Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
By mikeohara on
I'm looking to develop a module that allows me to present a confirmation dialog similar to a normal confirmation step except that I want to have the user enter their user password as validation of the action. This is similar to behavior I've seen on other SaaS services.
The reason is not to check whether the person has permission but to ensure that the user is making a wholly inentional step by making them revalidate themselves as they complete it. It would also allow for if a user is logged in but away from their desk, another user cannot perform th(is/ese) destructive actions on their behalf.
Comments
In your module, call user
In your module, call user_authenticate().
https://api.drupal.org/api/drupal/modules%21user%21user.module/function/...
Put up a form asking for the user's password; then get the userID from $global user, lookup the user's name with user_load(), and pass that and the password collected to user_authenticate().
If you get back a result (the user ID) then they've authenticated; if you get back NULL, then die with a message.
============================
Resonetrics: Better Tools for Building Brands
http://resonetrics.com
http://technologyformarketers.com
http://kittenassociates.org
http://www.linkedin.com/in/sammooreatresonetrics
Very cool
Thanks I will check this out.