MoxieManager

Documentation

Security / SessionAuthenticator

First, we will show you a simple configuration for getting SessionAuthentication to work, every other implementation or authentication will be a variant of this, simply setting a session in your system and checking for it in the MoxieManager. We highly recommend you take a look at the code in the SessionAuthentication file, its fairly simple and should be easy to understand.

Turn on the SessionAuthenticator

// Change this to switch to SessionAuthenticator
$moxieManagerConfig['authenticator'] = "SessionAuthenticator";

// Set this SESSION key in your system when a user login, $_SESSION["isLoggedIn"] = true
$moxieManagerConfig['SessionAuthenticator.logged_in_key'] = "isLoggedIn";

<!-- First, add the SessionAuthenticator to the plugins list in Web.config -->
<plugin type="MoxieManager.Plugins.SessionAuthenticator.Plugin" />

<!-- Then edit these keys -->
<add key="authenticator" value="SessionAuthenticator" />
<add key="SessionAuthenticator.logged_in_key" value="isLoggedIn" />

This code should go in whatever login logic your system uses.

"moxiemanager" is the default prefix set in the config file.

session_start();
$_SESSION['isLoggedIn'] = true; // True/false if user is logged in or not, should be same as above
$_SESSION['moxiemanager.filesystem.rootpath'] = "/var/www/htdocs/myroot"; // Set a root path for this use

// Write to normal ASP.NET session
Session["isLoggedIn"] = true;
Session["moxiemanager.filesystem.rootpath"] = "c:/inetpub/wwwroot/upload";

You can also of course make any modifications this way, so for example, if you have the userid in a variable called $userid you can do this:

$_SESSION['moxiemanager.filesystem.rootpath']="/var/www/htdocs/myroot/". $userid ."/files";

Session["moxiemanager.filesystem.rootpath"] = "c:/inetpub/wwwroot/"+ UserId +"/uploads";

Make sure your userid is secure, altho MoxieManager have checks for hacks in the path, sanitizing input is always a good idea.

Setting AmazonS3 or Azure paths via sessions

If you are using AmazonS3 or Azure, you can set the config options through a flat session structure, like this:

// Amazon
$_SESSION["moxiemanager.amazons3.buckets.myclient.publickey"] = "pubkey";
$_SESSION["moxiemanager.amazons3.buckets.myclient.secretkey"] = "seckey";
$_SESSION["moxiemanager.amazons3.buckets.myclient.urlprefix"] = "http://bucketname.s3.amazonaws.com";
// Azure
$_SESSION["azure.containers.myazureclient.container"] = "test";
$_SESSION["azure.containers.myazureclient.account"] = "moxietest";
$_SESSION["azure.containers.myazureclient.sharedkey"] = "sharedkey";
// Setup the rootpath
$_SESSION["moxiemanager.filesystem.rootpath"] = "s3://myclient;azure://myazureclient";

/* Amazon S3 */
Session["moxiemanager.amazons3.buckets.myclient.publickey"] = "pubkey";
Session["moxiemanager.amazons3.buckets.myclient.secretkey"] = "seckey";
Session["moxiemanager.amazons3.buckets.myclient.urlprefix"] = "http://bucketname.s3.amazonaws.com";

/* Azure */
Session["azure.containers.myazureclient.container"] = "testcontainer";
Session["azure.containers.myazureclient.account"] = "moxietest";
Session["azure.containers.myazureclient.sharedkey"] = "sharedkey";

/* Setup rootpath */
Session["moxiemanager.filesystem.rootpath"] = "s3://myclient;azure://myazureclient";

Please note the buckets.<name> and containers.<name>, that needs to match your rootpath setup.

If you are using a system that overrides session management, you have to initalize the system framework inside the config file, so it will use the systems session storage.