1

I am hoping someone can point me in the right direction. We host a University Moodle site and we are looking for a way in which we can perform extra validation on a Student whenever they login. I will give a scenario.

We have an endpoint with a list of email addresses of students allowed to use the system, for example a list of Students who are fully paid up on tuition. Therefore, we are looking for a way to hook into the login process, perform this check and the allow the student to continue or redirect back to the login page with an error.

I would appreciate any advice on how we can achieve this. Thank you.

realnsleo
  • 709
  • 2
  • 12
  • 29

1 Answers1

1

I found a solution to my problem. I ended up creating a custom Authentication plugin using the guidelines from https://docs.moodle.org/dev/Authentication_plugins. With that knowledge, I used the copied the folder in the Moodle installation path auth/none and used that as a shell for my new plugin. I went ahead and customized the plugin names to what I needed. Once that was done and once the plugin was installed and enabled from the Administrator Dashboard, I had something like this in my auth.php file:

// Required for all auth plugins
public function user_login($username, $password)
{
    return false;
}

// Hooks in immediately after the User submits the login form
public function loginpage_hook()
{
    $username = $_REQUEST['username'] ?? '';

    /** CODE CHECKING IF USERNAME IS ALLOWED TO ACCESS MOODLE **/
    /** FOR EXAMPLE CHECK IF USER PAID FEES **/    
    $userHasPaidFees = api_checks_if_user_paid_fees($username);

    if ($userHasPaidFees ) {
        // Returning true here proceeds with the 
        // normal Username/Password login combination
        return true;
    }
    
    // If not, redirect them back to Login
    // Or any other page and notify
    redirect(
        new moodle_url('/login/index.php'), 
        'Message telling user why they were not able to sign in',
        null,
        \core\output\notification::NOTIFY_ERROR
    );
}

Thanks and I hope someone finds this useful.

realnsleo
  • 709
  • 2
  • 12
  • 29
  • 1
    This solution seems to make it possible for anybody to check whether another member paid their fees as the check is done before the user and password have been validated. – FMCorz Oct 10 '21 at 03:55
  • @FMCorz that's true. Do you know any way that I can check AFTER the student has signed in? Thanks. – realnsleo Oct 11 '21 at 09:32
  • 1
    @realnsleo you can implement your checks AFTER the student credentials have been validated, by adding your hook inside the user_login($username, $password) function, before it returns true. It has to be BEFORE the functions returns true, but AFTER the credentials have been validated. – Raymond Mlambo Nov 15 '22 at 09:25
  • Thank you @RaymondMlambo. I have implemented that in my test platform and it seems to work great. I will edit the answer above with this. Thanks again. – realnsleo Nov 16 '22 at 10:31