How to embed username and password in a URL?

drupal.stackexchange https://drupal.stackexchange.com/questions/1583

  •  16-10-2019
  •  | 
  •  

Question

We have a form that users need to fill out, but it is accessible only to authenticated users. We want to send a mass email to all users with an username and a password embedded in an URL, so that users can just click on that URL and log in to Drupal. The username and password will be common for all users.

Is it possible to log in to Drupal through this way?

Was it helpful?

Solution

Clearly there are too many good options.

There is also http://drupal.org/project/tokenauth. This would allow you to craft a link for email that would auto-login the user for whichever pages you configured to be accessible via token.

Some details from the module's project page:

Token Authentication provides a token for use in the URL to authenticate users to your site. It only works on paths configured in the settings page.

Originally this module was intended to offer simple authentication for RSS feeds to allow feed readers to pull customized content listings. You can now use it to provide a simple browsing experience of any Drupal content.

Be careful with what paths you expose to Token Authentication, as it is effectively a very simple, very low security password mechanism. You can expose Administration pages through bad configuration.

OTHER TIPS

There is currently a sandbox module called URL Login waiting to get approved to become a full project. See the project page and the full project application issue.

That module provides a secure way to log in through an URL. If that module is useful to you, I suggest you mention that in the linked issue so that it can become a full project soon.

Are you looking for one-time logins, allowing new users to login and set their own password? Try http://drupal.org/project/one_time_login

Some details from the module's project page:

This module adds two operations to the form at Administration >> People: "Send one-time login link to the selected users" and "Download CSV of one-time login URLs for the selected users".

This module also provides a Views field handler for one-time login URL and a "Send one-time login link to user" action for use with Views Bulk Operations.

I believe you are looking for the Secure Site module.

Although depending on your needs the Webserver Authentication module might work well also.

Licensed under: CC-BY-SA with attribution
Not affiliated with drupal.stackexchange
scroll top