Hi
So we are developing a native android app . For now we have a requirement to make the quiz and scorms open in web view within the app rather than use web services . Now the issue is when the user is directed to click on the quiz link or scorm link , it opens up in web view and this asks him to login again. I was hoping to eliminate this . So I made my own auth plugin which has a pre_loginpage_hook function and along with the quiz / scorm link we will append the token . The pre_loginpage_hook will read the token , validate it , log in the user and redirect him to where he wants.
I just wanted to know if someone sees something wrong in doing this? I do know from a security prespective it is opening a hole but thats what the client want.
Any feedback would be much appreciated