Authenticate Magento Admin Users

Magento’s admin interface allows you to do the vast majority of everything that you would ever want to do to manage your eCommerce website. However, there are times when the rigidity of the framework makes it difficult for developers to appropriately customize a layout.

One of the things that we have done to combat these limitations is to create a new administration section of the website specifically for the use of developers and other advanced administrators of the site. In order to do this as seamlessly as possible, one of the requirements was to enable current admin users to use the same authenticated session across the standard Magento admin and our new custom admin systems.

When looking for the best way to do so, it became obvious that not nearly as many people deal with the admin level session control as do frontend session access control. As a result, here is a snippet of the code that allows you to determine whether the visitor to your custom PHP page has been properly authenticated to your existing Magento admin.

require '../app/Mage.php';
Mage::app('admin');

Mage::getSingleton('core/session', array('name'=>'adminhtml'));

if (!Mage::getSingleton('admin/session')->isLoggedIn()) {
    // Redirect the User to the Login page
} else {
    // Do your stuff
}
Tags:

Related Posts

Mar 5, 2015
2 minutes

Don't Be a Dunce, Save Your Orders

There are some gotchas that you think that you will always see coming. One such gotcha is the need to save an object to the datastore to persist any changes you may have made to that object.

While it seems like a reasonable concept at the base level, there are times that the need to save an object completely escapes your mind. It seems that for many non-developers, this occurs when they have been working a long time on a file, typically a Microsoft Word document, shortly before their computer blue screens, losing all of their work.

#magento #web-development #php
Read More
Jan 4, 2015
3 minutes

Top Job Applicants Never Stop Learning

From time to time, my job allows me to be a part of the hiring process for our technical positions. Unfortunately for some of the applicants, I repeatedly come away from these interviews amazed at the responses I get from pretty standard and basic technical questions related to Web Development.

Recently we were looking for a front-end web developer that was good at UX and design and proficient at HTML, CSS, and JavaScript. One of the things that we tend to ask everyone is to rate themselves on a scale of 1 to 10 as to how good they are with each technology. The majority of responses are in the 5-8 range with the corresponding answers to the questions about each techology falling about in the range you would expect. A couple of applicants were brave enough to rate themselves at a 9.5 out of 10 on HTML, CSS, and JavaScript, leading us to believe they were “exceptional applicants”.

#javascript #css #rant
Read More
Jul 10, 2014
One minute

Ignore Whitespace Not Available in BitBucket Pull Requests

When looking for an online location to use as the host for source code, many people by default look at GitHub, as it seems to be the most well-known option out there, and is free for open source projects. However, if you would like your source code to be kept private, or would rather use Mercurial instead of Git, GitHub may not be the place for you. Instead, I would suggest BitBucket as your source code repository provider.

#rant #web-development
Read More