function logoutpage_hook() { if (isset($this->config->dosinglelogout) && $this->config->dosinglelogout) { set_moodle_cookie('nobody'); require_logout(); redirect($GLOBALS['CFG']->wwwroot . '/auth/saml/index.php?logout=1'); } }
} else { if (!empty($CFG->mymoodleredirect)) { // Redirect logged-in users to My Moodle overview if required if (isloggedin() && $USER->username != 'guest') { redirect($CFG->wwwroot . '/my/index.php'); } } } } else { // if upgrading from 1.6 or below if (isadmin() && moodle_needs_upgrading()) { redirect($CFG->wwwroot . '/' . $CFG->admin . '/index.php'); } } if (get_moodle_cookie() == '') { set_moodle_cookie('nobody'); // To help search for cookies on login page } if (!empty($USER->id)) { add_to_log(SITEID, 'course', 'view', 'view.php?id=' . SITEID, SITEID); } if (empty($CFG->langmenu)) { $langmenu = ''; } else { $currlang = current_language(); $langs = get_list_of_languages(); $langlabel = get_accesshide(get_string('language')); $langmenu = popup_form($CFG->wwwroot . '/index.php?lang=', $langs, 'chooselang', $currlang, '', '', '', true, 'self', $langlabel); } $PAGE = page_create_object(PAGE_COURSE_VIEW, SITEID); $pageblocks = blocks_setup($PAGE);
die; } /// Let's get them all set up. complete_user_login($user); \core\session\manager::apply_concurrent_login_limit($user->id, session_id()); // sets the username cookie if (!empty($CFG->nolastloggedin)) { // do not store last logged in user in cookie // auth plugins can temporarily override this from loginpage_hook() // do not save $CFG->nolastloggedin in database! } else { if (empty($CFG->rememberusername) or $CFG->rememberusername == 2 and empty($frm->rememberusername)) { // no permanent cookies, delete old one if exists set_moodle_cookie(''); } else { set_moodle_cookie($USER->username); } } $urltogo = core_login_get_return_url(); /// check if user password has expired /// Currently supported only for ldap-authentication module $userauth = get_auth_plugin($USER->auth); if (!empty($userauth->config->expiration) and $userauth->config->expiration == 1) { if ($userauth->can_change_password()) { $passwordchangeurl = $userauth->change_password_url(); if (!$passwordchangeurl) { $passwordchangeurl = $CFG->httpswwwroot . '/login/change_password.php'; } } else { $passwordchangeurl = $CFG->httpswwwroot . '/login/change_password.php'; }
/** * Call to complete the user login process after authenticate_user_login() * has succeeded. It will setup the $USER variable and other required bits * and pieces. * * NOTE: * - It will NOT log anything -- up to the caller to decide what to log. * * * * @uses $CFG, $USER * @param string $user obj * @return user|flase A {@link $USER} object or false if error */ function complete_user_login($user) { global $CFG, $USER; $USER = $user; // this is required because we need to access preferences here! if (!empty($CFG->regenloginsession)) { // please note this setting may break some auth plugins session_regenerate_id(); } reload_user_preferences(); update_user_login_times(); if (empty($CFG->nolastloggedin)) { set_moodle_cookie($USER->username); } else { // do not store last logged in user in cookie // auth plugins can temporarily override this from loginpage_hook() // do not save $CFG->nolastloggedin in database! set_moodle_cookie('nobody'); } set_login_session_preferences(); // Call enrolment plugins check_enrolment_plugins($user); /// This is what lets the user do anything on the site :-) load_all_capabilities(); /// Select password change url $userauth = get_auth_plugin($USER->auth); /// check whether the user should be changing password if (get_user_preferences('auth_forcepasswordchange', false)) { if ($userauth->can_change_password()) { if ($changeurl = $userauth->change_password_url()) { redirect($changeurl); } else { redirect($CFG->httpswwwroot . '/login/change_password.php'); } } else { print_error('nopasswordchangeforced', 'auth'); } } return $USER; }
/** * Call to complete the user login process after authenticate_user_login() * has succeeded. It will setup the $USER variable and other required bits * and pieces. * * NOTE: * - It will NOT log anything -- up to the caller to decide what to log. * * @param object $user * @param bool $setcookie * @return object A {@link $USER} object - BC only, do not use */ function complete_user_login($user, $setcookie = true) { global $CFG, $USER; // regenerate session id and delete old session, // this helps prevent session fixation attacks from the same domain session_regenerate_id(true); // check enrolments, load caps and setup $USER object session_set_user($user); // reload preferences from DB unset($user->preference); check_user_preferences_loaded($user); // update login times update_user_login_times(); // extra session prefs init set_login_session_preferences(); if (isguestuser()) { // no need to continue when user is THE guest return $USER; } if ($setcookie) { if (empty($CFG->nolastloggedin)) { set_moodle_cookie($USER->username); } else { // do not store last logged in user in cookie // auth plugins can temporarily override this from loginpage_hook() // do not save $CFG->nolastloggedin in database! set_moodle_cookie(''); } } /// Select password change url $userauth = get_auth_plugin($USER->auth); /// check whether the user should be changing password if (get_user_preferences('auth_forcepasswordchange', false)) { if ($userauth->can_change_password()) { if ($changeurl = $userauth->change_password_url()) { redirect($changeurl); } else { redirect($CFG->httpswwwroot . '/login/change_password.php'); } } else { print_error('nopasswordchangeforced', 'auth'); } } return $USER; }
echo $OUTPUT->header(); echo $OUTPUT->heading(get_string('mustconfirm')); echo $OUTPUT->box(get_string('emailconfirmsent', '', $user->email), 'generalbox boxaligncenter'); echo $OUTPUT->footer(); die; } // Let's get them all set up. complete_user_login($user); // Set the username cookie if (empty($CFG->nolastloggedin)) { // Store last logged in user in cookie if (empty($CFG->rememberusername) or $CFG->rememberusername == 2 and empty($frm->rememberusername)) { // No permanent cookies, delete old one if exists set_moodle_cookie(''); } else { set_moodle_cookie($USER->email); } } $urltogo = get_return_url(); // Discard any errors before the last redirect. unset($SESSION->loginerrormsg); // test the session actually works by redirecting to self $SESSION->wantsurl = $urltogo; redirect(new moodle_url('/local/obu_application/login.php', array('testsession' => $USER->id))); } else { if (empty($errormsg)) { if ($errorcode == AUTH_LOGIN_UNAUTHORISED) { $errormsg = get_string('unauthorisedlogin', '', $frm->username); } else { $errormsg = get_string('invalidlogin'); $errorcode = 3;
// but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // // You should have received a copy of the GNU General Public License // along with Moodle. If not, see <http://www.gnu.org/licenses/>. /** * Created by IntelliJ IDEA. * User: tdjones * Date: 12-01-24 * Time: 1:07 PM * To change this template use File | Settings | File Templates. */ header('Cache-Control: no-cache, no-store, must-revalidate'); // HTTP 1.1. header('Pragma: no-cache'); // HTTP 1.0. header('Expires: 0'); // Proxies. define("MOODLE_INTERNAL", true); require_once dirname(dirname(dirname(dirname(__FILE__)))) . '/config.php'; $courseid = required_param("cid", PARAM_INT); if (!isloggedin() || !empty($SESSION->has_timed_out)) { if (!empty($SESSION->has_timed_out)) { unset($SESSION->has_timed_out); } $USER = $guest = get_complete_user_data('username', 'guest'); complete_user_login($guest); set_moodle_cookie($guest->username); } redirect(new moodle_url($CFG->httpswwwroot . '/course/view.php', array('id' => $courseid)));
function teosso_authenticate_user() { global $CFG, $USER, $SESSION; $pluginconfig = get_config('auth/teosso'); // retrieve the login data from the HTTP Headers $attributes = auth_plugin_teosso::get_sso_attributes(); // check to see if we got any authentication data if (empty($attributes)) { redirect($pluginconfig->signin_url); } // get the http headers for error reporting $headers = apache_request_headers(); $attr_hdrs = array(); foreach ($headers as $key => $value) { if (preg_match('/^HTTP_/', $key)) { $attr_hdrs[] = $key . ': ' . $value; } } $headers = implode(' | ', $attr_hdrs); // FIND THE VALIDIDTY OF THE HTTP HEADER $attrmap = auth_plugin_teosso::get_attributes(); if (empty($attrmap['idnumber'])) { // serious misdemeanour print_error('missingidnumber', 'auth_teosso'); } if (empty($attributes[$attrmap['idnumber']])) { # // not valid session. Ship user off to Federation Manager add_to_log(0, 'login', 'error', '/auth/teosso/index.php', get_string('idnumber_error', 'auth_teosso', $headers)); redirect($pluginconfig->signin_error_url); } else { // in theory we only need acct_id at this point - we should retrieve the user record to get the username via idnumber if (!($user = get_record('user', 'idnumber', $attributes[$attrmap['idnumber']]))) { // must be a new user if (!empty($attributes[$attrmap['username']])) { $attributes['username'] = $attributes[$attrmap['username']]; } else { add_to_log(0, 'login', 'error', '/auth/teosso/index.php', get_string('username_error', 'auth_teosso', $headers)); redirect($pluginconfig->signin_error_url); } } else { // user must use the auth type teosso or authenticate_user_login() will fail if ($user->auth != 'teosso') { add_to_log(0, 'login', 'error', '/auth/teosso/index.php', get_string('user_auth_type_error', 'auth_teosso', $headers)); redirect($pluginconfig->signin_error_url); } // because we want to retain acct_id as the master ID // we need to modify idnumber on mdl_user NOW - so it all lines up later if (isset($attributes[$attrmap['username']]) && $user->username != $attributes[$attrmap['username']]) { if (!set_field('user', 'username', $attributes[$attrmap['username']], 'id', $user->id)) { print_error('usernameupdatefailed', 'auth_teosso'); } $attributes['username'] = $attributes[$attrmap['username']]; } else { $attributes['username'] = $user->username; } } // Valid session. Register or update user in Moodle, log him on, and redirect to Moodle front // we require the plugin to know that we are now doing a teosso login in hook puser_login $GLOBALS['teosso_login'] = TRUE; // make variables accessible to teosso->get_userinfo. Information will be requested from authenticate_user_login -> create_user_record / update_user_record $GLOBALS['teosso_login_attributes'] = $attributes; // just passes time as a password. User will never log in directly to moodle with this password anyway or so we hope? $USER = authenticate_user_login($attributes['username'], time()); $USER->loggedin = true; $USER->site = $CFG->wwwroot; update_user_login_times(); if ($pluginconfig->notshowusername) { // Don't show username on login page set_moodle_cookie('nobody'); } set_login_session_preferences(); add_to_log(SITEID, 'user', 'login', "view.php?id={$USER->id}&course=" . SITEID, $USER->id, 0, $USER->id); check_enrolment_plugins($USER); load_all_capabilities(); // just fast copied this from some other module - might not work... if (isset($SESSION->wantsurl) and strpos($SESSION->wantsurl, $CFG->wwwroot) === 0) { $urltogo = $SESSION->wantsurl; } else { $urltogo = $CFG->wwwroot . '/'; } unset($SESSION->wantsurl); redirect($urltogo); } }
/** * Call to complete the user login process after authenticate_user_login() * has succeeded. It will setup the $USER variable and other required bits * and pieces. * * NOTE: * - It will NOT log anything -- up to the caller to decide what to log. * * @uses $CFG, $USER * @param string $user obj * @return object A {@link $USER} object - BC only, do not use */ function complete_user_login($user, $setcookie = true) { global $CFG, $USER, $SESSION; // check enrolments, load caps and setup $USER object session_set_user($user); update_user_login_times(); set_login_session_preferences(); if ($setcookie) { if (empty($CFG->nolastloggedin)) { set_moodle_cookie($USER->username); } else { // do not store last logged in user in cookie // auth plugins can temporarily override this from loginpage_hook() // do not save $CFG->nolastloggedin in database! set_moodle_cookie('nobody'); } } /// Select password change url $userauth = get_auth_plugin($USER->auth); /// check whether the user should be changing password if (get_user_preferences('auth_forcepasswordchange', false)) { if ($userauth->can_change_password()) { if ($changeurl = $userauth->change_password_url()) { redirect($changeurl); } else { redirect($CFG->httpswwwroot . '/login/change_password.php'); } } else { print_error('nopasswordchangeforced', 'auth'); } } return $USER; }
function logoutpage_hook() { global $SESSION, $CFG; $logout_url = $CFG->wwwroot . '/auth/onelogin_saml/index.php?logout=1'; if (!isset($SESSION->isSAMLSessionControlled)) { $logout_url .= '&normal'; } require_logout(); set_moodle_cookie('nobody'); redirect($logout_url); }
function logoutpage_hook() { global $SESSION; set_moodle_cookie('nobody'); require_logout(); if (isset($this->config->logoffurl)) { if (ob_get_level() !== 0) { ob_end_clean(); } // in case we are inside a buffer // 301: move permanently // 302: found // 303: see other // 307: temporary redirect header("Location: " . $this->config->logoffurl, true, 301); exit; // flush header } }
/// If we can find the Shibboleth attribute, save it in session and return to main login page if (!empty($_SERVER[$pluginconfig->user_attribute])) { // Shibboleth auto-login $frm->username = strtolower($_SERVER[$pluginconfig->user_attribute]); $frm->password = substr(base64_encode($_SERVER[$pluginconfig->user_attribute]), 0, 8); // The random password consists of the first 8 letters of the base 64 encoded user ID // This password is never used unless the user account is converted to manual /// Check if the user has actually submitted login data to us if ($shibbolethauth->user_login($frm->username, $frm->password)) { $USER = authenticate_user_login($frm->username, $frm->password); $USER->loggedin = true; $USER->site = $CFG->wwwroot; // for added security, store the site in the update_user_login_times(); // Don't show previous shibboleth username on login page set_moodle_cookie(''); set_login_session_preferences(); unset($SESSION->lang); $SESSION->justloggedin = true; add_to_log(SITEID, 'user', 'login', "view.php?id={$USER->id}&course=" . SITEID, $USER->id, 0, $USER->id); if (user_not_fully_set_up($USER)) { $urltogo = $CFG->wwwroot . '/user/edit.php?id=' . $USER->id . '&course=' . SITEID; // We don't delete $SESSION->wantsurl yet, so we get there later } else { if (isset($SESSION->wantsurl) and strpos($SESSION->wantsurl, $CFG->wwwroot) === 0) { $urltogo = $SESSION->wantsurl; /// Because it's an address in this site unset($SESSION->wantsurl); } else { $urltogo = $CFG->wwwroot . '/'; /// Go to the standard home page
function enter($userid,$password){ global $CFG,$USER; $authsequence = get_enabled_auth_plugins(true); foreach($authsequence as $authname){ $authplugin = get_auth_plugin($authname); $authplugin->loginpage_hook(); } $frm=new stdClass(); $frm->username = $userid; $frm->password = $password; $user = authenticate_user_login($frm->username,$frm->password); if ($user){ complete_user_login($user); set_moodle_cookie(''); } return $user; }
function logoutpage_hook() { global $SESSION; unset($SESSION->isSAMLSessionControlled); //if($this->config->dologout) { set_moodle_cookie('nobody'); require_logout(); redirect($GLOBALS['CFG']->wwwroot . '/auth/onelogin_saml/index.php?logout=1'); //} }
function logoutpage_hook() { global $CFG, $USER; auth_plugin_teosso::err('in logoutpage_hook'); if ($USER->auth == 'teosso' && $this->config->dologout) { set_moodle_cookie('nobody'); require_logout(); redirect($this->config->signout_url); } }
function logoutpage_hook() { global $SESSION; set_moodle_cookie('nobody'); require_logout(); if (isset($this->config->logoffurl)) { // 301: move permanently // 302: found // 303: see other // 307: temporary redirect header("Location: " . $this->config->logoffurl, true, 301); // redirect($this->config->logoffurl); } }