the 3rd party page into the IFRAME and serve response pages on the URLs you provide to the service provider. As mentioned by others you can use routes to identify the response pages. The IFRAME will stop the round-tripping from mucking up your application state and in fact it is possible to put script in your response pages that dot-notates its merry way up the DOM and into your app.

Accessing a url directly without login

I am considering doing this -
Any url (excecpt those I disallow specifically) can be accessed directly without signing-in, however if you click on any of the links on the page, it will redirect you to the sign-up page
I am thinking of several ways of doing it, but neither is flexible enough to work with devise
Create a new link_to_not_registered helper which I will use on every link_to and it will check if the user is logged in or not
create a before_filter to check if the user is logged in. This is a bit problematic, as I don't know how to create a filter only when linking and not when directly accessing a page
Have an external flag to test if the user is logged in and change the page accordingly.
neither way helps me redirect the user after sign-in/sign up (new helper links to sign up, before filter becomes too complex, flags are too simple)
Is there a way to create a functionality of direct access to show actions while clicking on links requires login?
I think the best approach is a before_filter. You can check previous page by request.referrer, so if it's a page inside your app, you redirect user to signin path
def to_signin
redirect_to singin_path if request.referrer["http://myapp.com"]
end

Plone make login mandatory on every page but main page

A customer wants to have its Plone site behave like this:
the main page can be seen by anonymous users
you have to be registered and authenticated to see any other page
the site is open for registration, so the forms to authenticate and register should also be made visible by anonymous
How one can approach this?
Is there a way to hook a python script/class/method/function to any request made by the user? Overriding the main_template.pt and adding a TAL call to a method that does these checks would be enough?
The tricky part is that even if the anonymous can only visit the main page, the main page in itself is made up of other content types which should be only viewed by authenticated users (by their restrictions, not because of workflow).
I ruled out, maybe a mistake?, workflow because then everything should be made private but still the global_nav is made out of folders which, if the workflow approach was taken, should be private/non-viewable by anonymous.
Cheers,
Try this:
add a state internally published to your workflow
copy permissions configuration from the "public" state into the new state and than remove the "View" permission from the Anonymous User (maintain the 'Access content information', that's the key). Then add all needed transitions.
put your home page in "public" state
put everything else in 'internally published' state
This should work because if you link content's information in the homepage, this will work, but if someone try to access a content he will miss the "view" permission and will be redirected to the login.