au/rssauth

Provides a number of methods of getting rss feeds of non-public content as a logged in user

2.0.0 2015-10-18 09:36 UTC

This package is auto-updated.

Last update: 2024-11-29 04:19:53 UTC


README

This plugin allows RSS feeds to display content of an Elgg user by HTTP authentication. The rss feeds may be in the following formats.

PUBLIC RSS FEED

<url>?view=rss

URL AUTHENTICATED RSS FEED

<url>?view=rss&username=<username>&password=<password>

Please note that this method is the most insecure as the username and password are visible in plain text in the url

TOKEN AUTHENTICATED RSS FEED

By visiting the tools configuration page a user can generate a unique token that can be appended to the url.

eg.

<url>blog/all?view=rss

Would become something like

<url>blog/all?view=rss&rssguid=38&rsstoken=48e198a2264328528a70d65abcedbe146f039c94

HTTP AUTHENTICATED RSS FEED

<url>?view=rssauth

Having view=rssauth in the url will return the headers requesting authentication Your rss feed can then supply the username and password.

Please note that this is also insecure as the credentials are passed in plain text but are not explicitly visible (as in the url example). This should be fine if used in conjunction with SSL.

ADDITIONALLY if you can find a way to send the HTTP credentials without requiring the authentication headers first, you can just use the the default ?view=rss and still receive an authenticated feed