Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-67053

Allow bypassing alternateloginurl config setting with a URL param

XMLWordPrintable

    • MOODLE_36_STABLE, MOODLE_37_STABLE, MOODLE_38_STABLE, MOODLE_404_STABLE
    • MOODLE_404_STABLE
    • MDL-67053-main
    • Hide

      Setup

      1. Add $CFG->alternateloginurl = 'https://google.com' to your config.php

      Testing

      1. Access your login page at [YOUR_SITE]/login/index.php
      2. CONFIRM that it redirects to what you set for $CFG->alternateloginurl
      3. Add '?loginredirect=0' to the login url and try again i.e [YOUR_SITE]/login/index.php?loginredirect=0
      4. CONFIRM that it doesn't redirect and loads the login page
      5. Submit credentials which will fail
      6. CONFIRM you end up back at the login page again, not the alternate login page

       

      Show
      Setup Add $CFG->alternateloginurl = ' https://google.com' to your config.php Testing Access your login page at [YOUR_SITE] /login/index.php CONFIRM that it redirects to what you set for $CFG->alternateloginurl Add '?loginredirect=0' to the login url and try again i.e [YOUR_SITE] /login/index.php?loginredirect=0 CONFIRM that it doesn't redirect and loads the login page Submit credentials which will fail CONFIRM you end up back at the login page again, not the alternate login page  
    • 2
    • Team Hedgehog 2023 Sprint 4.2, Team Hedgehog 2023 Sprint 4.3, Team Hedgehog 2023 Review 4

      To authenticate in moodle, it is often useful to redirect and authenticate on a 3rd party page, following the authentication flow from "3rd party auth plugins" https://docs.moodle.org/dev/Authentication_plugins#Overview_of_Moodle_authentication_process

      Some auth plugins do this already. There is an automatic redirect, but you can insert a param in the URL to see the manual login form: https://github.com/catalyst/moodle-auth_saml2/blob/master/auth.php#L352

      At the moment, every auth plugin needs to reimplement this URL param logic for redirection. This is probably basic functionality that should always apply to redirects away from the login/index.php page, and for alternateloginurl as well.

       

        1. MDL-67053.png
          400 kB
          Ron Carl Alfon Yu

            david.woloszyn@moodle.com David Woloszyn
            kristianr Kristian Ringer
            Stevani Andolo Stevani Andolo
            Huong Nguyen Huong Nguyen
            Ron Carl Alfon Yu Ron Carl Alfon Yu
            Votes:
            1 Vote for this issue
            Watchers:
            15 Start watching this issue

              Created:
              Updated:
              Resolved:

                Estimated:
                Original Estimate - 0 minutes
                0m
                Remaining:
                Remaining Estimate - 0 minutes
                0m
                Logged:
                Time Spent - 5 hours, 15 minutes
                5h 15m

                  Error rendering 'clockify-timesheets-time-tracking-reports:timer-sidebar'. Please contact your Jira administrators.