An 'Authentication' hook is called ostensibly to check the user's password. It can do more than that though.
It is called something like:
$dav_principal = AuthenticationHook( $username, $password );
In general it should:
- Accept a username / password
- Confirm that the username / password are correct
- Create (or update) a 'dav_principal' record in our database
- Return the 'dav_principal' record as an object
- Return the boolean 'false' value when authentication fails
It can expect:
- DAViCal Configuration data will be available in $c->authenticate_hook['config'], which might be an array, or whatever is needed.
Bypassing password checks
If you know that the webserver validated the password (e.g. with Kerberos or such), then you can trust the username is correct and fetch the correct user details from your canonical source of such data, constructing a record to return to DAViCal.
Updating a user's details
DAViCal holds a user's details in the database and many queries join against this table, so it is important that the user's details within DAViCal should reflect changes in your canonical source of such data. In order to assist in this there you can:
within your code and you will have access to the
UpdateUserFromExternal($dav_principal) and the
CreateHomeCalendar($username) functions which will hopefully simplify your job. That include also contains an example routine.