Change project User Source with scripting or client shortcut parameter

Ignition
1

I have a project with an RFID reader for operators login (with Sepasoft Barcode scanner module, which, by the way, works great).
The customer has provided the SQL table with users’ data for logins (name, id, password, RFID number, …).
So, I created database user source with custom (manual) queries for Authentication Query, List Roles Query, User’s Roles Query, and List Users Query which looks for RFID numbers in RFID fields (3 of them).
Everything is working great.
But in the case that RFID reader is broken, the users must have the possibility to ‘manual’ login with the password.
In order to do that, the manual queries in the user source must look for password value in the password field.
So I created a second User source with appropriate queries and it’s working.
Now to use the User source for RFID or for Password login, you must change the User source in Gateway project settings or in the Designer in the project properties.

I was wondering if there is a way to change User source with scripting or at least with project shortcut parameter?

UserProfile1
UserProfile11144×295 14.5 KB

UserProfile2
UserProfile21144×295 14.5 KB

ProjectUserSource
ProjectUserSource658×592 20.2 KB

UsersTable
UsersTable1575×233 27.6 KB

2

I think this forum has some ‘magic powers’…
It happened to me now quite a few times:
When I post a question on the forum (after a long search for an answer on the forum or internet or trying coding my self) after a few minutes it hits me. :innocent:

In my OP I was using this manual Authentication Query in the database User source for retrieving RFID numbers:

declare @user varchar(50)
declare @rfid varchar(100)
declare @geslo varchar(100)
set @user = ? 
set @geslo = ? 
set @rfid = CASE WHEN @geslo <> '' THEN @geslo ELSE 'unknown' END 

SELECT OPR_IME FROM 
(SELECT * 
FROM XMESQOPR
UNION ALL
SELECT '9999' AS MQOPR_ID, 
'0' AS MQOPR_STA, 
getdate() AS MQOPR_MSD, 
'99999' AS OPR_SIF,
'User12' AS OPR_IME,
'5' AS OPR_AKT,
'user12' AS OPR_GES,
'99' AS OPR_LVL,
'user12' AS OPR_RFID1,
'user12' AS OPR_RFID2,
'user12' AS OPR_RFID3) AS p
WHERE OPR_IME = @user AND @rfid IN (OPR_RFID1,OPR_RFID2,OPR_RFID3) AND OPR_AKT = '5'

and for second database User source for use with passwords (manual login) I was using this (the diference is in the WHERE clause):

declare @user varchar(50)
declare @rfid varchar(100)
declare @geslo varchar(100)
set @user = ? 
set @geslo = ? 
set @rfid = CASE WHEN @geslo <> '' THEN @geslo ELSE 'unknown' END 

SELECT OPR_IME FROM 
(SELECT * 
FROM XMESQOPR
UNION ALL
SELECT '9999' AS MQOPR_ID, 
'0' AS MQOPR_STA, 
getdate() AS MQOPR_MSD, 
'99999' AS OPR_SIF,
'User12' AS OPR_IME,
'5' AS OPR_AKT,
'user12' AS OPR_GES,
'99' AS OPR_LVL,
'user12' AS OPR_RFID1,
'user12' AS OPR_RFID2,
'user12' AS OPR_RFID3) AS p
WHERE OPR_IME = @user AND @rfid = OPR_GES AND OPR_AKT = '5'

The ‘divine revelation’ that came to me was this (again in the WHERE clause):

declare @user varchar(50)
declare @rfid varchar(100)
declare @geslo varchar(100)
set @user = ? 
set @geslo = ? 
set @rfid = CASE WHEN @geslo <> '' THEN @geslo ELSE 'unknown' END 

SELECT OPR_IME FROM 
(SELECT * 
FROM XMESQOPR
UNION ALL
SELECT '9999' AS MQOPR_ID, 
'0' AS MQOPR_STA, 
getdate() AS MQOPR_MSD, 
'99999' AS OPR_SIF,
'User12' AS OPR_IME,
'5' AS OPR_AKT,
'user12' AS OPR_GES,
'99' AS OPR_LVL,
'user12' AS OPR_RFID1,
'user12' AS OPR_RFID2,
'user12' AS OPR_RFID3) AS p
WHERE OPR_IME = @user AND @rfid IN (OPR_GES,OPR_RFID1,OPR_RFID2,OPR_RFID3) AND OPR_AKT = '5'

I can put the password field (OPR_GES) in the same list with RFID fields and then it doesn’t matter what the @rfid (@geslo) is: RFID number from the scanned card or the password from the manual login. If it’s any of these fields, it’s OK; the user is authenticated, when you use system.security.switchUser.

1 Like
3

Another option could be to set a soft failover user source

4

Sorry, but I don’t know what you mean by that…? :thinking:

5

Sorry, my reply was rather brief.

What I meant was to create 2 user sources, one for RFID badges (e.g. UserSourceRFID) and another for usernames and passwords (e.g. UserSourcePassword). They can be the same database, just different queries.

You would then configure UserSourceRFID to use UserSourcePassword as a soft failover. This will mean that if a user is not authenticated by the primary, UserSourceRFID, it will try to authenticate the user against the failover, UserSourcePassword.

We use this for user who do not have Active Directory usernames. If the user is not found in AD, it looks at the fallback source.

image
image1392×188 12.9 KB

Hope this helps.

1 Like
6

Ha… I didn’t even think of that. :astonished: :+1:
Somehow I missed the Soft Failover Mode…
Well… essentially I did almost the same (for my use case) with the custom queries.
I hope I’ll remember this for the future… :sunglasses: