Feature request - compatibility with Akeeba Loginguard

I have setup some redirect auto actions that triggers onAfterLogin. After installing Akeeba LoginGuard, they are no longer working. I belive the problem is that Loginguard is also triggering on the onAterLogin and asking for an SMS token before allowing the login.
Could a trigger from LoginGuard be implemented in the list of triggers, so that this could come to work again ?

The list of triggers will only ever include core Joomla events and CB triggers. We have no plans to add 3rd party triggers to the dropdown. However, the dropdown triggers are not strict. It's a Tag usage so you can add whatever you like to it. Simply click Triggers input, type, and press Enter/Return or Comma. 3rd party events are typically Joomla events so be sure to prefix those with joomla_.

Hmmm I have gotten this answer from Nicholas who has invented Loginguard:


Our system plugin does some checks on every page load. If you are not logged in no action is taken. If you’re logged in and there’s a server side session flag that’s you’ve gone through 2SV no action is taken. If you’re on a LoginGuard URL no action is taken.

Otherwise we check if you have 2SV enabled on your account. If not we set the flag and that’s the end of it.

Otherwise we check if there’s a previous URL stored in the session. If not we save the current URL. Either way we redirect you to the captive login page of LoginGuard.

This is also how Joomla’s privacy component works. In fact I invented the captive login technique for Joomla and then Joomla itself copied my technique

Regarding your problem it depends on how CB’s plugin works. If it performs the redirect onAfterLogin you have no problem with LoginGuard. If it tries to do the redirection on the page load AFTER logging in it will never work as LoginGuard makes its own redirect and after 2SV redirects you back to the original page you were before.

As I explained, the same holds true for Joomla’s Privacy component. So if CB’s plugin doesn’t work with LoginGuard it also wouldn’t work with Joomla’s Privacy component, therefore CB would need to make some changes. Maybe ask them how they implement it?


If I deactivate Loginguard the CB auto action redirect works, but not when I activate loginguard. I believe as Nicholas writes, this would be the same problem with Joomla 2factor activated ?

Any thoughts on this ?

The reason you're having issues is Akeeba LoginGuard is doing as it's supposed to do and redirecting to request the SMS code. It's doing its redirect before yours because it's acting on Joomlas login event and not CBs login trigger. I guess you could try using the same trigger they're using and see if CB Auto Actions can redirect first.

You however should ideally do your redirect after Akeeba LoginGuard has approved the SMS code and completed the login. So whatever Joomla event Akeeba LoginGuard provides for that will be what you use. If Akeeba LoginGuard works like Reset Password or Privacy Consent and stores the redirect destination in session then use a Code action and change the URL in session to wherever you want to redirect them to using PHP. I've no idea what their session variable is so I can't help you with that.

I don't see anything for us to implement or fix here. You'll need to adjust your auto action depending on how Akeeba LoginGuard is doing that redirect.

Ok - I will try to use som code action