Forums | Mahara Community

Developers /
Authentication


Osbel Rondón's profile picture
Posts: 23

29 April 2017, 11:10 AM

Hello everyone
There is some documentation on how to use the mahara_autologin_redirect function or how to log in to mahara with credentials from an external system.
Thanks in advance

Kristina Hoeppner's profile picture
Posts: 3400

01 May 2017, 1:30 PM

Hello Osbel,

Please find more information in /lib/config-defaults.php: https://git.mahara.org/mahara/mahara/blob/master/htdocs/lib/config-defaults.php#L384

Cheers

Kristina

 

Osbel Rondón's profile picture
Posts: 23

02 May 2017, 2:28 PM

Thanks Kristina for answering me
I am making an authentication module for mahara that allows users access without having to type the password but I do not understand how sessions work. What I need is to tell the system to "log in to user XXXX" and then the system will start the session of that user XXXX without having to provide a password. Any ideas you can give me will be grateful.
Osbel

Robert Lyon's profile picture
Posts: 360

09 May 2017, 8:22 AM

Hi Osbel,

Are you needing the users to log in elsewhere, say using an LMS, then navigate over to Mahara without logging in again?

If so then you can do something like the auth/saml/index.php + auth/saml/lib.php setup where we initially set up a default $USER instance like so

$SESSION = Session::singleton();
$USER    = new LiveUser();
$THEME   = new Theme($USER);

Then hit request_user_authorise() function checks that the user jumping across from somewhere else to Mahara exists in Mahara side (or create them if they don't) and logs them in (reanimates the $USER object as that user)

So you would need to make sure the user is logged in to external LMS and that there is some information passed to Mahara (ie a packet of information that has come from external source) includes a unique identifier (possibly email or username) so that Mahara can identify the correct account in Mahara to log into.

For the SAML plugin the identity info comes from a thirdparty Identity Provider.

In you case it could come from a $_POST of data from external LMS or could be part of URL - it all depends on how easy/safe you want to make things.

In Mahara 17.04 there is also the option of using LTI plugin to allow for SSO from external systems into Mahara without needing a thirdparty IdP (currently works for Moodle/Canvas/Blackboard) but could easily work for other LTI enabled systems as well.

Hope this helps

Cheers

Robert

 

 

Osbel Rondón's profile picture
Posts: 23

09 May 2017, 10:10 AM

Many thanks Robert,

With your collaboration I have already managed to start user sessions, but now it is giving me a problem when I log out because the session seems to be open. How can i solve this ?

Regards

Robert Lyon's profile picture
Posts: 360

09 May 2017, 11:59 AM

To make sure a user is logged out you'd need to call

    $USER->logout();

within you auth plugin'd logout() function to log them out of Mahara.

If you need them to also be logged out of their LMS then as part of your logout function you would need to send the appropriate data to the LMS, eg visit a url at LMS that logs user out.

 

 

Osbel Rondón's profile picture
Posts: 23

09 May 2017, 2:52 PM

Thank you so much Robert
I've already solved the problem. The user was logged off but when he re-started session he did so with the credentials of another user.
regards
Osbel

7 results