Auth

{% auth register %}

Functions as an alternate init command if the id option is supplied.

Creates a new profile, using the specified options. If the profile validation fails for any reason - including one or more custom profile settings are invalid (eg: an empty required setting), the entire registration will fail.

If there is a profile logged in, they will automatically be logged out (without saving changes, clearing the session, clearing cookies, or clearing permissions).

Unless otherwise specified the new profile will have the same id and email values, will require a password reset, will be inactive with a new activation code set to expire in 1 week, and will use all of the default custom profile setting values.

Sets {{ auth.registered }} to true if it succeeds, or false if it does not. If successful sets {{ auth.login_success }} to false.

If successful, the {% auth abort %} command may not be called.

{% auth register options %}

{% auth

options

Key:value pairs with unique keys. May use the variable arguments syntax.

options

Use the specified id for the new profile

Use the specified email for the new profile

password

Use the specified password for the new profile. If specified, force_password_reset will default to false unless otherwise specified

force_password_reset

Set to true to force the user to reset their password immediately, even if the password option was specified

is_active

Set to true to immediately mark the profile as active, with both activation_date and date_first_activated set to the current time

date_activation_code_expires

The date that the activation code for the new profile will expire. If unspecified or in the past, will be set to 1 week in the future. Ignored if the is_active option is set to true

date_locked_through

Use to immediately lock the newly registered profile until the specified date in the future

is_blocked

Set to true to immediately block the newly registered profile

logged_in

Automatically log in the new profile. Has no effect if the profile is not created successfully, is locked, blocked, or inactive, or does not have a password

settings

Additional options that correspond to a custom profile setting will be validated and saved to the profile settings

attributes

Additional options that do not correspond to a custom profile setting will be saved to the profile attributes

Error Codes:
command_disabled: Indicates that the current command has been disabled at the site level. This will be set for any auth command if profiles are disabled.
duplicate_command: Indicates that the {% auth register %} method has already been called. It may only be called once per page load.
no_init: Indicates that no initialization method has been called yet and the id option was not used.
bad_init: Indicates either that the id option was used with an empty value or that another initialization function was called with a different id.
aborted: Indicates that the command could not be performed because {% auth abort %} has been called.
duplicate_value: Indicates that another profile already exists with the same id.
invalid_value: Indicates that one or more of the provided options or custom profile settings is not valid. Refer to the error message for more details about which options and/or settings are invalid.

{% auth set_password %}

Functions as an alternate init command if the id argument is supplied.

Sets the password for the profile to the password specified. The new password may not be blank, but other than than there is no validation on the new password. It is up to the template developer to ensure that the password meets their criteria before calling this command.

For security purposes, passwords are securely salted and hashed before being stored. Once a password has been set there is no way to retrieve the original password - even by top-level Marketpath technical staff. Also for security purposes, you should not attempt to store old or current passwords for profiles.

Sets {{ auth.password_changed }} to true if it succeeds or false if it does not.

If successful, the {% auth abort %} command may not be called.

{% auth set_password id? new_password %}

{% auth

set_password

The id of the profile to set the password for

new_password

The new password for the profile May use liquid filters.

Error Codes:
command_disabled: Indicates that the current method has been disabled at the site level. This will be set for any auth method if profiles are disabled.
duplicate_command: Indicates that the {% auth set_password %} method has already been called. It may only be called once per page load.
no_init: Indicates that no initialization method has been called yet and no value was provided to the id parameter.
bad_init: Indicates that another initialization function was called with a different id.
aborted: Indicates that the method could not be performed because {% auth abort %} has been called.
not_found: Indicates that no profile was found with the specified id.
blocked: Indicates that the profile is currently blocked.
locked: Indicates that the profile is currently locked.
inactive: Indicates that the profile is currently inactive and must be activated first.
missing_value: Indicates that no password was supplied to the {% auth set_password %} method.
unexpected: Indicates that the system encountered an unexpected error which is not due to any of the common issues associated with profiles. This is a rare error code but may be possible in edge cases such as duplicate concurrent requests, infrastructure issues, or suspected security incidents.

{% auth change_id %}

Functions as an alternate init command if the old_id argument is supplied.

Sets the id for the profile to the id specified. If ths site is configured to set the id an email to the same value then this will validate the id as a valid email address and will set the email to this value as well.

Note that this does NOT log the profile out, deactivate it, or require any further confirmation or action by the user to continue using their profile. Those actions are up to the template developer to execute (which we strongly recommend whenever the email address is changed).

Sets {{ auth.id_changed }} to true if successful or false if not. If successful sets {{ auth.old_id }} and {{ auth.new_id }} to the old and new id values and sets {{ auth.id }} to the new id. Note that any future auth init commands will have to use the new id instead of the old one.

If successful and the site is configured to set the id and email to the same value then this also sets {{ auth.email_changed }} to true and sets {{ auth.old_email }} and {{ auth.new_email }} to the old and new email values.

If successful, the {% auth abort %} command may not be called.

{% auth change_id old_id? new_id %}

{% auth

change_id

old_id

The id of the profile to change

new_id

The new id for the profile May use liquid filters.

Error Codes:
command_disabled: Indicates that the current method has been disabled at the site level. This will be set for any auth method if profiles are disabled.
duplicate_command: Indicates that the {% auth change_id %} method has already been called. It may only be called once per page load. If the site is configured to set the id and email to the same value then this error code may also indicate that the {% auth change_email %} method has already been called.
no_init: Indicates that no initialization method has been called yet and no value was provided to the old_id parameter.
bad_init: Indicates that another initialization function was called with a different id.
aborted: Indicates that the method could not be performed because {% auth abort %} has been called.
not_found: Indicates that no profile was found with the old id.
blocked: Indicates that the profile is currently blocked.
locked: Indicates that the profile is currently locked.
inactive: Indicates that the profile is currently inactive and must be activated first.
missing_value: Indicates that no new_id argument was supplied to the {% auth change_id %} method.
unchanged: Indicates that the id was not changed because it was the same as the old id.
duplicate_value: Indicates that another profile already exists with the new id.
unexpected: Indicates that the system encountered an unexpected error which is not due to any of the common issues associated with profiles. This is a rare error code but may be possible in edge cases such as duplicate concurrent requests, infrastructure issues, or suspected security incidents.

{% auth change_email %}

Functions as an alternate init command if the id argument is supplied.

Sets the email for the profile to the email specified. Will also set the id to this value if the site is configured to set the id and email to the same value.

Sets {{ auth.email_changed }} to true if successful or false if not. If successful sets {{ auth.old_email }} and {{ auth.new_email }} to the old and new email values.

If successful and the site is configured to set the id and email to the same value this will also set {{ auth.id_changed }} to true, {{ auth.old_id }} and {{ auth.new_id }} to the old and new id values, and {{ auth.id }} to the new id. Note that in this case any future auth functions will be required to use the new id.

If successful, the {% auth abort %} command may not be called.

{% auth change_email id? new_email %}

{% auth

change_email

The id of the profile to change

new_email

The new email address for the profile May use liquid filters.

Error Codes:
command_disabled: Indicates that the current method has been disabled at the site level. This will be set for any auth method if profiles are disabled.
duplicate_command: Indicates that the {% auth change_email %} method has already been called. It may only be called once per page load. If the site is configured to set the id and email to the same value then this error code may also indicate that the {% auth change_id %} method has already been called.
no_init: Indicates that no initialization method has been called yet and no value was provided to the id parameter.
bad_init: Indicates that another initialization function was called with a different id.
aborted: Indicates that the method could not be performed because {% auth abort %} has been called.
not_found: Indicates that no profile was found with the specified id.
blocked: Indicates that the profile is currently blocked.
locked: Indicates that the profile is currently locked.
inactive: Indicates that the profile is currently inactive and must be activated first.
missing_value: Indicates that no new_email argument was supplied to the {% auth change_email %} method.
unchanged: Indicates that the email was not changed because it was the same as the old email.
duplicate_value: Indicates that another profile already exists with the new email.
unexpected: Indicates that the system encountered an unexpected error which is not due to any of the common issues associated with profiles. This is a rare error code but may be possible in edge cases such as duplicate concurrent requests, infrastructure issues, or suspected security incidents.

{% auth set_activation_code %}

Functions as an alternate init command if the id argument is supplied.

Deactivates the profile and sets a new activation code which will expire on expiration_date - requiring activation before the profile may be logged in again.

If there is a profile logged in, they will automatically be logged out (without saving changes, clearing the session, clearing cookies, or clearing permissions).

Sets {{ auth.deactivated }} to true, {{ auth.activation_code_set }} to true, {{ auth.new_activation_code }} to the new activation code, {{ auth.activation_code_expires }} to the date the new activation code will expire, and {{ auth.login_success }} to false. Unsets {{ auth.activated }}.

If successful, the {% auth abort %} command may not be called.

{% auth set_activation_code id? expiration_date %}

{% auth

set_activation_code

The id of the profile to change

expiration_date

The expiration date for the new activation code. Must be between 5 minutes and 7 days in the future May use liquid filters.

Error Codes:
command_disabled: Indicates that the current method has been disabled at the site level. This will be set for any auth method if profiles are disabled.
duplicate_command: Indicates that the {% auth set_activation_code %} method has already been called. It may only be called once per page load.
no_init: Indicates that no initialization method has been called yet and no value was provided to the id parameter.
bad_init: Indicates that another initialization function was called with a different id.
aborted: Indicates that the method could not be performed because {% auth abort %} has been called.
not_found: Indicates that no profile was found with the specified id.
blocked: Indicates that the profile is currently blocked.
locked: Indicates that the profile is currently locked.
missing_value: Indicates that no expiration_date argument was supplied to the {% auth set_activation_code %} method.
invalid_value: Indicates that the expiration_date is less than 5 minutes in the future or is over 1 week in the future.
unexpected: Indicates that the system encountered an unexpected error which is not due to any of the common issues associated with profiles. This is a rare error code but may be possible in edge cases such as duplicate concurrent requests, infrastructure issues, or suspected security incidents.

{% auth force_password_reset %}

Functions as an alternate init command if the id argument is supplied.

Resets the profile's password - requiring a password reset before the profile may log in again.

If there is a profile logged in, they will automatically be logged out (without saving changes, clearing the session, clearing cookies, or clearing permissions).

Sets {{ auth.force_password_reset }} to true if successful or false if not. If successful sets {{ auth.login_success }} to false.

If successful, the {% auth abort %} command may not be called.

{% auth force_password_reset id? %}

{% auth

force_password_reset

The id of the profile to force password reset for

{% auth lock %}

Locks the profile until the specified date, typically used as a security precaution to prevent attackers from guessing passwords.

If there is a profile logged in, they will automatically be logged out (without saving changes, clearing the session, clearing cookies, or clearing permissions).

Sets {{ auth.locked }} to true if successful and false if not. If successful sets {{ auth.locked_until }} to the date that the profile will remain locked until, sets {{ auth.login_success }} to false, and unsets {{ auth.unlocked }}.

If successful, the {% auth abort %} command may not be called.

{% auth lock until %}

{% auth

lock

until

When the lock will "expire" and the profile may be used again. Must be in the future May use liquid filters.

{% auth activate %}

Functions as an alternate init command if the id argument is supplied.

Attempt to activate the profile. The activation_code must match the activation code on the profile and must not have expired. Alternatively, use The special keyword force to skip validation of the activation code.

Sets {{ auth.activated }} to true if successful or false if not. Also unsets {{ auth.deactivated }}, {{ auth.activation_code_set }}, {{ auth.new_activation_code }}, and {{ auth.activation_code_expires }}.

If successful, the {% auth abort %} command may not be called.

{% auth activate id? activation_code %}

{% auth

activate

The id of the profile to change

activation_code

Should either be the keyword "force" or should evaluate to the activation code to check against the value stored on the profile May use liquid filters.

Error Codes:
command_disabled: Indicates that the current method has been disabled at the site level. This will be set for any auth method if profiles are disabled.
duplicate_command: Indicates that the {% auth activate %} method has already been called. It may only be called once per page load.
no_init: Indicates that no initialization method has been called yet and no value was provided to the id parameter.
bad_init: Indicates that another initialization function was called with a different id.
aborted: Indicates that the method could not be performed because {% auth abort %} has been called.
not_found: Indicates that no profile was found with the specified id.
blocked: Indicates that the profile is currently blocked.
locked: Indicates that the profile is currently locked.
unchanged: Indicates that the profile was already active, so no change was necessary
missing_value: Indicates that no activation_code argument was supplied to the {% auth activate %} method.
invalid_value: Indicates that the activation_code argument does not match the value stored on the profile.
expired: Indicates that the activation code has expired.
unexpected: Indicates that the system encountered an unexpected error which is not due to any of the common issues associated with profiles. This is a rare error code but may be possible in edge cases such as duplicate concurrent requests, infrastructure issues, or suspected security incidents.

{% auth block %}

Blocks the profile indefinitely.

If there is a profile logged in, they will automatically be logged out (without saving changes, clearing the session, clearing cookies, or clearing permissions).

Sets {{ auth.blocked }} to true if successful or false if not. If successful unsets {{ auth.unblocked }} and sets {{ auth.login_success }} to false.

If successful, the {% auth abort %} command may not be called.

{% auth block %}

{% auth

block

{% auth login %}

Functions as an alternate init command if the id argument is supplied.

If successful, sets the globally-reserved {{ profile }} variable.

If successful, the {% auth abort %} command may not be called.

Sets {{ auth.login_success }} to true if successful, or false if not.

If successful, the {% auth abort %} command may not be called.

{% auth login id? password %}

{% auth

The id of the profile to attempt login for

password

The plain text password of the profile to log in to. May use liquid filters.

Error Codes:
command_disabled: Indicates that the current method has been disabled at the site level. This will be set for any auth method if profiles are disabled.
duplicate_command: Indicates that one of the following methods has been called, which prevent further login attempts on the same page load: {% auth login %}, {% auth force_password_reset %}, {% auth deactivate %}, {% auth set_activation_code %}, {% auth lock %}, {% auth block %}, or {% auth register %}.
no_init: Indicates that no initialization method has been called yet and no value was provided to the id parameter.
bad_init: Indicates that another initialization function was called with a different id.
aborted: Indicates that the method could not be performed because {% auth abort %} has been called.
not_found: Indicates that no profile was found with the specified id.
blocked: Indicates that the profile is currently blocked.
locked: Indicates that the profile is currently locked.
inactive: Indicates that the profile is currently inactive and must be activated first.
require_password_reset: Indicates that the user cannot log in to the current profile because the password must be reset first.
missing_value: Indicates that no password was supplied to the {% auth login %} method The password is required.
invalid_value: Indicates that the supplied password did not match the stored password for the given profile.
duplicate_value: Indicates that there is already a logged in profile which must be logged out before being able to log in again.

{% auth unblock %}

Unblocks the profile if it is currently blocked. Unblocking profiles is typically done manually from the Marketpath CMS admin interface. The {% auth lock %} and {% auth unlock %} methods are preferred for temporarily blocking profiles.

Sets {{ auth.unblocked }} to true and unsets {{ auth.blocked }}.

If successful, the {% auth abort %} command may not be called.

{% auth unblock %}

{% auth

unblock

{% auth deactivate %}

Deactivates the profile - requiring activation before it may be logged in again. Unlike the {% auth set_activation_code %} method, this command unsets the activation code, which must be recreated before the profile may be activated again.

If there is a profile logged in, they will automatically be logged out (without saving changes, clearing the session, clearing cookies, or clearing permissions).

Sets {{ auth.deactivated }} to true and {{ auth.login_success }} to false. Unsets {{ auth.activated }}, {{ auth.activation_code_set }}, {{ auth.new_activation_code }}, and {{ auth.activation_code_expires }}.

If successful, the {% auth abort %} command may not be called.

{% auth deactivate %}

{% auth

deactivate

Error Codes:
command_disabled: Indicates that the current method has been disabled at the site level. This will be set for any auth method if profiles are disabled.
duplicate_command: Indicates that either the {% auth deactivate %} or {% auth set_activation_code %} method has already been called. Only one of these may be called per page load.
no_init: Indicates that no initialization method has been called yet.
aborted: Indicates that the method could not be performed because {% auth abort %} has been called.
not_found: Indicates that the auth context has been initialized with a profile that does not exist.
unexpected: Indicates that the system encountered an unexpected error which is not due to any of the common issues associated with profiles. This is a rare error code but may be possible in edge cases such as duplicate concurrent requests, infrastructure issues, or suspected security incidents.

{% auth set_attribute %}

Sets the specified profile attributes to their new values on the auth profile (which is not necessarily the same as the currently-logged in profile).

If the profile exists and the auth is not aborted before the end of the request the new values will be saved to the profile. If the auth is aborted then the new values will not be saved in between requests. If the profile does not exist but is registered in the same request then the new values will be saved on the new profile.

{% auth set_attribute attributes %}

{% auth

set_attribute

attributes

Key:value pairs with unique keys. May use the variable arguments syntax. The attributes to store on the auth profile

Error Codes:
command_disabled: Indicates that the current method has been disabled at the site level. This will be set for any auth method if profiles are disabled.
no_init: Indicates that no initialization method has been called yet.
aborted: Indicates that the method could not be performed because {% auth abort %} has been called.

{% auth set_setting %}

Sets the specified profile settings to their new values on the auth profile (which is not necessarily the same as the currently-logged in profile).

If any of the specified settings has validation, the new settings will be validated before being set. An invalid value for any setting will prevent any of the new settings from being set.

{% auth set_setting settings %}

{% auth

set_setting

settings

Key:value pairs with unique keys. May use the variable arguments syntax. The settings to set on the auth profile

{% auth unset_attribute %}

Removes the specified profile attributes from the auth profile (which is not necessarily the same as the currently-logged in profile).

If the auth is aborted then the removed attributes will not be saved in between requests.

{% auth unset_attribute attributes %}

{% auth

unset_attribute

attributes

One or more values. May use the variable arguments syntax. The attributes to be removed from the auth profile

{% auth unlock %}

Unlocks the profile if it is locked.

Sets {{ auth.unlocked }} to true. Unsets {{ auth.locked }} and {{ auth.locked_until }}.

If successful, the {% auth abort %} command may not be called.

{% auth unlock %}

{% auth

unlock

{% auth unset_setting %}

Unsets the specified profile settings from the auth profile (which is not necessarily the same as the currently-logged in profile). For settings with default values this will set them back to their defaults. For settings without default values this will set them to empty/unselected/false.

If any of the specified settings is required, it will result in an invalid_value error and will prevent any of the new settings from being unset.

If the auth is aborted then the unset settings will not be saved in between requests.

{% auth unset_setting settings %}

{% auth

unset_setting

settings

One or more values. May use the variable arguments syntax. The settings to unset on the auth profile

{% auth init %}

Must be called before other auth commands. There are several alternate init commands which may be called in place of {% auth init %}. Alternate init commands set the same auth properties as the {% auth init %} command.

Sets {{ auth.init }} to true, {{ auth.id }} to the specified ID, {{ auth.exists }} to true if a profile with the specified ID exists and false if it does not exist, and {{ auth.profile }} to the profile with the specified ID. If profile does not exist, {{ auth.profile.is_valid }} will be false.

{% auth init id %}

{% auth

init

Should evaluate to the id of the profile to be used for future operations May use liquid filters.

Error Codes:
command_disabled: Indicates that the current command has been disabled at the site level. This will be set for any auth command if profiles are disabled.
bad_init: Indicates either that {% auth init %} was called without an id, or that another initialization function was called with a different id.
aborted: Indicates that the command could not be performed because {% auth abort %} has been called.

{% auth abort %}

Once called all remaining auth commands will cease to function. This will also prevent any settings or attributes that were previously set or unset from being saved.

Can only be called as long as no commands have been executed that prevent abort (eg: login, register, unlock, set_password, etc....).

If successful, sets {{ auth.aborted }} to true, and unsets all other auth properties except for {{ auth.init }}, {{ auth.profile }}, {{ auth.id }}, and {{ auth.exists }}.

{% auth abort %}

{% auth

abort

Error Codes:
command_disabled: Indicates that the current method has been disabled at the site level. This will be set for any auth method if profiles are disabled.
abort_prevented: Indicates that a previous auth method has already been completed which cannot be undone.

{% auth clear_error %}

Unsets {{ auth.error_code }} and {{ auth.error_message }}.

{% auth clear_error %}

{% auth

clear_error