Magnolia's Public User Registration module allows users to register an account on the public site. This page explains how to use the module to set up public user registration and protected pages that are available only to users who have registered and logged in.
The tutorial takes you through the process of:
- Setting up pages containing the components provided by the module
- Restricting access to certain pages to registered users only.
...
The Public User Registration module includes all the necessary components to implement PUR on your site.
You can make the components available on any page any page template. The components will be used on pages for registration, login and related PUR tasks.
The Travel demo's Public Users template makes the components available in main
area of the page. The example uses this template. See Area definition for more.
Localtab Group |
---|
Localtab |
---|
| Code Pro |
---|
language | js |
---|
sections | 8-28 |
---|
url | http://git.magnolia-cms.com/projects/MODULES/repos/demo-projects/browse/community/magnolia-travel-demo/src/main/resources/travel-demo/templates/pages/pur.yaml?at=master&raw |
---|
| | |
|
Localtab |
---|
| Advanced Tables - Table Plus |
---|
heading | 0 |
---|
multiple | false |
---|
enableHeadingAttributes | false |
---|
enableSorting | false |
---|
class | m5-configuration-tree |
---|
enableHighlighting | false |
---|
| Node name | Value |
---|
|
| | |
| |
| |
| | public-user-registration:components/login | |
| | public-user-registration:components/registration | | |
| | public-user-registration:components/userUpdate | |
| | public-user-registration:components/forgottenPassword | |
| | public-user-registration:components/passwordChange | |
| | public-user-registration:components/enableUser | |
| | travel-demo:components/textImage | |
|
|
...
- PUR pages:
- Base these pages on your PUR template. We will add the PUR components made available above to these pages.
- You need one page for each PUR component, for example a registration page for the Registration form component, a login page for the Login form component etc..
- Restricted content pages:
- These are standard pages. They do not rely on the functionality of the PUR module.
- You can base these pages on any template and you add any components.
...
- Registration:
Always
registration strategy enables users immediately. A user can access restricted content straight after registration. - Password retrieval:
MailChangePasswordLinkStrategy
sends an email to the user who submits the password retrieval form. A link in the email directs the user to the example /change-club-password
page. - Default group: We create the
sportstation-pur
group in Setting permissions (below). - Default role: The configuration overrides
default
to ensure that users assigned only the anomymous
role cannot access restricted content.
These options are configured in /moudlesmodules/public-user-registration/config/configurations/sportstation
.
Localtab |
---|
|
Advanced Tables - Table Plus |
---|
heading | 0 |
---|
multiple | false |
---|
enableHeadingAttributes | false |
---|
enableSorting | false |
---|
class | m5-configuration-tree |
---|
enableHighlighting | false |
---|
| Node name | Value |
---|
|
| |
| | |
| |
| |
| | info.magnolia.module.publicuserregistration.strategy.Always | passwordRetrievalStrategy |
| | /public-user-registration/templates/mail/password-reset-email.ftl | | /sportstation/sports-club/retrieve-club-password/change-club-password | |
| | anonymous | | override | |
| | sportstation-pur | | ../default | |
|
...
At this stage, publish the work to date to the public instance. We set permissions and test the setup on the public site because this is where it will be used and anonymous users have different permissions on the author and public instances by default.
Publish:
Setting permissions
On the public instance, first restrict anonymous access to content reserved for registered users and then give registered users access to this content
...
Next create a new group named after the value in the defaultRoles
configuration property (sportstation-pur
in the example) and assign the new role to the new group. Users in this group also need other basic roles.
...
Group | Granted roles |
sportstation-pur | sportstation-pur |
| travel-demo-base |
| imaging-base |
Adding a client callback to the security filter
...
Localtab |
---|
|
Advanced Tables - Table Plus |
---|
heading | 0 |
---|
multiple | false |
---|
enableHeadingAttributes | false |
---|
enableSorting | false |
---|
class | m5-configuration-tree |
---|
enableHighlighting | false |
---|
| Node name | Value |
---|
|
| |
| |
| |
| |
| |
| |
| |
| | info.magnolia.cms.util.SimpleUrlPattern | | (*|sportstation)/sports-club/(profile-update|club-deals)* | | info.magnolia.cms.security.auth.callback.RedirectClientCallback | | /sportstation/sports-club/club-login.html | |
|
...
- Open the restricted content page logged in as
superuser
and then log out by adding the ?mgnlLogout=true
parameter to the URL. The restricted content disappears and the page redirects to the login form page configured in the security callback.
- Click Register in the login form, register a dummy account (using a valid email address) and then login with the new credentials. The protected page (set in the Login form component) opens.
- Log out as the new user, click Forgotten password in the login form and enter the dummy account username and email. The link in the password reminder email opens the password reset form page (set in
passwordRetrievalStrategy
configuration) where you can choose a new password.
- Log in to admincentral and launch the Security app to verify that the dummy user is assigned to the group defined in the
defaultRoles
configuration.