You will need to have installed cl/site and have at least one simple page to load. First use composer to install the cl/users component and the site console component:
composer require cl/users composer require cl/console composer run cl-installer
The composer run cl-installer command runs a script that installs the component in the
system. It must be run any time a new component is added.
To get the initial tables created, browse to the URL (relative to the site root):
cl/setup/tables
For example, if the site URL is https://www.example.com/site, the URL to create the tables will be https://www.example.com/site/cl/setup/tables.
Normal pages on the site will now come up with a login window. To get the site up and running install a temporary admin user. Edit site.php and uncomment the following and edit in a reasonable password (please don't use the one that is included as an example):
// Uncomment to add an initial admin before tables are created
// and the first user added to tables.
$site->users->addUser('admin', 'User, Admin',
CL\Users\User::ADMIN, password_hash('sHQFLJdNeI', PASSWORD_DEFAULT));
You will now be able to log onto the site using these credentials. Then to do cl/console to access the site console. The Management option in the navigation bar takes you to a page where you can create an admin user. One the admin user is created, delete the temporary admin from site.php. Browse to cl/login to login the new user.
Sandbox bypass and Email stripping
Sandbox bypass allows the password to be omitted when logging into a local sandbox instance for testing purposes. The password will only be ignored if the site is specifically indicated as being in the sandbox (see the cl/site configuration).
Email stripping will remove the @server.edu from an email address to reduce it to just the network ID.
To enable either of these features add this code to site.php:
$site->users->auth = new \CL\Users\Authenticate([
'sandbox-bypass'=>true,
'email-strip' => true
]);
Include the desired option in the array.
It's amazing how many students cannot comprehend the concept of entering just their network ID. They are used to entering an email address. This option saves a lot of gripping.
LDAP Authentication
To use LDAP authentication rather than an internal password system, add this code to site.php. The LDAP url and options will be provided by a system administrator. These example values are for the MSU Computer Science department:
$site->users->auth = new \CL\Users\AuthenticateLDAP([], "ldap://ds.cse.msu.edu:389", "ou=People,dc=cse,dc=msu,dc=edu" );
Both sandbox bypassing and email stripping can be added to the LDAP authentication object:
$site->users->auth = new \CL\Users\AuthenticateLDAP([
'sandbox-bypass'=>true,
'email-strip' => true
],
"ldap://ds.cse.msu.edu:389",
"ou=People,dc=cse,dc=msu,dc=edu"
);
Use either \CL\Users\Authenticate or \CL\Users\AuthenticateLDAP, not both!