Often there are situations where customer has some issues while placing orders or making operations from the “My Account” section. At that point, an ability for admin to login as a customer and see what is wrong becomes very useful.
Sure, you can make a universal password logic, but that method has heavy security risks. Not so long ago, we’ve noticed that Magento has ability to load and use customer’s sessions different way. We will tell you how to create a simple extension for logging in as a customer from Magento admin.
Step 1
For example, let’s call our module Atwix_Ulogin. As always we must start by creating a module descriptor in app/etc/modules folder. So put the Atwix_Ulogin.xml file into this directory. The file will be with the following content:
<?xml version="1.0"?>
<config>
<modules>
<Atwix_Ulogin>
<active>true</active>
<codePool>community</codePool>
</Atwix_Ulogin>
</modules>
</config>
Step 2
On the next step, we need to create a configuration file for our extension:
<?xml version="1.0"?>
<config>
<modules>
<Atwix_Ulogin>
<version>0.4.0</version>
</Atwix_Ulogin>
</modules>
<global>
<blocks>
<adminhtml>
<rewrite>
<customer_grid>Atwix_Ulogin_Block_Adminhtml_Customer_Grid</customer_grid>
</rewrite>
</adminhtml>
</blocks>
<helpers>
<ulogin>
<class>Atwix_Ulogin_Helper</class>
</ulogin>
</helpers>
</global>
<frontend>
<routers>
<ulogin>
<use>standard</use>
<args>
<module>Atwix_Ulogin</module>
<frontName>ulogin</frontName>
</args>
</ulogin>
</routers>
</frontend>
</config>
Save this file as app/etc/community/Atwix/Ulogin/etc/config.xml.
As you can see, we override customers grid block for admin panel to add new column. Then we tell system to use our custom router ‘ulogin’ as an entry point for the user login.
Step 3
Now we need to create a controller. This controller will check allowed IP’s for autologin, register customer session and redirect to customer account. File should be placed into app/code/community/Atwix/Ulogin/controllers. The filename is LoginController.php.
The content is:
<?php
class Atwix_Ulogin_LoginController extends Mage_Core_Controller_Front_Action
{
/**
* Processes login action
* @return bool
* @throws Exception
*/
public function autologinAction()
{
$session = $this->_getSession();
if (!$this->_isAllowed()) {
$message = $this->__('You have no pemission to use this option');
$session->addError($message);
$this->_redirect('customer/account/login');
}
else {
$id = (int) trim($this->getRequest()->getParam('customerid'));
try{
if($id){
$customer = Mage::getModel('customer/customer')->load($id);
$session->setCustomerAsLoggedIn($customer);
$message = $this->__('You are now logged in as %s', $customer->getName());
$session->addNotice($message);
Mage::log($message);
}else{
throw new Exception ($this->__('The login attempt was unsuccessful. Some parameter is missing'));
}
}catch (Exception $e){
$session->addError($e->getMessage());
}
$this->_redirect('customer/account');
}
}
/**
* Gets customer session
* @return Mage_Core_Model_Abstract
*/
protected function _getSession()
{
return Mage::getSingleton('customer/session');
}
/**
* Checks if ip is allowed for autologin
* @return mixed
*/
protected function _isAllowed()
{
$allowedIps = Mage::helper('ulogin')->getAllowedIps();
return Mage::helper('ulogin')->checkAllowedIp($allowedIps);
}
}
Also we need to create a helper file with useful methods
<?php
class Atwix_Ulogin_Helper_Data extends Mage_Core_Helper_Abstract
{
/**
* Gets allowed ip-addresses from configuration
* @return array
*/
public function getAllowedIps()
{
$ipsList = array();
$ipsText = '127.0.0.1, 181.40.55.32'; // Comma separated list of allowed IP
$ipsList = explode(',', $ipsText);
$ipsList = array_map('trim', $ipsList);
return $ipsList;
}
/**
* Checks if remote ip is allowed
* @param array $allowedList
* @return bool
*/
public function checkAllowedIp($allowedList)
{
if (count($allowedList) > 0) {
$remoteIp = Mage::helper('core/http')->getRemoteAddr();
if (in_array($remoteIp, $allowedList))
return true;
}
return false;
}
}
$ipsText variable contains comma separated list of IP addresses with allowed access to universal login ability.
Step 4
The last, but important step is to create an override for customers grid block in admin panel. Create file Grid.php at the location /app/code/community/Atwix/Ulogin/Block/Adminhtml/Customer with the following content:
class Atwix_Ulogin_Block_Adminhtml_Customer_Grid extends Mage_Adminhtml_Block_Customer_Grid
{
protected function _prepareColumns()
{
parent::_prepareColumns();
$column = $this->getColumn('action');
$actions = $column->getActions();
$actions[] = array(
'caption' => 'Log in',
'popup' => true,
'url' => array(
'base' => 'ulogin/login/autologin'),
'field' => 'customerid'
);
$column->setActions( $actions );
return $this;
}
}
This method tells Magento to add one more item to Actions column “Login”.
That’s all. You can try to go to Admin->Customers->Manage Customers. There will be a new action ‘Login’ in Actions column. Choose this action brings a new popup window where you will be logged in as a customer.
Do not forget to clean up Magento cache.