/** * Test get_autologin_key. */ public function test_get_autologin_key() { global $USER, $DB; $this->resetAfterTest(true); $this->setAdminUser(); // Set server timezone for test. $this->setTimezone('UTC'); // SEt user to GMT+5. $USER->timezone = 5; $timenow = $this->setCurrentTimeStart(); $key = api::get_autologin_key(); $key = $DB->get_record('user_private_key', array('value' => $key), '*', MUST_EXIST); $this->assertTimeCurrent($key->validuntil - api::LOGIN_KEY_TTL); $this->assertEquals('0.0.0.0', $key->iprestriction); }
/** * Creates an auto-login key for the current user. Is created only in https sites and is restricted by time and ip address. * * @param string $privatetoken the user private token for validating the request * @return array with the settings and warnings * @since Moodle 3.2 */ public static function get_autologin_key($privatetoken) { global $CFG, $DB, $USER; $params = self::validate_parameters(self::get_autologin_key_parameters(), array('privatetoken' => $privatetoken)); $privatetoken = $params['privatetoken']; $context = context_system::instance(); // We must toletare these two exceptions: forcepasswordchangenotice and usernotfullysetup. try { self::validate_context($context); } catch (moodle_exception $e) { if ($e->errorcode != 'usernotfullysetup' && $e->errorcode != 'forcepasswordchangenotice') { // In case we receive a different exception, throw it. throw $e; } } api::check_autologin_prerequisites($USER->id); if (isset($_GET['privatetoken']) or empty($privatetoken)) { throw new moodle_exception('invalidprivatetoken', 'tool_mobile'); } // Check the request counter, we must limit the number of times the privatetoken is sent. // Between each request 6 minutes are required. $last = get_user_preferences('tool_mobile_autologin_request_last', 0, $USER); // Check if we must reset the count. $timenow = time(); if ($timenow - $last < 6 * MINSECS) { throw new moodle_exception('autologinkeygenerationlockout', 'tool_mobile'); } set_user_preference('tool_mobile_autologin_request_last', $timenow, $USER); // We are expecting a privatetoken linked to the current token being used. // This WS is only valid when using mobile services via REST (this is intended). $currenttoken = required_param('wstoken', PARAM_ALPHANUM); $conditions = array('userid' => $USER->id, 'token' => $currenttoken, 'privatetoken' => $privatetoken); if (!($token = $DB->get_record('external_tokens', $conditions))) { throw new moodle_exception('invalidprivatetoken', 'tool_mobile'); } $result = array(); $result['key'] = api::get_autologin_key(); $autologinurl = new moodle_url("/{$CFG->admin}/tool/mobile/autologin.php"); $result['autologinurl'] = $autologinurl->out(false); $result['warnings'] = array(); return $result; }
/** * Returns a list of site settings, filtering by section. * * @param string $section settings section name * @return array with the settings and warnings * @since Moodle 3.2 */ public static function get_config($section = '') { $params = self::validate_parameters(self::get_config_parameters(), array('section' => $section)); $settings = api::get_config($params['section']); $result['settings'] = array(); foreach ($settings as $name => $value) { $result['settings'][] = array('name' => $name, 'value' => $value); } $result['warnings'] = array(); return $result; }
/** * Returns a list of the site public settings, those not requiring authentication. * * @return array with the settings and warnings * @since Moodle 3.2 */ public static function get_site_public_settings() { $result = api::get_site_public_settings(); $result['warnings'] = array(); return $result; }
/** * Returns a list of Moodle plugins supporting the mobile app. * * @return array an array of warnings and objects containing the plugin information * @since Moodle 3.1 */ public static function get_plugins_supporting_mobile() { return array('plugins' => api::get_plugins_supporting_mobile(), 'warnings' => array()); }