Mini Tutorial: Create your own Login Page using Magento’s AccountController

Encouraging customers to create and log into an account on your eCommerce site can be a challenge at times, but it’s important for many reasons. The first being, that if they log in, it’s one step closer to the customer actually checking out on your site. Not to mention that if they don’t end up purchasing the product(s), you’ll have all their information to do a shopping cart abandonment email campaign to encourage them to come back to your site, and make that purchase. Next, allowing customers to checkout with their own account is a lot cleaner than a guest checkout as it may be difficult to contact a guest customer if they have entered the wrong information for their email, address, etc. Fortunately, there’s another way to create a login to your site, this is where Magento’s AccountController.php is used. I’ve created a tutorial for how to create your own login page using Magento’s AccountController to help verify if a customer’s login is correct or not. See below:

First, create a phtml file with two input boxes with the name login[username] and login[password]. These are the same names as the one Magento uses for their login pages, and this will allow us to use functions in Magento’s controllers.

<input type="text" name="login[username]" class="input-text required-entry validate-email" id="login-email" />
<input type="password" name="login[password]" class="input-text required-entry" id="login-password" />

Secondly, create your controller and use the _forward function to AccountController’s loginPost action. To redirect the user to different pages on unsuccessful/successful login, use setBeforeAuthUrl and setAfterAuthUrl to change where you would like to redirect the user to before forwarding the control over to AccountController. Here is a flowchart of what happens:

class My_Module_Controller extends Mage_Core_Controller_Front_Action {
   public function indexAction() {
      // if customer is not logged in
      if(!Mage::getSingleton('customer/session')->isLoggedIn())
      {
         // get the email and load the customer by id
         $login = $this->getRequest()->getPost('login');
         $email = $login['username'];
         $customer = Mage::getModel('customer/customer')
            ->setWebsiteId(Mage::app()->getStore()
            ->getWebsiteId())->loadByEmail($email);
         $quote = Mage::getSingleton('checkout/cart')->getQuote();

         //If the customer exists, log them in by forwarding to loginPost
         if($customer->getId())
         {
            // just make the customer log in
            $mysession = Mage::getSingleton('customer/session');
            $mysession->setBeforeAuthUrl(Mage::getUrl('checkout/cart'));
            $mysession->setAfterAuthUrl(Mage::getUrl('checkout/cart'));
            $this->_forward('loginPost','account','customer');
         }
         else
         {
            //There is no customer with that email.
         }
      }
      $this->_redirect('checkout/cart');
      return;
   }
}

This code will forward to Magento’s Mage_Customer_AccountController, into the loginPostAction() function. This function will check the validity of the provided login and call loginPostRedirect(). This redirect function will redirect to afterAuthUrl if the login was successful, or beforeAuthUrl if unsuccessful. To redirect to the same page regardless, you can _redirect on the page or set both before and after auth urls.

Happy coding!