Defaulting to OpenID on Drupal 5

Kudos to walkah et al for their work on the Drupal OpenID module and getting OpenID into core for Drupal 6!

By default, OpenID in Drupal 5 and 6 defaults to present regular Drupal authentication first, giving the user the option to toggle to authenticate via OpenID.

That’s the exact opposite of what I wanted to deploy on my blog: I want users to log in using OpenID unless they have a very good reason not to. Here’s how I solved the problem in 5 easy steps using just the magic of a phptemplate theme to modify the authentication interfaces to default to OpenID.

Step 1: Override Authentication UI

First I added the following overrides in my theme’s template.php file to specifiy that I would be overriding various interface elements.

// override the user log in form at /user
function phptemplate_user_login($form) {
return _phptemplate_callback('user_login', array('form' => $form));
}

// override the user registration form at /user/register
function phptemplate_user_register($form) {
return _phptemplate_callback('user_register', array('form' => $form));
}

// override the password reset form at /user/password
function phptemplate_user_pass($form) {
return _phptemplate_callback('user_pass', array('form' => $form));
}

// override the user log in block
function phptemplate_user_login_block($form) {
// show hint in form element
$form['openid_url']['#value'] = 'OpenID Login';
// remove hint in form element on focus
$form['openid_url']['#attributes'] = array('onfocus' => "javascript:openid_url.value=''");
return _phptemplate_callback('user_login_block', array('form' => $form));
}

Step 2: New User Log In Template

Next I added a template file to my theme directory called “user_login.tpl.php” as per my override in template.php above with the following code.

// reverse default form element visibility toggles set in openid module js
drupal_add_js('$(document).ready(function(){$("#edit-openid-url-wrapper").show();$("#edit-name-wrapper").hide();$("#edit-pass-wrapper").hide();$("a.openid-link").hide();$("a.user-link").show();});', 'inline');

// render login form
print(drupal_render($form));

Step 3: New User Registration Template

Next I added a template file to my theme directory called “user_register.tpl.php” as per my override in template.php above with the following message, giving a link for users to go get an OpenID because I don’t want users to create local Drupal identities.

Establish your <a href="http://openid.net/" title="Learn More about OpenID">OpenID</a> with a provider like <a href="http://myopenid.com/" title="Visit MyOpenID.com">MyOpenId.com</a>. Then come back to this site and <a href="/user" title="Log in to this site">log in</a> with your new OpenID.

Step 4: New Password Recovery Template

Next I added a template file to my theme directory called “user_pass.tpl.php” as per my override in template.php above with the following message, giving a link for users to go recover their password from their OpenID provider.

Visit your <a href="http://openid.net/" title="Learn More about OpenID">OpenID</a> provider to recover your password. Then come back to this site and <a href="user" title="Log in to this site">log in</a> with your OpenID.

Step 5: New User Log In Block Template

Next I added a template file to my theme directory called “user_login_block.tpl.php” as per my override in template.php above with the following code.

// reverse default form element visibility toggles set in openid module javascript
drupal_add_js('$(document).ready(function(){$("#edit-openid-url-wrapper").show();$("#edit-name-wrapper").hide();$("#edit-pass-wrapper").hide
();$("a.openid-link").hide();$("a.user-link").show();});', 'inline');

// render select elements in login block
print(drupal_render($form['form_id']));
print(drupal_render($form['openid_url']));
print(drupal_render($form['submit']));

You’re Done!

After these 5 steps, users are presented with OpenID authentication on my site and guided to getting an OpenID if they don’t have one already. A user with a local, Drupal identity can still toggle to authenticate on the now obscured /user login form, but only an existing user with the proper access can create new local Drupal users.

My dream for OpenID in Drupal core is to have admin UI that allows various configurations which make any necessary changes to the user authentication UI:

  • prefer OpenID authentication, allow Drupal
  • prefer Drupal authentication, allow OpenID
  • allow only OpenID authentication
  • allow only Drupal authentication (this case would be covered by just not enabling the OpenID module)

Let me know if you have more questions about or suggestions for this solution.

Drupal 6.0

I just installed my first Drupal 6.0 version (RC4), which took a total of about 3.5 minutes. You [used to be able to] visit the resulting (minimalist) site.

The new installer worked flawlessly, requiring only establishing a database and user and changing the the access control on a single directory and changing it back again once the install was complete. The rest was answering a few basic questions in Drupal’s web-based installer. Given that the db and file access steps could also be accomplished via a web interface (eg, cpanel on a hosted server), the whole installation process could easily be handled by a non-technical user in the same few minutes it took me.

What’s exciting in Drupal 6? You can check out a complete list, but for me, here are the highlights:

  • OpenID integrated as a core module. My only suggestion here would be to add some administrative controls to toggle various authentication options (eg, only use OpenID or Drupal authentication, prefer OpenID or Drupal authentication, hide password change controls from OpenID users, etc).
  • Workflow actions and triggers integrated as core modules. This demonstrates something I’ve admired most about Drupal: the right functionalities are brought into core as general services/APIs. I haven’t experimented with these yet, but core’s where they belong.
  • The latest jQuery integration. Drupal worked with the jQuery folks to deliver jQuery 1.2.3. This should make for even more jQuery goodness.
  • The update module integrated into core. Now let Drupal tell you when it needs upgrades.

I’ll need to wait until key contrib modules like CCK and Views are ready to test in Drupal 6, but I have every faith that added together, this release will significantly increase the sophistication and power of Drupal.

Meanwhile, there are already even little tweaks to love, like drag and drop reordering of menus and blocks, and hiding the revision log field on the node edit form in a closed fieldset (yes, it would be nice if every user explained every content update they made, but most have no idea what is being asked for in the log).

Stay tuned for more on Drupal 6, and oh, in case you haven’t heard, go to DrupalCon 2008 in Boston!

Flock Me!

O how I want to Flock in the morning. O how I want to Flock in the eve.

But I can’t because Flock can’t authenticate me to my OpenID, Drupal blog.

Flockstars take notice: OpenID critical mass is growing. Take a look at OpenID support in these flocky sites and at least let us know what you all are thinking about integrating OpenID support in Flock (very partial list):

OSCMS 2007: Open Source Content Management Systems at Yahoo!

Recently returned from the Open Source Content Management Systems (OSCMS 2007) gathering held at the Yahoo! campus in Sunnyvale, CA.

Drupal was strongly represented at OSCMS, but also saw some Joomla, Plone and Alfresco presence.

As often, PHP maven Rasmus Lerdorf was in attendance, in this case, demonstrating the latest in security and performance considerations.

I found great value in the day-long seminar on Drupal/LAMP performance and scalability given by Dries Buytaert (Drupal), James Walker (Bryght), Jeremy Andrews (CivicSpace) and Matt Westgate (Lullabot), with a guest appearance by Robert Douglass (Lullabot). If anyone continues to have doubts about LAMP platform applications scaling to enterprise levels…they should have been in attendance to absorb the variety of solutions from hardware to network to architecture to database to code offered here. After this, I will no longer doubt that LAMP applications can be tailored to meet enterprise demands.

View the OSCMS Flickr stream

Drupal 6 Blog Recipe

LAMP Platform

Drupal Content Management System

Drupal Installation

  1. Procure a LAMP webserver environment similar to the one described above. Other platforms are possible (eg, LAPP, WAMP, WIMP, etc), but will not be discussed here. Read Drupal’s system requirements for more information.
  2. Follow the standard Drupal installation procedures.
  3. Once Drupal is installed, check your site’s system status (at http://yourdomain.tld/admin/reports/status) to make sure you have properly and completely installed Drupal. Fix any reported issues.

Drupal Configuration

  1. Complete the basic Drupal site configuration.
  2. For basic settings, I recommend using clean URLs. You might wait to enable caching and/or disabling on-screen error reporting until you are ready to make your site live.
  3. Enable the optional core modules listed below.
  4. Install and enable the theme listed below, choose another existing theme, or design your own Drupal theme (Framework is a good theme on which to base a new design).
  5. Install and enable the contributed modules listed below. Any specific installation issues will be noted under each module listing.
  6. Set up a cron task that will visit your Drupal site on a regular basis to do basic housekeeping tasks automatically (eg, rebuilding the search index).
  7. Establish an OpenID identity with a provider (eg, myopenid.com, myvidoop.com) and use it to log in to your Drupal site. (Note: I don’t recommend using Drupal’s root administrative user as your daily blogging identity, so make a new user for yourself with reduced privileges.)
  8. Start blogging!

Optional Core Modules

Ultimately, all these core modules are optional, but some provide basic functionality you won’t want to blog without.

  1. aggregator: Enables you to expose feeds (eg, RSS) from other sites on your site.
  2. blog: Blog enables multi-user blogging. If only one person will ever blog on your site, you don’t need the blog module. However, even though I may be the only blogger on xolotl.org, I’ve enabled blog to establish handy navigation to my blog, and other modules may add useful functionality directly to blog.
  3. blog api: Allows users to post content using applications that support XML-RPC blog APIs.
  4. comment: Enables you or other users to comment on your blog entries (or other content).
  5. contact: Provides general site contact form.
  6. database logging: Logs and records system events to the database.
  7. help: Provides online help for Drupal features.
  8. menu: Enables your site to have navigation menus.
  9. openid: Enables OpenID authentication. Note that I did some user login, login block, register and password form templating to override stock forms provided by Drupal and this OpenID module. My goal: allow only OpenID authentication.
  10. path: Enables you to make URLs on your site more human and search-engine friendly.
  11. php filter: Allows embedded PHP code/snippets to be evaluated.
  12. ping: Alerts other sites when your site has been updated via ping-o-matic.
  13. poll: Enables simple polling functionality. I’ll occasionally be asking my blog readers to vote on simple polls.
  14. search: Enables Drupal’s built-in content search functionality.
  15. statistics: Enables Drupal’s built-in usage statistics functionality.
  16. taxonomy: Enables you to categorize content with your own custom tags.
  17. update status: Checks the status of available updates for Drupal and your installed modules and themes.
  18. upload: Enables you to attach/upload files (eg, images, PDFs, etc) to content items.

Contributed Modules

Some of these contributed modules use additional required supporting modules where are not listed here.

  1. cck: Allows administrators to define new content types. I also use some custom CCK field type modules, that enable date, email, filefield, imagefield and link fields.
  2. flickrsync: Reads users’s Flickr photo streams, and turns into nodes.
  3. google analytics: Adds Google Analytics javascript tracking code to all your site’s pages.
  4. imagecache: Dynamic image manipulator and cache.
  5. mollom: Protects against comment and contact form spam.
  6. pathauto: Enables custom, automatically-generated URLs for pages.
  7. print: Enables printer-friendly, PDF and email versions of pages.
  8. service_links: Automatically adds Digg, del.icio.us, reddit, Technorati etc. links to content items.
  9. simplemenu: Creates a menu bar that is displayed at the top of every page.
  10. tagadelic: Tagadelic makes weighted tag clouds from your taxonomy terms. See the one in the column to the right.
  11. tinymce: Enables a WYSIWYG rich text editor.
  12. views: Create customized lists and queries from your database.

Theme

framework: I’m using a slightly modified version of the Framework theme by Andre Griffin. My modifications are only to default to OpenID authentication and some minor CSS style tweaks.