3. Authenticating


There are many ways to log in or log out on a website, which is using Allmice CMS Classic Edition: by using a block or various available URLs.

3.1. Authenticating through block

The first user admin will be created automatically through the website installing process. After website installing has been completed a "Log in" button will appear on upper right corner on the website.

By clicking this button "Log in / register" window opens.
This is one way to log in and such buttons and windows will be shown on website if the block userBlock is active by default in userArea region.

One of the advantages of such block based logging in window is, that the URL of the website, which has been chosen before logging in will be the same after logging in (i.e. the web page remains the same before and after logging in).
The other advantage is, that it is harder for various bots to try to log in - they must first submit log in button and can not enter authenticating details on an URL at once.

In case of the block based authenticating, the block is showing different content depending of the authenticating status: Log in or Log out button or "Log in / register" window.
When a user has been authenticated, then on the same spot of the web site, where was "Log in" button is now by default "Log out" button with username who has logged in.

3.2. Authenticating through an URL

On some web sites, which are not offering public authenticating, it is good not to show a Log in button or log in link.

There are some URLs as described below, which can be used alternatively to log in or to log out.
All these URLs can be used, if for logging in purposes access right is allowed for such authenticating methods for anonymous role;
and for logging out purposes access right is allowed for such authenticating methods for the role, which the authenticated user has as active role.

If you are not authenticated, then
are showing log in form.

If you are authenticated, then these same URLs:
are showing log out form (button).

The URLs
are showing login  form.

The URLs
are showing logout form (logout button).

As a measure to keep bots away from the logging in URLs you could also use an alias URL for one of the logging in URLs. To add an alias URL, log in as admin user and use URL [path-to-your-site]/admin/add-alias.

Previous: 2.2. Manage message templates | Next: 4. Adjust the website for authenticated users
Users and messages
1. Modules for managing users and messages
2. Sending automatic emails
2.1. Configure email authentication details
2.2. Manage message templates
3. Authenticating
4. Adjust the website for authenticated users
4.1. Access rights for unauthenticated visitors
4.2. Adjustable links on user block
4.3. Change labels and other language phrases
4.4. Prepare content for authenticated visitors
4.5. Give access rights for authenticated users
5. Registering new users
6. Multiple email addresses and user account recovery
7. Manage contact forms and emails
8. Manage postal addresses
9. User profile