Now you know how to create and edit pages! That was not so hard, was it? Quite easy to become a webmaster with TYPO3. Later I'll even show you how you can delegate that work! The point of a CMS is also that you can have many users maintaining content on the same website! With full control over access rights etc. But that is described in the end of this document.
So one thing is to make web pages for all the world to see. What if we would like only a part of the world to see them - our football team mates? Can we add password protection?
Actually that is already done for you on the website for "FC Bigfeet":
These pages in the page tree are in fact only accessible from the frontend if you have a username and password!
Log in
If you want to log in, go to the page "Log in":
Then enter the username "john" and password "football" (for your convenience it's the same password for ALL users in the website for now). Make sure to enter it precisely as stated here - upper- and lowercase characters make a difference. "John" will not work - it's "john"...
Click the "Login" button - you are now directed to the "Team pages" (unless you did something wrong...)
Also notice that now the formerly hidden pages in the menu are visible:
Before you can create access restricted pages you must first and foremost have one or more frontend users and groups. These can be created before, during or after creation of your website. The order doesn't matter.
Frontend and backend users
Now, wait a minute! How many kinds of users are there?
Well, there are only two kinds. Remember that we have two areas of TYPO3 - the frontend (website) and the backend (administration).
A frontend user (orange icons) can log in to the website of course. They cannot change content (since they have nothing to do with the backend!) but they merely exist because it allows us restrict access to information on the website!
Frontend users (also called "Website users") are created in the system where we want to create them. In our case we have made a nice sysFolder called "Users" for both users and groups. The only requirement of this storage place for the frontend users is that we tell the template that this is the place to look for the users when a login request is sent - more about that in the section on Templates.
If you want to create web applications with user profiles in TYPO3 you will probably use the frontend users as a basis for an extension which can add additional database fields to the user table - thus you can store and manage custom information about website users!
A backend user (blue icon) works in the backend and is concerned with changing the information behind the scenes. Because backend users are concerned with the administration of a website they have nothing to do with the access restriction on the website itself (which is only partially true of course since backend users can preview hidden frontend pages).
Backend users can be created only one place - in the page tree root (pid = 0) - and only by backend users that are "admin" users (have the admin-flag set, which is indicated by the red colored icon!) since they are the only users with access to records in the page tree root:
The three blue backend users (#1) are configured so they can maintain a little part of the website each - more about that in the users section later on. The backend users groups (#2) would have been blue as well if the "Access lists" flag had not been set - forgive me for that...
Finally the "admin" user (#3) - the one we are working as - is red because he has total and unrestricted access to any part of the system!
Editing a user or group
As you can see we already have a sysFolder with a user group and two users.
The user group "Team" is really nothing but the title of it. Not settings or anything.
The users "john" and "irene" are configured basically the same - just a username, password and membership of a group:
(Ahh, that's right! You haven't used the List module yet - now, how hard can it be? Just click the icon beside John’s name and the good old context menu appears. Back on the home court again. I told you - watch out for consistently applied concepts!)
And here is John’s profile:
Creating a user
Let’s try to create a user. Since frontend users (like page, page content elements, news articles etc) are just database elements in TYPO3’s opinion the same process of creation can be used for a frontend user as for any other element. So this is even a general introduction to creation of new elements!
Ready? It's simple. First, click the page icon of the page where you want to create a new element:
Then select the "Website user" element:
... and enter the information. In this case username, password and group are required fields:
Save the user. If you click the page title of the "Users" sysFolder you should see this listing (provided the "List" module was the last backend module you used of course):
Go to the login form page again and see if it works:
We already have a login form. But what if we want another one on the frontpage? Is that a problem?
No, since TYPO3 constructs page content by a series of page content elements as you have learned we can simply insert a login box as one of the content elements on the frontpage! The question is rather where among the other elements.
Now, do the trivial: Page module -> Click "FC Bigfeet" -> "New content"
"Login form":
Select position:
Name it - save it:
If you enter a page reference in the "Send to page" box the login will be submitted to that page. This is used with the other box so the user is directed to the access restricted section directly. In this case we will just leave it empty which will submit the form to the same page - the front page.
On the front end you will see this:
As you can see we are already logged in - as "newuser". You can try to logout and login and logout and ... as you like. It should work.
Now you have:
Users and groups in place
A login form in place (please see the Template section on constants for important information on configuring the storage page id for the login form)
You need... to restrict some access!
Let’s restrict the whole section called "Youth Section":
Select the access to be only for the members of the "Team" group:
And save it. The page icon changes. Try to hold the mouse over the icon:
See! Access restricted to the "Team" group. Try to log in and log out. Works? Should do so.
Oops!
Try to log out and view one of the sub pages to the "Youth Section" page. You will find that those pages can be seen! So only the "Youth Section" page was protected!? Yes, that's true - because you need to set an additional flag - "Include subpages".
Edit the page header and set the flag (bottom of form):
The page icon changes to include a double-forward arrow - this indicates that now all subpages are in fact protected as well!
Tip: "Include subpages" affects not only the Access setting - it also affects if a page is hidden or has a Start or Stop time set. Thus you can also time or hide a whole section by using this setting!
The Access options
Basically access restriction works as simple as this - just select a website user group and that's it. From that point you just handle which users are members of which groups.
Groups... Ahh, yes, we have only one group right now! The "Team" group. If you add more groups then you can create different access rules for different users! For instance "john" can be a member of "Team" and access the "Team" section. "irene" could be a member of a new group used for access restriction of the "Youth section" and she would have access to that! The "newuser" (we created) could be member of both groups - and have access to both sections! Why not try it out! Go and play with it.
Finally the option "Hide at login" means that a page will not be visible when a user logs in! This is useful if you have pages with information only relevant for users not yet logged in. Of course the option "Show at any login" is the opposite - that will enable the page for display for any user who is logged in. No need to be a member of any particular group - if you are logged in you are shown the page.
