Created: 2008-09-25 04:14
Updated: 2016-05-08 13:54
License: other


Front End Authentication

This extension is useful for protecting specific pages of your Symphony powered site. Based on either Sessions or Cookies


** Note: The latest version can alway be grabbed with git clone git://

  1. Upload the 'frontend_authentication' folder in this archive to your Symphony 'extensions' folder.
  2. Enable it by selecting the "Front End Authentication", choose Enable from the with-selected menu, then click Apply.
  3. Visit the preferences area to begin configuration


  • Create a new section with 1 field for the username and 1 for the password
  • Create a login page with a form resembling the following:
	<form method="POST" action="">

		<xsl:if test="//front-end-authentication/@status = 'invalid'">
			<h1>Authentication Failed! Please check your details</h1>

		<xsl:if test="//front-end-authentication/@password-retrieval-email-status = 'sent'">
			<h1>Email sent. Please check your inbox.</h1>

		<label>Username: <input name="front-end-authentication[username]" type="text"/></label>
		<label>Password: <input name="front-end-authentication[password]" type="password"/></label>
		<input type="submit" name="action[front-end-authentication][login]" value="Login"/>
		<p>Forgot your password? <a href="{$root}/login/forgot/">Forgot your password?</a></p>
  • Go to system preferences and be sure to select the username and password fields appropriately
  • On the system preferences page, choose this page as your login page from the drop box
  • Any page with the same type as the one you specified in the system preferences will auto-magically display the login page contents instead
  • To log out, add ?front-end-authentication-logout=true to any URL


  • If you wish for your users to be able to retrieve passwords, ensure that your usernames are email addresses, then create a forgot password page with a form similar to:
	<form method="POST" action="{$root}/login/">
		<p>Enter your email address below and you will be sent an email containing your password</p>
  		<label>Email Address: <input name="front-end-authentication[username]" type="text" /></label>
	  	<input type="submit" name="action[front-end-authentication][forgot]" value="Go" />

You can customise the email on the preferences page

  • It is recommended that you use the "Unique Input" field for the username. This can be found at
  • Setting this extension to use Sessions instead of Cookies (found in the system preferences) will mean the user is logged out as soon as the browser is closed.
Cookies help us deliver our services. By using our services, you agree to our use of cookies Learn more