Difference between revisions of "Remote Affiliate Authentication"
TMMStephenY2 (talk | contribs) |
TMMStephenY (talk | contribs) m |
||
(2 intermediate revisions by one other user not shown) | |||
Line 7: | Line 7: | ||
<!-- secure login reseller authentication --> | <!-- secure login reseller authentication --> | ||
− | [[NATS4]] contains a feature that allows [[Ct#Affiliate|affiliates]] to log in to other applications using their NATS usernames and passwords. This Remote Affiliate Authentication script will allow | + | [[NATS4]] contains a feature that allows [[Ct#Affiliate|affiliates]] to log in to other applications, such as affiliate-only content areas, using their NATS usernames and passwords. This is made possible through our '''remote_auth.php''' script. |
+ | |||
+ | Our Remote Affiliate Authentication (remote_auth.php) script will allow you (the client) to verify that an affiliate's credentials exist in your [[NATS]] database, and allow the affiliate to log into your external application. | ||
Although we have encrypted reseller passwords in the [[NATS]] database in order to protect NATS and your data, we have written a script that will be able to receive the username and password of an affiliate. With this, you will be able to check if that affiliate's information is correct. | Although we have encrypted reseller passwords in the [[NATS]] database in order to protect NATS and your data, we have written a script that will be able to receive the username and password of an affiliate. With this, you will be able to check if that affiliate's information is correct. | ||
+ | |||
+ | For example, you can set up a password-restricted directory in an external affiliates-only content area that you have created. When an affiliate tries to login to your external area, you can send a post to your remote_auth.php script to verify if that affiliate's credentials exist in your [[NATS]] database. | ||
Before you implement this script, you must first set up the array of allowed IPs in your nats/includes/config.php file like the following example: | Before you implement this script, you must first set up the array of allowed IPs in your nats/includes/config.php file like the following example: | ||
Line 17: | Line 21: | ||
</pre> | </pre> | ||
− | + | Make sure that you replace the numeric values inside the parentheses with the IP address of the server authenticating against NATS. You can also add your (client) IP address if you want to test your Remote Affiliate Authentication script manually by going to your external URL. | |
== The Script == | == The Script == | ||
Line 49: | Line 53: | ||
[[Category:Need NATS4 Article]] | [[Category:Need NATS4 Article]] | ||
+ | [[Category:NATS4 Extras]] |
Latest revision as of 11:01, 6 June 2011
NATS 3
|
---|
NATS4 contains a feature that allows affiliates to log in to other applications, such as affiliate-only content areas, using their NATS usernames and passwords. This is made possible through our remote_auth.php script.
Our Remote Affiliate Authentication (remote_auth.php) script will allow you (the client) to verify that an affiliate's credentials exist in your NATS database, and allow the affiliate to log into your external application.
Although we have encrypted reseller passwords in the NATS database in order to protect NATS and your data, we have written a script that will be able to receive the username and password of an affiliate. With this, you will be able to check if that affiliate's information is correct.
For example, you can set up a password-restricted directory in an external affiliates-only content area that you have created. When an affiliate tries to login to your external area, you can send a post to your remote_auth.php script to verify if that affiliate's credentials exist in your NATS database.
Before you implement this script, you must first set up the array of allowed IPs in your nats/includes/config.php file like the following example:
$config['REMOTE_AUTH_IPS'] = Array ('10.10.10.107', '10.10.10.108');
Make sure that you replace the numeric values inside the parentheses with the IP address of the server authenticating against NATS. You can also add your (client) IP address if you want to test your Remote Affiliate Authentication script manually by going to your external URL.
The Script
The Remote Affiliate Authentication script has three variables that must be defined for it to work properly. The available input variables are:
- username - the username to be authenticated
- password - the password to be authenticated
- ignore_active - if you wish to authenticate regardless of status in NATS database
After submitting the necessary information, the script will return a reply based on authentication. The return from your script will be:
- OK - seen if the authentication was correct
- NOTOK - seen if the request came from a bad IP or if the authentication was incorrect
The following is an example of a PHP Post using the Remote Affiliate Authentication script:
<? $auth = file_get_contents("http://linkdomain/remote_auth.php?username=myuser&password=mypass"); if($auth == 'OK'){ //allow them access }else{ //send away from here } ?>
Replace linkdomain in the above example with the link domain of your NATS install.