reLogin Setup

Updated Oct 28, 2020

FileMaker solutions often use relogin, as a way of handling users. This lesson will show you how to set up your FileMaker solution so that relogin can be implemented by LCFM Native. This was added in version 1.5 Beta 8, and the ETS build for Android.

Sample Solution

You can download a sample solution we have created here, which you can use as a template in your own solutions. The credentials for this solution are 

username: Admin

password: Admin

Prerequisites

The account-related script steps and Perform Script On Server script step can only be executed on the server. The steps are executed by running particular scripts on the server after logging in via the data API. As such, in order for them to work, there are some application prerequisites:

1. The solution must be hosted on FileMaker Server

2. Any account under which the script steps are intended to be run must have the fmrest privilege

3. The target script must exist in the hosted solution.

Note: Important. As they are executed via the Data API, the bespoke scripts  must be uniquely named, otherwise the correct script may not be called, even if the scripts are in different folders.

Required Format

In the case of the account-related script steps, with the exception of Re-Login, the scripts in question should be of a specific form:

<p># LCFM Native Remote Operation: <operation name>

    Set Error Capture [ On ]
    # Check action version
    If [ GetValue(Get(ScriptParameter);1) &lt;&gt; <action version> ]
        Exit Script [ Text Result: 65538 ]
    End If
    <run account script step>
    Exit Script [ Text Result: Get(LastError) ]</run></action></operation></p>

Examples for each script step are given below.

Add Account

The Add Account remote script must contain the comment

    # LCFM Native Remote Operation: Add Account

somewhere within the script. The parameters passed when executing this script are:

1. Action version

2. Expire password

3. Account name

4. Password

5. Privilege set name

The implementation itself should not use the ‘User must change password on next sign-in’ (Expire password) option, as it is not supported. Since the privilege set cannot be a calculation, each case must be hard-coded in an If ... Else If ... block.

The current action version for Add Account is 1.

<p> # LCFM Native Remote Operation: Add Account

    Set Error Capture [ On ]
    # Check action version
    If [ GetValue(Get(ScriptParameter);1) &lt;&gt; 1 ]
        Exit Script [ Text Result: 65538 ]
    End If

    # The expire password variable is not used. If it is true, return
    # “invalid-command”.
    Set Variable [ $expire_password ; Value: GetValue(Get(ScriptParameter);2) ]
    If [ $expire_password ]
        Exit Script [ Text Result: 3 ]
    End If

    Set Variable [ $username ; Value: GetValue(Get(ScriptParameter);3) ]
    Set Variable [ $password ; Value: GetValue(Get(ScriptParameter);4) ]
    Set Variable [ $privilege_set ; Value: GetValue(Get(ScriptParameter);5) ]

    If [ $privilege_set = “[Data Entry Only]” ]
        Add Account [ Account Name: $username ; Password : $password ;
        Privilege Set: [Data Entry Only] ]
    Else If [ $privilege_set = “[Read-Only Access]” ]
        Add Account [ Account Name: $username ; Password : $password ;
        Privilege Set: [Read-Only Access] ]
    Else
        # Handle custom privilege sets
        If [ $privilege_set = “My Custom Privilege Set” ]
            Add Account [ Account Name: $username ; Password : $password ;
            Privilege Set: My Custom Privilege Set ]
        Else
            # Privilege set does not exist
            Exit Script [ Text Result: 3 ]
        End if
    End If
    Exit Script [ Text Result: Get(LastError) ]</p>
Change Password

The Change Password remote script must contain the comment

    # LCFM Native Remote Operation: Change Password

somewhere within the script. The parameters passed when executing this script are:

1. Action version

2. Current password

3. New password

The current action version for Change Password is 1.

<p>  # LCFM Native Remote Operation: Change Password

    Set Error Capture [ On ]
    # Check action version
    If [ GetValue(Get(ScriptParameter);1) &lt;&gt; 1 ]
        Exit Script [ Text Result: 65538 ]
    End If

    Set Variable [ $old_password ; Value: GetValue(Get(ScriptParameter);2) ]
    Set Variable [ $new_password ; Value: GetValue(Get(ScriptParameter);3) ]

    Change Password [ Old Password: $old_password ; Password : $new_password
    With dialog: Off ]
    Exit Script [ Text Result: Get(LastError) ]</p>
Delete Account

The Delete Account remote script must contain the comment

    # LCFM Native Remote Operation: Delete Account

somewhere within the script. The parameters passed when executing this script are:

1. Action version

2. Account name

The current action version for Delete Account is 1.

<p>  # LCFM Native Remote Operation: Delete Account

    Set Error Capture [ On ]
    # Check action version
    If [ GetValue(Get(ScriptParameter);1) &lt;&gt; 1 ]
        Exit Script [ Text Result: 65538 ]
    End If

    Set Variable [ $account_name ; Value: GetValue(Get(ScriptParameter);2) ]

    Delete Account [ Account Name: $account_name ]
    Exit Script [ Text Result: Get(LastError) ]</p>
Enable Account

The Enable Account remote script must contain the comment

    # LCFM Native Remote Operation: Enable Account

somewhere within the script. The parameters passed when executing this script are:

1. Action version

2. Activate (true or false)

3. Account name

Since whether to activate or deactivate cannot be a calculation, each case must be hard-coded in an If ... Else ... block.

The current action version for Enable Account is 1.

<p>  # LCFM Native Remote Operation: Enable Account

    Set Error Capture [ On ]
    # Check action version
    If [ GetValue(Get(ScriptParameter);1) &lt;&gt; 1 ]
        Exit Script [ Text Result: 65538 ]
    End If

    Set Variable [ $is_activate ; Value: GetValue(Get(ScriptParameter);2) ]
    Set Variable [ $account_name ; Value: GetValue(Get(ScriptParameter);3) ]

    If [ $is_activate ]
        Enable Account [ Account Name: $account_name ; Activate ]
    Else
        Enable Account [ Account Name: $account_name ; Deactivate ]
    End If
    Exit Script [ Text Result: Get(LastError) ]</p>
Re-Login

The Re-Login script step can be run without a remote script implementing it. In this case, the credentials are simply used to authorize Data API login. The script step can thus be used to verify that the account exists and the password is correct. In this case no local state is changed. A remote script for Re-Login is needed in order to have the account related Get functions behave correctly after relogin.

The Re-Login remote script must contain the comment

    # LCFM Native Remote Operation: Change Password

somewhere within the script. The parameters passed when executing this script are:

1. Action version

2. Account name

3. Password

The Re-Login remote script *must* return the account data as a carriage-return-delimited list in the correct order:

1. Last error code

2. Account type

3. Account name

4. Account group name

5. Account privilege set name

6. Account extended privileges

Note: Important If the text result of this script differs from the above-specified format, the application may subsequently exhibit undesired behavior.

The current action version for Re-Login is 1.

Note: Since the provided credentials are used to log in to the Data API, it is not necessary for the Re-Login script to actually run the Re-Login script step. The key function of  the script is to return the relevant account data.

<p># LCFM Native Remote Operation: Re-Login

    Set Error Capture [ On ]
    # Check action version
    If [ GetValue(Get(ScriptParameter);1) &lt;&gt; 1 ]
        Exit Script [ Text Result: 65538 ]
    End If

    Exit Script [ Text Result: Get(LastError) &amp; ¶ &amp; Get(AccountType)
         &amp; ¶ &amp; Get(AccountName) &amp; ¶ &amp; Get(AccountGroupName)
         &amp; ¶ &amp; Get(AccountPrivilegeSetName) &amp; ¶ &amp; Get(AccountExtendedPrivileges) ]</p>
Reset Account Password

The Reset Account Password remote script must contain the comment

    # LCFM Native Remote Operation: Reset Account Password

somewhere within the script. The parameters passed when executing this script are:

1. Action version

2. Expire password

3. Account name

4. Password

The implementation itself should not use the ‘User must change password on next sign-in’ (Expire password) option, as it is not supported.

The current action version for Add Account is 1.

<p>  # LCFM Native Remote Operation: Reset Account Password

    Set Error Capture [ On ]
    # Check action version
    If [ GetValue(Get(ScriptParameter);1) &lt;&gt; 1 ]
        Exit Script [ Text Result: 65538 ]
    End If

    # The expire password variable is not used. If it is true, return
    # “invalid-command”.
    Set Variable [ $expire_password ; Value: GetValue(Get(ScriptParameter);2) ]
    If [ $expire_password ]
        Exit Script [ Text Result: 3 ]
    End If

    Set Variable [ $account_name ; Value: GetValue(Get(ScriptParameter);3) ]
    Set Variable [ $password ; Value: GetValue(Get(ScriptParameter);4) ]

    Reset Account Password [ Account Name: $account_name ; Password : $password ]
    Exit Script [ Text Result: Get(LastError) ]</p>

0 Comment

Add your comment

E-Mail me when someone replies to this comment
Previous Article How to Sync a Single Customer Account from a Multi Account Database
Next Article Failed to login to remote Database