Jump to content
  • 0

External Client Login Form With Csrf Tokens Enable


dieselb0y

Question

Hello all,

 

Someone can provide us a little tutorial on how to generate the crsft tokens for a simple HTML form ?

 

We can find some information in http://www.blesta.com/forums/index.php?/topic/1107-login-and-redirect-client-user-from-custom-website-to-billing-website/?hl=login+form , about a plugin creation , but nothing very explanatory . Somone can provide us an exemple , or a tutorial on how to achieve this?

Link to comment
Share on other sites

12 answers to this question

Recommended Posts

  • 0

 

I want to do the same thing that you did on your web site licensecart:

 

 

<form method="post" action="https://licensecart.com/billing/customers/login/" target="_blank">
                        <div class="form-group">
                          <div class="input-group">
                            <div class="input-group-addon"><i class="fa fa-user"></i></div>
                            <input type="text" name="username" class="form-control" id="login_username" placeholder="Username" autocomplete="off">
                          </div>
                        </div>
                        <div class="form-group">
                          <div class="input-group">
                            <div class="input-group-addon"><i class="fa fa-lock"></i></div>
                            <input type="password" name="password" class="form-control" id="login_password" placeholder="Password" autocomplete="off">
                          </div>
                        </div>
                        <div class="form-group">
                          <button type="submit" class="btn btn-success btn-block">Login to Client Area</button>
                        </div>
                      </form>

 

 

We did what's in this tutorial :) http://www.blesta.com/forums/index.php?/topic/510-login-form-outside-blesta/

Link to comment
Share on other sites

  • 0

Hey Licensecart! .. .thanks for the fast answer ;)

 

I understand that the CSF tokens need to be generate .. but how can I acheive this ... Can I use the same method that the default blesta login form page use ? ... if yes ... where can I find the correct code to do it ?

 

I try to take a look in client_login.pdt .. . but I found nothing.

Link to comment
Share on other sites

  • 0

I want to use CSRF check with my form .. I don't want to disable it ... how can I generate the token from my login form ?

 

Sounds like you can't and I see why: CSRF ==> Cross-Site Request Forgery

 

Cross-Site Request Forgery:

Cross-Site Request Forgery (CSRF) is a type of attack that occurs when a malicious Web site, email, blog, instant message, or program causes a user's Web browser to perform an unwanted action on a trusted site for which the user is currently authenticated.

Link to comment
Share on other sites

  • 0

I want to do the same thing that you did on your web site licensecart:

 

 

<form method="post" action="https://licensecart.com/billing/customers/login/" target="_blank">
                        <div class="form-group">
                          <div class="input-group">
                            <div class="input-group-addon"><i class="fa fa-user"></i></div>
                            <input type="text" name="username" class="form-control" id="login_username" placeholder="Username" autocomplete="off">
                          </div>
                        </div>
                        <div class="form-group">
                          <div class="input-group">
                            <div class="input-group-addon"><i class="fa fa-lock"></i></div>
                            <input type="password" name="password" class="form-control" id="login_password" placeholder="Password" autocomplete="off">
                          </div>
                        </div>
                        <div class="form-group">
                          <button type="submit" class="btn btn-success btn-block">Login to Client Area</button>
                        </div>
                      </form>
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Answer this question...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
×
  • Create New...