handler function(
  array &arParams

The OnUserLoginExternal event is used to check user login and password in an external authorization source. Handlers of this event are called fr om within the method CUser::Login, if none of OnBeforeUserLogin event handlers returned false, before a user authorization attempt and before the login arParams['LOGIN'], and password arParams['PASSWORD'] are both verified.


arParams Array of fields to verify login and password:
  • LOGIN - User login
  • PASSWORD - user password. If the value of PASSWORD_ORIGINAL is "Y", this parameter contains the original password. Otherwise, this parameter contains the MD5 hash value of the original password.
  • REMEMBER - if "Y", the user authorization information is to be stored in cookie.
  • PASSWORD_ORIGINAL - if "Y", the value of the PASSWORD field contains the original password typed by a user (not converted to MD5). If "N", the value of the PASSWORD field is converted to MD5.

Note This handler array of parameters and elements arParams are references to original variables. Therefore, all changes to parameters made within the handler affect values of the original variables.

Returned value

If a user must be authorized, the event handler must return ID of this user.

See Also

Example of handler function:

// example of user authorization from the Innovision Power Board forum tables 

// file /bitrix/php_interface/init.php
AddEventHandler("main", "OnUserLoginExternal", Array("__IPBAuth", "OnUserLoginExternal"));
AddEventHandler("main", "OnExternalAuthList", Array("__IPBAuth", "OnExternalAuthList"));

define("IPB_TABLE_PREFIX", "ibf_");
define("IPB_VERSION", "2");

class __IPBAuth
    public static function OnUserLoginExternal(&$arArgs)
        $groups_map = Array(
            /*'IPB Group ID' => 'Local Group ID',*/
            '4' => '1'
        $table_user = IPB_TABLE_PREFIX."members";
        $table_converge = IPB_TABLE_PREFIX."members_converge";

        global $DB, $USER, $APPLICATION;

        if(IPB_VERSION == '1')
            $strSql = "SEL ECT * FR OM ".$table_user." WH ERE name='".
                      $DB->ForSql($LOGIN)."' AND password='".md5($PASSWORD)."'";
            $strSql =
                "SELECT t1.* ".
                "FROM ".$table_user." t1, ".$table_converge." t2 ".
                "WHERE'".$DB->ForSql($LOGIN)."' ".
                "    AND = t2.converge_email ".
                "    AND t2.converge_pass_hash = MD5(CONCAT(MD5(t2.converge_pass_salt), '".md5($PASSWORD)."'))";

        $dbAuthRes = $DB->Query($strSql);
        if($arAuthRes = $dbAuthRes->Fetch())
            $arFields = Array(
                "LOGIN" => $LOGIN,
                "NAME" => $arAuthRes['title'],
                "PASSWORD" => $PASSWORD,
                "EMAIL" => $arAuthRes['email'],
                "ACTIVE" => "Y",
                "LID" => SITE_ID

            $oUser = new CUser;
            $res = CUser::GetList($O, $B, Array("LOGIN_EQUAL_EXACT"=>$LOGIN, "EXTERNAL_AUTH_ID"=>"IPB"));
            if(!($ar_res = $res->Fetch()))
                $ID = $oUser->Add($arFields);
                $ID = $ar_res["ID"];
                $oUser->Update($ID, $arFields);

                $USER->SetParam("IPB_USER_ID", $arAuthRes['id']);

                $user_group = $arAuthRes['mgroup'];
                $arUserGroups = CUser::GetUserGroup($ID);
                foreach($groups_map as $ext_group_id => $group_id)
                        $arUserGroups[] = $group_id;
                        $arUserGroupsTmp = Array();
                        foreach($arUserGroups as $grid)
                            if($grid != $group_id)
                                $arUserGroupsTmp[] = $grid;
                        $arUserGroups = $arUserGroupsTmp;
                CUser::SetUserGroup($ID, $arUserGroups);
                $arParams["STORE_PASSWORD"] = "N";

                return $ID;

    public static function OnExternalAuthList()
        return Array(
            Array("ID"=>"IPB", "NAME"=>"Invision Power Board")

© «Bitrix24», 2001-2023