PHPackages                             dpc-sdp/tide\_authenticated\_content - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Authentication &amp; Authorization](/categories/authentication)
4. /
5. dpc-sdp/tide\_authenticated\_content

ActiveDrupal-module[Authentication &amp; Authorization](/categories/authentication)

dpc-sdp/tide\_authenticated\_content
====================================

Allows content administrators to protect pages and sections with user authentication

4.0.0-p1(2y ago)134.6k1[4 PRs](https://github.com/dpc-sdp/tide_authenticated_content/pulls)GPL-2.0-or-laterPHP

Since Jan 21Pushed 2y ago11 watchersCompare

[ Source](https://github.com/dpc-sdp/tide_authenticated_content)[ Packagist](https://packagist.org/packages/dpc-sdp/tide_authenticated_content)[ RSS](/packages/dpc-sdp-tide-authenticated-content/feed)WikiDiscussions develop Synced today

READMEChangelog (10)Dependencies (8)Versions (37)Used By (0)

tide\_authenticated\_content
============================

[](#tide_authenticated_content)

Authenticated Content feature for Tide distribution.

[![CircleCI](https://camo.githubusercontent.com/87b75bd0fb82dc7a81412bb60e90fa5cf6add31bf3b3cf378a3021625c2226f1/68747470733a2f2f636972636c6563692e636f6d2f67682f6470632d7364702f746964655f61757468656e746963617465645f636f6e74656e742e7376673f7374796c653d73766726636972636c652d746f6b656e3d30373831356235393130343132303864613235383037313231383339636166313639373438343962)](https://circleci.com/gh/dpc-sdp/tide_authenticated_content)

- Exposes New Custom API Endpoints for register, login, reset and forgot password.
- Adds "site" field to user to present the correct Front end login/reset URLs.
- Adds a module configurations option to set Backend users.
- Updates activation and reset password emails with the Frontend URLs of the users site.
- Adds a "user\_authentication\_block" paragraph that presents a login form on the Frontend which directs users to the selected page.
- Adds a "Restricted Content" term vocabulary used as groups for protecting content.

Register
--------

[](#register)

- Accepts standard user fields, name, email, password + customer fields "field\_"...
- Frontend users are assigned the site they register on.
- Site configuration **must** be set to "guest" or "guest with admin approval" registrations, otherwise requests will be rejected.

Configuration
=============

[](#configuration)

Drupal Config
-------------

[](#drupal-config)

**Enable Authenticated Content Field on Landing Page**

`/admin/structure/types/manage/landing_page/form-display`

- Drag up "Authenticated Content" to enable

**Add Authenticated Content Login Paragraph to Landing Page**

`admin/structure/types/manage/landing_page/fields/node.landing_page.field_landing_page_component`

- Enable "Authenticated Content"

**Create and install private key**

```
openssl genrsa -out /tmp/private.key 2048 && cat /tmp/private.key
```

paste key here: `/admin/config/system/keys/add`

**Set key for JWT Issuer**

`/admin/config/system/jwt`

- Algorithm: RSASSA-PKCS1-v1\_5 using SHA-256 (RS256)
- Key:

Configuration Options
---------------------

[](#configuration-options)

The following config options exist and can be exported for your site: backend\_user\_roles is a list of Drupal Roles that are considered "Backend" roles. Users who use the password reset feature who are not in one of these roles will have the URL in their reset email switched to the Front End url defined on the site defined in the tide\_site module for the current Drupal installation.

```
backend_user_roles:
  - "administrator"
  - "editor"
  - "approver"

```

auto\_apply\_user\_roles is similar to backend\_user\_roles. Roles defined in this list will be automatically assigned to new users registered via the API.

```
auto_apply_user_roles:
  - "member"

```

default\_site\_id is the default site ID to use if no other site is defined against individual users. This works together with backend\_user\_roles to define the Front End url to use on the outgoing password reset email.

```
default_site_id: 1

```

block\_be\_user\_registration is a boolean. If it's set to 1, the ability for users to register via the Drupal interface will be blocked. This is to allow the site Drupal settings to be set to Allow user registrations via the API, whilst blocking registration for the CMS.

```
block_be_user_registration: 1

```

protect\_jsonapi\_user\_route is a boolean. Usees the jsonapi\_user\_route value to protect specific json api routes.

```
protect_jsonapi_user_route: 1

```

jsonapi\_user\_route is an array of strings. Add the routes that you need to protect, eg `/api/v1/user/user` route will be protected from external access.

```
jsonapi_user_route:
  - "/api/v1/user/user"

```

Usage - Content Admin
=====================

[](#usage---content-admin)

**Add Term**

/admin/structure/taxonomy/manage/authenticated\_content/add

- Set Name
- Set permissions

**Add Authenticated Content**

/node/add/landing\_page

- Title: ...
- Protect Content: &lt; name of term above &gt;

Publish Page

**Add Authenticated Content - Login Page**

/node/add/landing\_page

- Title: ...
- Protect Content: Leave Blank (leave it open to public)
- Body
    - Add **Authenticated Content**
    - Set Next Page: &lt; Authenticated Content Page Title &gt;

Publish Page

Usage (API Authentication)
==========================

[](#usage-api-authentication)

Register
--------

[](#register-1)

POST: /api/v1/user/register

```
{
    "mail": "jason+13@portable.com.au",
    "pass": "tester-13"
}
```

**Success status 200**

```
{
    "message": "User account requested"
}
```

**Failed status 400**

```
{
    "message": "User Registration Failed"
}
```

**Error status 500**HTML/Text Error

Login Request
-------------

[](#login-request)

POST /api/v1/user/login?\_format=json

```
{
    "name": "user@example.com",
    "pass": "tester2"
}
```

**Status Code: 200**

```
{
    "current_user": {
        "uid": "6105",
        "name": "@"
    },
    "csrf_token": "pl-6J8a832zq2fP6IHNShBgeWrT0hmqoW7tfGUrCYEs",
    "logout_token": "4OlOTkjv-DHqzrc6amms1lZCMybNQjRODPlhH-YY8vE",
    "auth_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1Ni...cSsJ-i3j1EsHSKo6O_A"
}
```

**Failed Status: 400**

```
{
    "message": "Sorry, unrecognized username or password."
}
```

Password Reset (Request)
------------------------

[](#password-reset-request)

POST: /api/v1/user/request\_reset

```
{
    "mail": "user@example.com"
}
```

OR

```
{
   "name": "username"
}
```

**Success: 200**

```
{
    "message":"Forgot password email has been sent."
}
```

**Failed: 400**

```
{
    "message":"Forgot reset failed."
}
```

Password Reset
--------------

[](#password-reset)

POST: /api/v1/user/reset\_password

```
{
    "id":6111,
    "time":1545219066,
    "hash":"IThqJHTa1ZqJbdLWRjKfPgeI9-wVlNtpkPgXf7Mx3qA",
    "pass":"a new password"
}
```

**Success: 200**

```
{
    "message":"Forgot password email has been sent."
}
```

**Failed: 400**

```
{
  "message":"Password Reset Failed",
}
```

TODOs
=====

[](#todos)

- TODO: implement flood control
- TODO: respect site config for allowing user registrations
- TODO: Replace hard-coded link expiry
- TODO: remove @skipped once the module is extracted to its own repo.
- TODO: Replace hard-corded alpha.vic.gov.au domain with users site
- TODO: Only replace url for frontend users
- TODO: Replace backend login link () with the frontend-link the user registered on (eg a custom landing page)

###  Health Score

36

—

LowBetter than 79% of packages

Maintenance20

Infrequent updates — may be unmaintained

Popularity24

Limited adoption so far

Community19

Small or concentrated contributor base

Maturity69

Established project with proven stability

 Bus Factor2

2 contributors hold 50%+ of commits

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Every ~75 days

Recently: every ~93 days

Total

21

Last Release

844d ago

Major Versions

1.0.4 → 2.0.02020-12-08

2.0.4 → 3.0.02021-10-19

3.0.8 → 4.0.02024-02-16

### Community

Maintainers

![](https://www.gravatar.com/avatar/db9df7f3a34b868452362f865fd9ef955870e8bd169d3c068d2fbe0f53ef2822?d=identicon)[dpc-admin](/maintainers/dpc-admin)

---

Top Contributors

[![vincent-gao](https://avatars.githubusercontent.com/u/8788145?v=4)](https://github.com/vincent-gao "vincent-gao (34 commits)")[![MdNadimHossain](https://avatars.githubusercontent.com/u/20810541?v=4)](https://github.com/MdNadimHossain "MdNadimHossain (29 commits)")[![GROwen](https://avatars.githubusercontent.com/u/3916040?v=4)](https://github.com/GROwen "GROwen (22 commits)")[![sonnykt](https://avatars.githubusercontent.com/u/167788?v=4)](https://github.com/sonnykt "sonnykt (10 commits)")[![mayurngondhkar](https://avatars.githubusercontent.com/u/9244829?v=4)](https://github.com/mayurngondhkar "mayurngondhkar (10 commits)")[![edyuenyw](https://avatars.githubusercontent.com/u/67810118?v=4)](https://github.com/edyuenyw "edyuenyw (3 commits)")[![sdpdeploy](https://avatars.githubusercontent.com/u/33045904?v=4)](https://github.com/sdpdeploy "sdpdeploy (1 commits)")[![FleetAdmiralButter](https://avatars.githubusercontent.com/u/37036084?v=4)](https://github.com/FleetAdmiralButter "FleetAdmiralButter (1 commits)")[![yeniatencio](https://avatars.githubusercontent.com/u/47239456?v=4)](https://github.com/yeniatencio "yeniatencio (1 commits)")

---

Tags

composer-packagetide

### Embed Badge

![Health badge](/badges/dpc-sdp-tide-authenticated-content/health.svg)

```
[![Health](https://phpackages.com/badges/dpc-sdp-tide-authenticated-content/health.svg)](https://phpackages.com/packages/dpc-sdp-tide-authenticated-content)
```

###  Alternatives

[voidagency/vactory_starter_kit

Vactory is a custom Drupal profile which is developed and released by VOID Agency.

1021.6k](/packages/voidagency-vactory-starter-kit)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)
