Magnolia 5.6 reached end of life on June 25, 2020. This branch is no longer supported, see End-of-life policy.
Magnolia's Public User Registration module allows users to register an account on the public site. This page explains how to use the module to set up public user registration and protected pages that are available only to users who have registered and logged in.
The tutorial takes you through the process of:
We use the Sportstation demo in our example. CE users can adapt the example to fit the Travel demo or their own site.
The Public User Registration module includes all the necessary components to implement PUR on your site.
You can make the components available on any page template. The components will be used on pages for registration, login and related PUR tasks.
The Travel demo's Public Users template makes the components available in main
area of the page. The example uses this template. See Area definition for more.
templateScript: /travel-demo/templates/pages/areas/contentContainer.ftl parameters: cssClass: container type: list availableComponents: login: id: public-user-registration:components/login registration: id: public-user-registration:components/registration userUpdate: id: public-user-registration:components/userUpdate forgottenPassword: id: public-user-registration:components/forgottenPassword passwordChange: id: public-user-registration:components/passwordChange enableUser: id: public-user-registration:components/enableUser textImage: id: travel-demo:components/textImage
Node name | Value |
---|---|
areas | |
main | |
availableComponents | |
login | |
id | public-user-registration:components/login |
registration | |
id | public-user-registration:components/registration |
userUpdate | |
id | public-user-registration:components/userUpdate |
forgottenPassword | |
id | public-user-registration:components/forgottenPassword |
passwordChange | |
id | public-user-registration:components/passwordChange |
enableUser | |
id | public-user-registration:components/enableUser |
textImage | |
id | travel-demo:components/textImage |
Your pages can be located anywhere in the site hierarchy.
Create two sets of pages:
Example pages:
club-registration
).club-login
).update-club-profile
).retrieve-club-password
).change-club-password
). club-deals
and subpages). The example creates an exclusive club for registered users on the Sportstation site. In the Sports Club area users have access to special deals on the club-deals
page and its subpages. The example uses the Travel Standard template for these pages.
Example pages:
/sports-club
: All public users can access this page. The teaser component on the left takes logged-out registered users to the login form and logged-in users to the club-deals
page. The teaser component on the right takes non-registered users to the registration form page. /club-deals
: This page contains teasers to all available deals./<deals
: These are the Individual deal pages.
Open the PUR pages for editing and:
The PUR components are all forms.
Login is delivered as a preconfigured form. In the dialog, set links to the registration and forgotten-password pages. These links display at the bottom of the form. The target page directs the user to a page after login. Set this link to the restricted-content parent page.
The other PUR components require form setup. See Creating a form for more.
These forms expect fields with the exact names: username
, fullName
, password
, passwordConfirmation
and email
. Use Input fields, without validators, set advanced field types to text
, password
and email
and add a Submit button field.
Here are the components used in the example.
Use this reference table to set up your forms:
Component | Fields |
registration | username , fullName , password , passwordConfirmation ,email |
userUpdate | username , fullName , email |
forgottenPassword | username , email |
passwordChange | password , passwordConfirmation |
The PUR module configuration used in the example is a copy of the travel
configuration (that extends default
) with minor changes.
Always
registration strategy enables users immediately. A user can access restricted content straight after registration. MailChangePasswordLinkStrategy
sends an email to the user who submits the password retrieval form. A link in the email directs the user to the example /change-club-password
page. sportstation-pur
group in Setting permissions (below). default
to ensure that users assigned only the anomymous
role cannot access restricted content. These options are configured in /modules/public-user-registration/config/configurations/sportstation
.
Node name | Value |
---|---|
configurations | |
default | |
travel | |
sportstation | |
registrationStrategy | |
class | info.magnolia.module.publicuserregistration.strategy.Always |
passwordRetrievalStrategy | |
emailTemplate | /public-user-registration/templates/mail/password-reset-email.ftl |
targetPagePath | /sportstation/sports-club/retrieve-club-password/change-club-password |
defaultRoles | |
anonymous | anonymous |
extends | override |
defaultGroups | |
pur | sportstation-pur |
extends | ../default |
At this stage, publish the work to date to the public instance. We set permissions and test the setup on the public site because this is where it will be used and anonymous users have different permissions on the author and public instances by default.
Publish:
On the public instance, first restrict anonymous access to content reserved for registered users and then give registered users access to this content
In the Security app, edit the anonymous
role and add permissions denying access to restricted content.
Example: Web access:
Permission | Path |
Deny | /sportstation/sports-club/club-deals* |
Deny | <sportstation>/sports-club/club-deals* |
Deny | /sportstation/sports-club/update-club-profile* |
Deny | <sportstation>/sports-club/update-club-profile* |
The permissions starting with <site name>
prevent cross-site access. See Site-specific ACLs for more.
In the Security app, create a new role (sportstation-pur
in the example) that gives access to restricted content.
Example: Web access:
Permission | Path |
Get & Post | /sportstation/sports-club/club-deals* |
Get & Post | <sportstation>/sports-club/club-deals* |
Get & Post | /sportstation/sports-club/update-club-profile* |
Get & Post | <sportstation>/sports-club/update-club-profile*
|
Next create a new group named after the value in the defaultRoles
configuration property (sportstation-pur
in the example) and assign the new role to the new group. Users in this group also need other basic roles.
Example: Group role assignment.
Group | Granted roles |
sportstation-pur | sportstation-pur |
travel-demo-base | |
imaging-base |
Adding a client callback on the security callback filter ensures that users are redirected to the login component on a page and not to the default (green) Magnolia login screen. The redirect comes into play when a registered user logs out or an unregistered user attempts to access restricted content.
Example: sportstation-pur
client callback configured in /server/filters/securityCallback/clientCallbacks/sportstation-pur
.
Node name | Value |
---|---|
server | |
filters | |
... | |
securityCallback | |
clientCallbacks | |
travel-demo-pur | |
sportstation-pur | |
originalUrlPattern | |
class | info.magnolia.cms.util.SimpleUrlPattern |
patternString | (*|sportstation)/sports-club/(profile-update|club-deals)* |
class | info.magnolia.cms.security.auth.callback.RedirectClientCallback |
location | /sportstation/sports-club/club-login.html |
Properties:
sportstation-pur | required client callback name. |
| required Pattern node |
| required
|
| required Pattern that defines the location of the restricted content that triggers the callback. See |
| required
|
| required Relative path to the login page. Add the |
Make sure that your SMTP settings are configured on the public instance so that the Mail module can send emails. Remember to assign superuser
a working email address.
superuser
and then log out by adding the ?mgnlLogout=true
parameter to the URL. The restricted content disappears and the page redirects to the login form page configured in the security callback. passwordRetrievalStrategy
configuration) where you can choose a new password.defaultRoles
configuration.