Versions Compared

Old Version 1

changes.mady.by.user Christoph Meier

Saved on

compared with

New Version Current

changes.mady.by.user Martin Drápela

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: typo

Magnolia's Public User Registration module allows users to register an account on the public site. This page explains how to use the module to set up public user registration and protected pages that are available only to users who have registered and logged in.

The tutorial takes you through the process of:

  • Setting up pages containing the components provided by the module 
  • Restricting access to certain pages to registered users only.

...

The Public User Registration module includes all the necessary components to implement PUR on your site.

You can make the components available on any page any page template. The components will be used on pages for registration, login and related PUR tasks. 

The Travel demo's Public Users template makes the components available in main area of the page. The example uses this template. See Area definition for more.

Localtab Group
Localtab
activetrue
titleYAML file
Code Pro
languagejs
sections8-28
urlhttp://git.magnolia-cms.com/projects/MODULES/repos/demo-projects/browse/community/magnolia-travel-demo/src/main/resources/travel-demo/templates/pages/pur.yaml?at=master&raw
 
 Localtab
titleJCR node
 Advanced Tables - Table Plus
heading0
multiplefalse
enableHeadingAttributesfalse
enableSortingfalse
classm5-configuration-tree
enableHighlightingfalse
   
Node nameValue
 Mgnl n
areas
 

 Mgnl n
main
 
 Mgnl n
availableComponents
 

 Mgnl n
login
 

 Mgnl p
id
public-user-registration:components/login
 Mgnl n
registration
 

 Mgnl p
id
public-user-registration:components/registration
 Mgnl n
userUpdate
 
 Mgnl p
id
public-user-registration:components/userUpdate
 Mgnl n
forgottenPassword
 

 Mgnl p
id
public-user-registration:components/forgottenPassword
 Mgnl n
passwordChange
 

 Mgnl p
id
public-user-registration:components/passwordChange
 Mgnl n
enableUser
 

 Mgnl p
id
public-user-registration:components/enableUser
 Mgnl n
textImage
 

 Mgnl p
id
travel-demo:components/textImage
...
  • PUR pages
    • Base these pages on your PUR template. We will add the PUR components made available above to these pages. 
    • You need one page for each PUR component, for example a registration page for the Registration form component, a login page for the Login form component etc..
  • Restricted content pages
    • These are standard pages. They do not rely on the functionality of the PUR module.
    • You can base these pages on any template and you add any components.
...
  • Registration: Always  registration strategy enables users immediately. A user can access restricted content straight after registration. 
  • Password retrieval: MailChangePasswordLinkStrategy sends an email to the user who submits the password retrieval form. A link in the email directs the user to the example /change-club-password page. 
  • Default group: We create the sportstation-pur group in Setting permissions (below). 
  • Default role: The configuration overrides default to ensure that users assigned only the anomymous role cannot access restricted content.  
These options are configured in /moudlesmodules/public-user-registration/config/configurations/sportstation.
 Localtab
titleJCR node
 Advanced Tables - Table Plus
heading0
multiplefalse
enableHeadingAttributesfalse
enableSortingfalse
classm5-configuration-tree
enableHighlightingfalse
   
Node nameValue
 Mgnl f
configurations
 

 Mgnl n
default
 

 Mgnl n
travel
 
 Mgnl n
sportstation
 

 Mgnl n
registrationStrategy
 

 Mgnl p
class
info.magnolia.module.publicuserregistration.strategy.Always 
 Mgnl n
passwordRetrievalStrategy
 

 Mgnl p
emailTemplate
/public-user-registration/templates/mail/password-reset-email.ftl 
 Mgnl p
targetPagePath
/sportstation/sports-club/retrieve-club-password/change-club-password
 Mgnl n
defaultRoles
 

 Mgnl p
anonymous
anonymous
 Mgnl p
extends
 override
 Mgnl n
defaultGroups
 

 Mgnl p
pur
sportstation-pur
 Mgnl p
extends
../default 
...
At this stage, publish the work to date to the public instance. We set permissions and test the setup on the public site because this is where it will be used and anonymous users have different permissions on the author and public instances by default.
Publish: 
Setting permissions
On the public instance, first restrict anonymous access to content reserved for registered users and then give registered users access to this content
...
Next create a new group named after the value in the defaultRoles configuration property (sportstation-pur in the example) and assign the new role to the new group. Users in this group also need other basic roles.
...
GroupGranted roles
sportstation-pursportstation-pur 

travel-demo-base 

imaging-base
Adding a client callback to the security filter
...
 Localtab
titleJCR node
 Advanced Tables - Table Plus
heading0
multiplefalse
enableHeadingAttributesfalse
enableSortingfalse
classm5-configuration-tree
enableHighlightingfalse
   
Node nameValue
 Mgnl f
server
 

 Mgnl f
filters
 

 Mgnl f
...
 

 Mgnl f
securityCallback
 

 Mgnl n
clientCallbacks
 

 Mgnl n
travel-demo-pur
 

 Mgnl n
sportstation-pur
 

 Mgnl n
originalUrlPattern
 

 Mgnl p
class
info.magnolia.cms.util.SimpleUrlPattern
 Mgnl p
patternString
(*|sportstation)/sports-club/(profile-update|club-deals)* 
 Mgnl p
class
info.magnolia.cms.security.auth.callback.RedirectClientCallback 
 Mgnl p
location
/sportstation/sports-club/club-login.html
...
  1. Open the restricted content page logged in as superuser and then log out by adding the ?mgnlLogout=true parameter to the URL. The restricted content disappears and the page redirects to the login form page configured in the security callback.  
       
  2.  Click Register in the login form, register a dummy account (using a valid email address) and then login with the new credentials. The protected page (set in the Login form component) opens.  
       
  3. Log out as the new user, click Forgotten password in the login form and enter the dummy account username and email. The link in the password reminder email opens the password reset form page (set in passwordRetrievalStrategy configuration) where you can choose a new password.
         
  4. Log in to admincentral and launch the Security app to verify that the dummy user is assigned to the group defined in the defaultRoles configuration.