Hi.
I have added a auth plugin that fetches JWT from the request header and logs in the user, using the loginpage_hook. The problem is that i have Moodle in an iframe an upon login it redirects the user and so i get a 403. Is there a way to login a user without redirect?
Hi Marcel,
AFAIK Moodle uses HTTP 303 redirection by design: you could POST username and password to /login/index.php but I guess this conflicts with your token based architecture.
Why not using a cookie instead of a "plain" HTTP Header? It will live during the whole requests life cycle, including the redirection.
HTH,
Matteo
