Allow login if a different session is open

Question

Allow login if a different session is open

Opened this issue 7 months ago · 1 comments

Hello,

We are currently facing a problem when we try to connect to Moodle with a different user when there is another session open in Moodle.
In our application integrated with Moodle, we allow the option to connect with a different user to see how they view the platform and, when accessing Moodle, the login does not work because there is an open session with another user.

In order for it to work, we have to make sure we log out of Moodle first, and then log back in through the plugin.

After investigating the currently working, we think the auth.php should be modified as follows:

$user = get_complete_user_data('id', $key->userid);
if ($user->suspended === "0" && $user->deleted === "0") {
   if (isloggedin()) {
          if ($key->userid <> $USER->id) {
	        require_logout();
	        $wantsurl = (!empty($wantsurl) ? '&wantsurl=' . $wantsurl : '');
	        $redirecturl = $CFG->wwwroot.'/auth/userkey/login.php?key='.$keyvalue.$wantsurl;
	        $this->redirect($redirecturl);
           } else {
	        $this->redirect($redirecturl);
           }
    } else {
         $this->userkeymanager->delete_keys($key->userid);
         $user = get_complete_user_data('id', $key->userid);
         complete_user_login($user);

        // Identify this session as using user key auth method.
        $SESSION->userkey = true;
        $this->redirect($redirecturl);
     }
} else {
   require_logout();
   $this->redirect($CFG->wwwroot);
}

Answer 1 · 2024-02-05T07:54:36.000Z

Hi @IsycDev
If you could submit proposed changes as pull request this would speed up getting this issue resolved. Don't forget to add automated tests to support your change and test any possible edge cases.