Restrict the site access through http password authentication in drupal

Rakesh Kumar

* Implementation of hook_boot().
* Ask for user credentials and try to authenticate.
function hook_boot() {
require_once DRUPAL_ROOT . ‘/includes/’;

if (isset($_SERVER[‘PHP_AUTH_USER’]) && isset($_SERVER[‘PHP_AUTH_PW’])) {
$query = “SELECT pass FROM {users} WHERE name = :name”;
$result = db_query($query, array(‘:name’ => $_SERVER[‘PHP_AUTH_USER’]));
$account = new stdClass();
foreach ($result as $row) {
$account->pass = $row->pass;
if (isset($account->pass)) {
if (user_check_password($_SERVER[‘PHP_AUTH_PW’], $account)) {

header(‘WWW-Authenticate: Basic realm=”Development”‘);
header(‘HTTP/1.0 401 Unauthorized’);

View original post


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s