Login from URL using GET method

Login from URL using GET method

by Siddharth Patel -
Number of replies: 4

Greetings..

I am working on a mobile application. In which, I got a requirement that I have to make the login system from the mobile app to moodle web site. Here, I have to pass a url having the username and password to the system and it would make the login to the system.

I looked in the forum, which contained the cookie methods for the login system as well as the login($username, $password) function used in the moodle site. I tried them but they are not working for my site.

Any suggestions for this?

Regards..

Sid

Average of ratings: -
In reply to Siddharth Patel

Re: Login from URL using GET method

by Tim Hunt -
Picture of Core developers Picture of Documentation writers Picture of Particularly helpful Moodlers Picture of Peer reviewers Picture of Plugin developers

Using a GET to log-in is a bad idea from a security piont of view.

I suggest that you look at how Moodle web-services do security. http://docs.moodle.org/dev/External_services_security

Average of ratings: -
In reply to Tim Hunt

Re: Login from URL using GET method

by Siddharth Patel -

Thanks a lot Tim for the suggestion..

We are trying to make the login system from a mobile application and for that the temporery solution is thought for the GET method, we will make it more secure later. Priority here, is for the login system.

I have developed system for some level for the login. I have made a hidden moodle login form which takes username and password from previous page and make login in the moodle successfully. But, now I want to generate an XML for the logged in user's details and I also developed a page for that. But, the problem here is faced by the $_SERVER['HTTP_REFERER'].

I want the user to be passed on the XML page if the user is logged in from the custom login page and to pass the user to home page if the user is logged in from the default moodle page. So, I applied a $_SERVER['HTTP_REFERER'] condition for the custom login page on the moodle home page.

But in the $_SERVER['HTTP_REFERER'], user always get the custom login page eventhough the home page is opened directly.

Can you help or suggest for the login system ot this problem?

TIA,

Regards..
Sid 

Average of ratings: -
In reply to Siddharth Patel

Re: Login from URL using GET method

by Siddharth Patel -

Greetings..

A solution worked for me for the login from the outer application to moodle. I was able to create the hidden form and manage the login in moodle.

For the redirection to proper page, I got the reference from here http://moodle.org/mod/forum/discuss.php?d=55669.

In this post, the issues are discussed:

  1. Automatic authentication (single sign-on)
  2. Direct access to a specific course

Here, the $SESSION->wantsurl worked for my requirement.

Thanks and Regards..
Sid

Average of ratings: -
In reply to Siddharth Patel

Re: Login from URL using GET method

by Thair Otoum -

Login from URL using GET method is exactly what I am looking for . . . and I don't care for security issues 

would you please tell me how you did it 

I am new on moodle . . . and php too 

 

Average of ratings: -