- it allows to login as a given user by passing security check.
- it must be used only during development!
- disabled by default!
Updated the session auth module to make it easier to be reused.
- masquerade module is based on the session auth module.
- Removed CMS_REQUEST_UTIL
- centralize a few request related code into CMS_API
Added CMS_API.user, CMS_API.set_user (CMS_USER), ... and user related routines.
Refactored Auth related code
- added various abstractions to factorize implementation and harmonize solutions.
- revisited the logout strategy.
- updated the account info page, and remove info user should not care about.
- simplified the process, and encourage auth module to follow same design.
Added CMS_LINK helper routines to modify the related query string.
Removed CMS_USER.profile (and related routines)
- It was not used so far.
- it will probably a specific module later, if needed.
Update various module to avoid fetching user from sql directly, and let this task to CMS_USER_API.
Removed CMS_NODE_API.node_author (a_node: CMS_NODE): detachable CMS_USER,
- as the info is already in CMS_NODE.author
Added CMS_RESPONSE.redirection_delay, if ever one code want to redirect after a few seconds.
Added the request uri info to the not found cms response.
Improved Auth related module implementation by having a way to change settings like token, max age.
- use CMS_SETUP.site_id and related "auth.$module.token" ... configuration values.
- removed related CMS_..._CONSTANTS classes.
For auth session module, use auth_session as table name, and use VARCHAR(64).
Extracted sql from blog module, and store it under site/scripts/install.sql .
Renamed a few $modulename.sql as install.sql
