SmugMug “Private” and “Unlisted” galleries in Photonic?

Hi, did you read through the following documentation? If you didn’t, try the steps in the documentation then report back.

Regards

Hi Ralf,
I believe Photonic supports private and unlisted galleries quite well – that was the bulk of the work that went into version 1.57. I sincerely do hope it is working! ??

When you go to the helper, put in your name and click “Find”, it will first show you a listing of all your public albums. It will also show you a link to authenticate. Once you authenticate, you should be able to see all your protected content as well.

If users on the front-end need to see protected content, you have to set up access to private photos as outlined in the documentation link that @mbrsolution provided. What this does is that it shows a login box to visitors. If the visitors click on that link, then authorize the application, subsequently they will be able to see protected photos as well (and the login box goes away for those visitors).

Hey Manuel,

thanks for your quick reply. I did look at the documentation, but I just read through it again – just in case ;o)

So, maybe I’m misunderstanding on how the authentication with SmugMug works in this scenario, but when I enable the “Private Photos”-setting in Photonic’s SmugMug settings, I get the “Some features that you are trying to access may be visible to logged in users….” dialog embedded in my WordPress page and when I click on the Login-button it redirects me to SmugMug.
So my question is: is this a one-time setup step that I need to do (e.g. would this establish somewhat of a “secured link” between my WordPress blog and my SmugMug account once I enter my credentials) or is this something that every visitor of my blog (a very small group of registered users only) would have to go through?
If its the latter, then this would obviously not work for my use-case since those registered users of my blog don’t have access to my SmugMug account, nor do they even have a SMugMug account themselves.

What I was hoping for is to somehow be able to establish a permanent secure connection between my blog and my SmugMug account (via some sort of auth token) and from thereon everything would be “transparent” to a user of the blog.

Cheers,

-Ralf

Hey Sayontan,

when I click on the “authenticate” link it redirects me to SmugMug and the authentication is successful (I confirmed with SmugMug support already). It then redirects me after 2-3 seconds, but instead of going back to my WordPress admin (where I came from) I just get a white page displaying a “0” in the top left corner!
When I then go back to my WordPress admin and go back to the Photonic settings, I am basically back to square #1: I need to re-enter my SmugMug user ID and when I hit “Find” it shows me my one public test album I have right now and asks me to hit “authenticate” again to see any private content. mmmmh ;o)

BTW: all my current testing happens on a virtual machine on my development notebook, so this is not an actual live site yet! I’m still trying to bring things up locally before I push the site out. Not sure if that should make a difference, but I thought it might be worth mentioning.

Regarding your explanation of front-end access to protected content for visitors: when they get prompted after clicking the link, what credentials are they expected to enter here? it looks like they need to enter SmugMug credentials, so that would then just not work for my use-case.

Thanks for your help!

-Ralf

• This reply was modified 8 years, 2 months ago by rweber.

Ralf,
It is the latter. Basically it is mimicking Smugmug authentication privileges in WP.

The way the plugin has been built is, if a photo cannot be seen in SmugMug, it cannot be seen in WP. I will be the first to admit, though, that I violated this rule somewhat in the support of password-protected albums (see the Password-Protected Albums section).

But I have been rethinking this approach and am considering offering a pre-authenticated gateway. I am in the process of doing it for Instagram at present, and might offer if for SmugMug too.

Hey Sayontan,

providing some sort of a pre-authenticated gateway would be a great addition to Photonic. Moving forward I want to use SmugMug as my “Photography Cloud”: every photo I take will go up to my SmugMug account. For the fast majority of these photos there is going to be two possible destinations: a) they are “Portfolio material” which means they should show up on my public SmugMug pages and basically represent the work of “Ralf the wannabe Photographer” ;o) or they are b) photos used in various WordPress blogs. In the latter case, SmugMug is basically just my “media backend” for blogs and some of these photos might be public (which works already beautifully with Photonic) while others have to remain private (e.g. for member-only content of the blog).
It looks like for now I am just going to create a password-protected Public folder on SmugMug (which basically hides all its content from the world) and use your Password-protected Albums support to integrate photos in that folder into my (private) WordPress blog. This is not super-elegant and the main drawback is that I end up with an unsightly “XYZ” password protected folder on my main SmugMug profile, but that is going to get the job done for now and maybe later this year, when I have some time to work on my actual photography side, you already have an updated version of the SmugMug support with a pre-authenticated gateway ;o)

Thanks again for your help!

-Ralf

Ralf,
I am curious about the SmugMug authentication error. Can you tell me what file it is reporting in the browser’s URL (not your entire URL – I just want the file name). If there are tokens in the URL, you don’t have to give me the token values – just their names will suffice. I would like to investigate this, since I don’t get any authentication errors at my end.

Hey Sayontan,

here is the “sanitized” version of the URL that I get after successfully authenticating with SmugMug and just seeing the “0” in an otherwise empty web view:

https://<MY_URL>/wp-admin/admin-ajax.php?oauth_token=<MY_OAUTH_TOKEN>&Access=Full&Permissions=Read&oauth_verifier=<MY_OAUTH_VERIFER&gt;

Ralf,
What have you set as the redirect URL for your API Key? You shouldn’t be redirected to admin-ajax.php, if your redirection URL has been set to whatever the instructions tell you on Photonic → Settings → SmugMug → SmugMug Settings → SmugMug API Key.

Sayontan,
Good call! I checked my SmugMug account settings and indeed: Callback URL and App URL were both empty! So I get the Callback URL to point back to my private blog (let’s just say https://www.myblog.com) and now, when I hit the “authenticate”-button in the SmugMug Helper, it opens up a new tab in my browser, successfully authenticates and then automatically redirects to my main blog page. But if I then, from there, open up my WordPress Dashboard and go back to the SmugMug Helper, I still can’t see any of my private/unlisted content and hitting “authenticate” again obviously just restarts the whole cycle ;o)
BTW, two quick questions:
1) What is the difference between the “AppURL” and the “CallbackURL” in the SmugMug API key setup?
2) What do I need to do to make this work with my development/production workflow, where I basically have https://www.myblog.com on the production side and https://www.myblog.dev as my local-only (!) development environment? Do I need to temporary change the appropriate URL(s) in my SmugMug account settings when I need to work on the development version of the blog and need to access my SmugMug content?

Thanks for your help!

The easiest way is to create two API keys, one with the callback URL set to your local site and the other to your Production site. I have never filled out the APP URL, so I am not sure what it does.

Regarding why the authentication is not working for you, it could possibly have something to do with cookies. Photonic uses cookies to determine if you have already got a token, so if it cannot find a specific cookie, it tells you that it couldn’t authenticate you. However, while I am fairly certain that you are facing an issue due to cookies, I cannot say why.

Ralf,
I have been considering your request for a pre-authenticated gateway, but the more I think about it, the more I feel it is not required. I can understand doing it for Picasa (in fact I have gone ahead and built it for Picasa), where Google basically killed all the good stuff in Picasa and put in an humongous barriers towards accessing photos for non-Google users, but SmugMug isn’t that way.

I am, in particular, reading this statement from your post:

This is not super-elegant and the main drawback is that I end up with an unsightly “XYZ” password protected folder on my main SmugMug profile

This isn’t necessarily accurate. True, you will get a password-protected folder on your main profile, but you can always make it unlisted. That way you will be the only person seeing it, and none of your visitors will. With this capability existing in SmugMug natively, what would be the point of providing back-end authentication?

I think, at the moment, the only challenge you are facing is with figuring out the album keys for the unlisted albums. While Photonic is unable to help you with this (I blame the cookies, but without investigating your site I cannot say for sure), I can give you a way to find out the keys. Basically, in a browser where you have already logged in to SmugMug, visit https://api.smugmug.com/api/v2/user/your-user-name, then click on the link under the node that says “User Albums”. That will list out all albums for you, and you can pick the keys that you require.