See Release Notes
Long Term Support Release
Differences Between: [Versions 310 and 401] [Versions 401 and 402] [Versions 401 and 403]
1 <?php 2 // This file is part of Moodle - http://moodle.org/ 3 // 4 // Moodle is free software: you can redistribute it and/or modify 5 // it under the terms of the GNU General Public License as published by 6 // the Free Software Foundation, either version 3 of the License, or 7 // (at your option) any later version. 8 // 9 // Moodle is distributed in the hope that it will be useful, 10 // but WITHOUT ANY WARRANTY; without even the implied warranty of 11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12 // GNU General Public License for more details. 13 // 14 // You should have received a copy of the GNU General Public License 15 // along with Moodle. If not, see <http://www.gnu.org/licenses/>. 16 17 /** 18 * Auto-login end-point, a user can be fully authenticated in the site providing a valid key. 19 * 20 * @package tool_mobile 21 * @copyright 2016 Juan Leyva 22 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later 23 */ 24 25 require_once(__DIR__ . '/../../../config.php'); 26 require_once($CFG->libdir . '/externallib.php'); 27 28 $userid = required_param('userid', PARAM_INT); // The user id the key belongs to (for double-checking). 29 $key = required_param('key', PARAM_ALPHANUMEXT); // The key generated by the tool_mobile_external::get_autologin_key() external function. 30 $urltogo = optional_param('urltogo', $CFG->wwwroot, PARAM_LOCALURL); // URL to redirect. 31 $urltogo = $urltogo ?: $CFG->wwwroot; 32 33 $context = context_system::instance(); 34 $PAGE->set_context($context); 35 36 // Check if the user is already logged-in. 37 if (isloggedin() and !isguestuser()) { 38 delete_user_key('tool_mobile', $userid); 39 if ($USER->id == $userid) { 40 redirect($urltogo); 41 } else { 42 throw new moodle_exception('alreadyloggedin', 'error', '', format_string(fullname($USER))); 43 } 44 } 45 46 tool_mobile\api::check_autologin_prerequisites($userid); 47 48 // Validate and delete the key. 49 $key = validate_user_key($key, 'tool_mobile', null); 50 delete_user_key('tool_mobile', $userid); 51 52 // Double check key belong to user. 53 if ($key->userid != $userid) { 54 throw new moodle_exception('invalidkey'); 55 } 56 57 // Key validated, now require an active user: not guest, not suspended. 58 $user = core_user::get_user($key->userid, '*', MUST_EXIST); 59 core_user::require_active_user($user, true, true); 60 61 // Do the user log-in. 62 if (!$user = get_complete_user_data('id', $user->id)) { 63 throw new moodle_exception('cannotfinduser', '', '', $user->id); 64 } 65 66 complete_user_login($user); 67 \core\session\manager::apply_concurrent_login_limit($user->id, session_id()); 68 69 redirect($urltogo);
title
Description
Body
title
Description
Body
title
Description
Body
title
Body