One-Click login to any phpMyAdmin database from DirectAdmin (SKINS)

Version 1.59

Feature
Finished

BETA New feature, off by default using internal value: one_click_pma_login=0 which can be enabled with: one_click_pma_login=1 eg: /usr/local/directadmin/directadmin set one_click_pma_login 1 service directadmin restart allows for a one-click login to any database when viewing that database through DirectAdmin, eg: CMD_DB_VIEW?DOMAIN=domain.com&name=user_dbname Note: it's on the database page with User list, not on the database list page. ===================== ENABLE To enable, turn it on in the directadmin.conf and also re-install PMA: cd /usr/local/directadmin/ ./directadmin set one_click_pma_login 1 service directadmin restart cd custombuild ./build update ./build phpmyadmin ===================== FORM 1) The database page has a form, which will submit to: CMD_PMA_LOGIN Method: POST name=user_dbname domain=domain.com #required, but only for return reference 2) This action will create a new da_sso_RANDOM user to access the user_dbname db. It's added into MySQL, and DA also logs the creation in: /usr/local/directadmin/data/admin/phpmyadmin_sso.conf so it can track creation times, and clean up the accounts later. 3) A token is created in: /var/www/html/phpMyAdmin/direct_login/tokens/TOKENNAME with the user,pass,client IP and creation time. 4) An auto-submitting form goes to: /phpMyAdmin/direct_login/index.php which will read in this token and setup the session using phpMyAdmin's auth_type=signon method. 5) The direct_login/index.php then redirects to /phpMyAdmin/index.php for normal use. 6) The logout will redirect to /phpMyAdmin/direct_login/logout.php, which destroys all SignonSession cookies, so a normal user/pass login can happen if /phpMyAdmin is accessed manually. ===================== PhpMyAdmin config.inc.php Because we only want to use one $cfg['Servers'] in the PMA config.inc.php, we're currently using an if-then-else method, checking for the presence of $_COOKIE['SignonSession']. If set, it uses the $cfg['Servers'][$i]['auth_type'] = 'signon'; If not, the standard cookie method is used instead. ===================== MYSQL USERS The da_sso_* MySQL users are added to a given User's database. As a result, they would normally show up in the count and in the list of DB Users through DA... But DA goes out of it's way to hide them from counts and listings, even though the are there. The /usr/local/directadmin/data/admin/phpmyadmin_sso.conf lists all allow users. The nightly tally will clear any accounts when they expire after 16 hours. Any da_sso_* user found in mysql that is NOT in the phpmyadmin_sso.conf will be removed for the database. Any account in phpmyadmin_sso.conf that has a creation time greater than 16 hours, will be removed from both phpmyadmin_sso.conf and the database. ===================== SKINS user/db/db_view.html add a new form: |*if HAVE_ONE_CLICK_PMA_LOGIN="yes"| <br> <form id='pma_form' action='CMD_PMA_LOGIN' method='POST'> <input type='hidden' name='name' value='|name|'> <input type='hidden' name='domain' value='|DOMAIN|'> <input type="submit" value="phpMyAdmin SSO"> Login, no password required. </form> |*endif|

Interested to try DirectAdmin? Get a 30-day Free Trial!