Commit Graph

96 Commits

Author SHA1 Message Date
Meirza 84b053f088 MDL-76109 core: Don't check password policy for guest user
Besides adding the is_guest() check in the check_password_policy() condition,
I also changed the temporary user ID because the temporary user and
the guest must not share the same ID. Otherwise, it will raise an error.

Co-authored-by: Andrei Bautu <abautu@gmail.com>
2023-11-30 10:35:04 +07:00
Jun Pataleta 29ec472284 Merge branch 'MDL-53368-master-3' of https://github.com/HuongNV13/moodle 2023-08-24 22:51:26 +08:00
Huong Nguyen 0cd29afb6f MDL-53368 core_auth: Implement reCaptcha on login page 2023-08-24 15:18:31 +07:00
Cameron Ball 230fcddd62 MDL-78630 auth: Display lock/unlock messages 2023-08-15 10:59:09 +08:00
Marina Glancy 8fc1486d36 MDL-77164 various: fix incorrect phpdocs 2023-04-13 11:35:06 +01:00
Tomo Tsuyuki a6a7b16846 MDL-75171 Auth: extend user logged in event
Co-authored-by: Heena Agheda <heenaagheda@catalyst-au.net>
2022-08-19 18:38:59 +10:00
Sujith Haridasan 73d604369d MDL-71062 core: Step 1 deprecation of print_error function 2022-07-13 08:20:54 +05:30
Jake Dallimore 59b5858da2 MDL-73736 core_auth: Fix concurrency issue in login_attempt_failed()
This patch wraps the login_failed_count logic in a resource lock and
forces a user preferences cache reload. Each thread must wait for the
lock and must fetch the current count before incrementing it. This
ensures that login_failed_count is correct across threads and that the
lockout threshold is correctly honoured.

Co-Authored-By: Sujith Haridasan <sujith@moodle.com>
2022-05-04 14:44:42 +06:00
Marina Glancy 5682b9a585 MDL-71051 core_user: always use API when working with profile fields 2021-04-28 11:39:04 +02:00
Bas Brands f9e1c2587a MDL-28452 core_user: migrate social profile fields
Create a new profile field type, move all existing content of the fields
'icq', 'skype', 'aim', 'yahoo', 'msn' and 'url' in the mdl_user table to
theses new profile fields if needed.

AMOS BEGIN
MOV [aimid,core],[aimid,courseimage,profilefield_social]
MOV [yahooid,core],[yahooid,profilefield_social]
MOV [skypeid,core],[skypeid,profilefield_social]
MOV [icqnumber,core],[icqnumber,profilefield_social]
MOV [msnid,core],[msnid,profilefield_social]
MOV [webpage,core],[webpage,profilefield_social]
AMOS END
2021-04-21 11:22:25 +02:00
sam marshall 5e72715e4f MDL-71099 Lib: Move new user_fields class from core to core_user
This class would belong more appropriately within the 'user' API
(core_user) instead of within the 'core' API, since it is
directly related to user data.

Since the class has only just been added to Moodle, now is a good
time to move it.
2021-03-25 13:47:23 +00:00
sam marshall 558cc1b85e MDL-45242 Lib: Replace calls to deprecated functions
In all cases changes have been kept to a minimum while not making
the code completely horrible. For example, there are many instances
where it would probably be better to rewrite a query entirely, but
I have not done that (in order to reduce the risk of changes).
2021-03-10 10:57:10 +00:00
David Mudrák 3621b497d2 MDL-68183 auth: Fix the performance of signup_validate_data search query
When searching for other users with the same email address, we perform
the case-insensitive and accent-sensitive search. That may be expensive
as some DBs such as MySQL cannot use the index in that case. Instead,
sequential scan of all the user records is performed and the comparison
uses the LOWER function to filter the matching records. This leads to
significant performance heavy queries which in turn represent a surface
for DoS attacks.

For that reason, we first perform accent-insensitive search for
potential candidates in a subselect, which can use the index. Only then
we perform the additional accent-sensitive search on this limited set or
records.
2020-03-17 14:52:32 +01:00
Jun Pataleta 658676adc0 MDL-66581 auth: Properly assign the link attribute 2019-12-02 15:28:23 +08:00
Iñigo Zendegi befbe2838f MDL-66581 auth: Do string concatenation for the password change URL
This reverts the change introduced by MDL-59298 where the password
change URL data is being assigned with a moodle_url object instead
of concatenating it.
2019-12-02 15:20:44 +08:00
Brendan Heywood 319577dbbb MDL-66984 auth: Allow $USER to be used in change_password_url 2019-10-22 13:39:25 +11:00
[Peter Burnett] ad9c96e531 MDL-66123 core: check_password_policy takes $user argument 2019-07-29 14:37:50 +10:00
Eloy Lafuente (stronk7) f79881b8d0 Merge branch 'MDL-59298-master' of git://github.com/rezaies/moodle 2019-04-15 23:53:58 +02:00
Shamim Rezaie 206ec32890 MDL-59298 auth: Added get_password_change_info to auth plugins 2019-04-08 18:43:22 +10:00
Jun Pataleta cd69d45d22 MDL-46975 core_auth: Make email validation case-insensitive
* Make email query case-insensitive
* Check only for duplicate emails if $CFG->allowaccountssameemail
is empty.
* Compare the values in "Email address" and "Email (again)" in the
signup form in a case-insensitive fashion.
2019-03-29 13:37:07 +08:00
Mark Nelson e8a1a5868a MDL-40613 auth_ldap: removed usage of profile_load_custom_fields()
Also reverted profile_load_custom_fields() signature and changed
behaviour of the new function profile_save_custom_fields().
2018-01-03 18:13:01 +08:00
Mark Nelson 4afad1faeb MDL-40613 auth: moved lang string to common auth file
Also fixed call to get_string() and defined var 'errorlogtag'
in base class.

AMOS BEGIN
 MOV [auth_dbusernotexist,auth_db],[auth_usernotexist,auth]
AMOS END
2017-12-19 14:13:35 +08:00
Mark Nelson 4e133e775c MDL-40613 auth: avoid undefined property 'suspended_attribute'
Re-introduce MDL-53580.
2017-12-19 14:13:34 +08:00
Albert Gasset 2c977ceb29 MDL-40613 auth_ldap: sync custom profile fields 2017-12-19 14:13:34 +08:00
Brendan Heywood b588373656 MDL-60968 auth: Allow more flexibility with mapping attributes 2017-12-12 09:37:35 +08:00
Marina Glancy 65a77c7381 MDL-60926 auth: do not map very long profile fields 2017-12-04 09:31:42 +08:00
Tim Hunt 2b2967ee56 MDL-59929 signup: inprove usability when duplicate email entered 2017-08-24 16:29:03 +01:00
Juan Leyva 220656e83b MDL-59741 auth: Always check the type of iconurls
We need to check always if iconurl is an instance of moodle_url to
avoid Web Services returning iconurls from identity providers to fail.
2017-08-07 10:58:37 +02:00
David Monllao 6778792008 Merge branch 'MDL-58631-master-authdoc' of git://github.com/mudrd8mz/moodle 2017-04-19 06:20:41 +08:00
Dan Poltawski 385e2fc839 Merge branch 'MDL-58526_m33v2' of https://github.com/sbourget/moodle 2017-04-18 19:47:04 +01:00
David Mudrák 1cb5c7b31f MDL-58631 auth: Clarify documentation of changes in loginpage_idp_list()
This should clarify the new 'iconurl' key returned by the auth plugin's
loginpage_idp_list() method.
2017-04-18 17:00:40 +02:00
John Okely c17d949c8d MDL-58618 auth: Fix idp icon urls 2017-04-18 13:35:59 +08:00
Jun Pataleta 627ea5b10e MDL-58400 auth: New helper methods for identity providers
* get_identity_providers(): Retrieves available auth identity providers
* prepare_identity_providers_for_output(): Prepares auth identity
    provider data for output (e.g. to templates, WS, etc)
* Use these helpers for the login renderer
2017-04-10 11:12:03 +08:00
Stephen Bourget 3ee50231e7 MDL-58526 auth: Improve labels on field mappings 2017-04-09 17:15:33 -04:00
David Monllao fcada374ac Merge branch 'MDL-12689_m33v4' of https://github.com/sbourget/moodle 2017-04-04 00:08:50 +02:00
Stephen Bourget 037273d87e MDL-12689: convert auth plugins to use settings.php 2017-04-03 10:50:09 -04:00
Damyon Wiese d9fbe3146c MDL-58220 oauth2: Use the same list of user fields
Authentication has a hard coded list of valid internal user fields - but they are in a class variable. We need them
in oauth user_field_mapping so we need to move them to a central place and call them from oauth2 and auth.
2017-04-03 13:43:26 +08:00
Juan Leyva 813320fbb6 MDL-57102 auth: Add new signup_is_enabled function
And apply the function in:
- login/signup.php
- blocks/login/block_login.php
2016-11-23 19:35:08 +00:00
Juan Leyva 83e4dc1796 MDL-56092 core_auth: New WS core_auth_confirm_user 2016-10-04 09:50:32 +01:00
Juan Leyva 574b9d86e9 MDL-56092 core_auth: Move signup code from form to authlib 2016-10-04 09:49:26 +01:00
Jakob cffd0fa138 MDL-53306 auth: Add hook for auth plugins to access user object.
Add a hook for auth plugins to be able to modify or check a user, before
raising any authentication errors.

The auth plugin needs to add a public function like this:

/**
 * Pre user_login hook.
 * This method is called from authenticate_user_login() right after the user
 * object is generated. This gives the auth plugins an option to make adjustments
 * before the verification process starts.
 *
 * @param object $user user object, later used for $USER
*/
public function pre_user_login_hook(&$user) {
    // Override if needed.
}
2016-05-30 11:57:03 -07:00
Marina Glancy 0f7f30021a MDL-51217 auth: check if recaptcha enabled for current plugin 2015-09-16 15:30:04 +08:00
Charles Fulton b6f28375b7 MDL-45113 auth: add is_configured method and convert auth_db to use it 2015-07-31 15:16:08 +00:00
Brendan Heywood bf08e3f94c MDL-48887 An auth plugin hook enabling removal of redundant redirects
This introduces a new hook allowing an auth plugin to redirect to an
external login page directly without redundant redirects to the standard
login page first, or where possible to authenticate the user and simply
continue loading the page without any redirects. For some protocols such
as SAML reducing the number of redirects to the bare minimum greatly
speeds up the login process on high latency networks.
2015-04-02 11:08:20 +02:00
Vadim Dvorovenko 2fbd261d45 MDL-42172 Authentification: Adding alternate names to "Lock user fields"
Adding alternate name fields (firstnamephonetic, lastnamephonetic,
middlename, alternatename) to "Lock user fields" for all
authentification plugins. This is needed to sync alternate name fields
with external data sources and to lock them for editing.
2015-01-16 09:23:51 +07:00
Charles Fulton 65d7932ca3 MDL-46247 auth: Add new language for unauthorised external user 2014-07-07 10:16:09 -07:00
Simey Lameze f9f9d187f8 MDL-40805 auth_cas : Method postlogout_hook created to be executed after user_loggedout event trigger. 2014-06-24 11:00:32 +08:00
Tim Hunt 5bcfd504df MDL-45618 Fix @since PHPdoc tags. 2014-05-19 17:03:04 +01:00
Ankit Agarwal 52dc1de746 MDL-42891 administration: Re-implement incorrect login notification, without using the logtable. 2014-04-01 17:18:15 +08:00
Brian King c484af5aa6 MDL-43497 Language: Allow course language to be overridden 2014-03-07 09:11:18 +01:00