Customizing ProductCart - Extending PC Login Security to External Website

Print Page | Close Window

Extending PC Login Security to External Website

Printed From: ProductCart E-Commerce Solutions
Category: ProductCart
Forum Name: Customizing ProductCart
Forum Description: Exchange messages with other users that are customizing ProductCart.
URL: https://forum.productcart.com/forum_posts.asp?TID=5394
Printed Date: 02-December-2024 at 6:23pm
Software Version: Web Wiz Forums 12.04 - http://www.webwizforums.com

Topic: Extending PC Login Security to External Website

Posted By: RManto
Subject: Extending PC Login Security to External Website
Date Posted: 03-January-2013 at 8:55am

I am using ProductCart to sell a virtual product that is accessible via a website external to ProductCart. I want to use ProductCart login / account information for access to both ProductCart and the external website where customers can access their purchases.

Looking for any suggestions or examples to extend the ProductCart login credentials to this external website.

Thanks,

Rick

Replies:

Posted By: Greg Dinger
Date Posted: 03-January-2013 at 9:04am

From your description, I believe the key here is to be able to enforce the current session ID and it's associated variables to the second site. I ran across a site recently that actually offered such a script. Kicking myself for not making a note of it though. It will likely come back to me - it's offered by someone who provides another script that we use, and when I recall this, I'll post here.

In the mean time, is it really necessary for the product to ONLY appear on the 2nd site?

-------------
GreyBeard Design Group

Certified ProductCart Developer

Web Design/Development/Hosting

http://tinyurl.com/5c8t4t" rel="nofollow - Add-Ons & Custom Code |

Posted By: RManto
Date Posted: 03-January-2013 at 9:24am

Hi and thanks for the quick feedback. I believe it is necessary to move to another site. Partly due to basic ProductCart environment limitations (without major customization), other configuration management needs, and ultimately the ability to shut down ProductCart for maintenance etc. while still providing customers access to their content.

Posted By: Greg Dinger
Date Posted: 03-January-2013 at 2:28pm

Another site or another cart? I'm not sure how to interpret your reply. Could I help you work through what you're thinking about here?

-------------
GreyBeard Design Group

Certified ProductCart Developer

Web Design/Development/Hosting

http://tinyurl.com/5c8t4t" rel="nofollow - Add-Ons & Custom Code |

Posted By: Hamish
Date Posted: 03-January-2013 at 3:53pm

Hi, do you need to provide downloadable products? If so see http://wiki.earlyimpact.com/productcart/products_adding_new#downloadable_settings" rel="nofollow - http://wiki.earlyimpact.com/productcart/products_adding_new#downloadable_settings

-------------
Editing ProductCart Code?

See http://wiki.earlyimpact.com/developers/editcode" rel="nofollow - WIKI Guidelines for Editing ProductCart's ASP Source Code

Posted By: RManto
Date Posted: 03-January-2013 at 8:45pm

Sorry for not being clear. I am using ProductCart to sell "products" that customers will access on-line on a website external to ProductCart. Basically, I am using product to manage the eCommerce functionality, which does not support after sale requirements. These after sale requirements need to be implemented on a custom website. However, access to the custom website needs to be controled through the users account and would like to make this seemless with ProductCart login credentials.

Posted By: RManto
Date Posted: 03-January-2013 at 8:46pm

Thanks for the reply but no, this is not what is needed. Customers will access "products" on custom website.

Posted By: Greg Dinger
Date Posted: 03-January-2013 at 9:09pm

I recommend you engage a developer to assist with this. Your requirement seems sufficiently complex to be difficult to work out the details here in the forum.

-------------
GreyBeard Design Group

Certified ProductCart Developer

Web Design/Development/Hosting

http://tinyurl.com/5c8t4t" rel="nofollow - Add-Ons & Custom Code |

Posted By: Guests
Date Posted: 04-January-2013 at 2:17am

Seems to me that the best way to accomplish this would be to develop a custom script to authenticate the login request using PC's RC4 encryption. This script would then be hit via XMLHTTP by the external site and return an appropriate message: "Success" (not seen by user), "Email address not found", or "Email and password combination not matched".

The external site could authenticate this using JavaScript, so it wouldn't matter what language it is scripted in.

It's all rather simple, but as Greg points out, it would require a developer with sufficient understanding of these things.

Posted By: RManto
Date Posted: 04-January-2013 at 7:01am

Sean, Greg, thanks for the feedback and suggestions so far. I will discuss suggestions above with my developer. Ultimately I was hoping to find someone who implemented with ProductCart with a specific example but so far does not appear anyone has implmented in this way (at least publically) so far.

Posted By: Guests
Date Posted: 04-January-2013 at 10:44pm

In the 15 years I've been building online stores, I can't count how many times merchants expect that lots of other merchants would have the same particular business rules for highly idiosyncratic scenarios such as their own ... and how rarely it is actually true.

I, however, can count how many times something like this has been requested of us -- not once. I know Greg's been at this for a good long time too -- over a decade we've known each other -- and I wouldn't be surprised if he's had as many requests for such a thing as we have had.

If the external site is scripted in classic ASP as well, then the JavaScript layer wouldn't be necessary and it could be a little simpler to do, but I think the basic idea of creating a custom script file within the store to pick up the login credentials, parse the password through the RC4 encryption and then return a result via XMLHTTP would be the way to go. An experienced programmer such as Greg or myself could easily bang that bit out within a half hour or so.

Once the result of that is passed back to your external site, it should be very simple for your developer to handle the rest on that site.