Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-56092

Web Services for enabling users auto-registering (sign up) via external functions

    XMLWordPrintable

    Details

    • Testing Instructions:
      Hide
      1. As admin add the following settings in your Moodle:
        • passwordpolicy: Configure a password policy in the site
        • sitepolicy: Add a link to a document (any), simulating the site policy
        • defaultcity and country: Add a default city and country
      2. Add a couple of profile fields, both configured to be displayed in the sign-up form, mark one as required.
      3. Then, execute the following curl request:

        curl 'http://localhost/m/stable_master/lib/ajax/service.php' --data-binary '[{"index":0,"methodname":"auth_email_get_signup_settings","args":{}}]' | python -m "json.tool"

      4. And check that you receive all the correct for the values you set-up including the list of profile fields.
      5. Now, use the following command to create a new user account, please, included valid data.
        • Note that for the profile fields you have to include the type, the complete name of the field and the value, in the following command there are examples for text, datetime, text area and menu

          curl 'http://localhost/m/stable_master/lib/ajax/service.php' --data-binary '[{"index":0,"methodname":"auth_email_signup_user","args":{"username": "studentjuan2", "password": "moodle", "email": "juan@moodle.comz", "firstname": "asb", "lastname": "asdfasdf", "city": "Barcelona", "country": "ES", "customprofilefields": [ { "type": "menu", "name": "profile_field_menutest", "value": "option 1"},{ "type": "text", "name": "profile_field_textinputtest01", "value": "asdfasfd"}, { "type": "datetime", "name": "profile_field_datetimetest", "value": "1474625100"}, { "type": "textarea", "name": "profile_field_textareatest01", "value": "{\"text\":\"blah blah\",\"format\":1}"}]}}]' | python -m "json.tool"
          

      6. If everything goes ok, you should see receive a success
      7. Now, execute the same curl command to check that you receive several warnings: username, email already used
      8. You can also try to submit a user with a password not matching the password policy, you should receive warnings
      9. If you don't include the mandatory custom profile fields you should receive a invalid_parameter_exception parameter exception
      10. Now, you can confirm the user using the following curl request (passing the secret in the user table secret field (or the secret that you received via email - removing the username part))

        curl 'http://localhost/m/stable_master/lib/ajax/service.php' --data-binary '[{"index":0,"methodname":"core_auth_confirm_user","args":{"username": "", "secret": ""}}]' | python -m "json.tool"
        

      11. If you try to confirm a user that already exists you should receive a warning
      12. If you use an incorrect secret you will see an exception
      13. Finally, you can check the registration using recaptcha (this is optional since is not easy to test)
      14. You must get a recaptcha public and private key here: https://www.google.com/recaptcha/intro/index.html (please, enter localhost as a valid domain if you are testing locally)
      15. Then, you must enable captcha in the global settings and in the auth email settings
      16. Once everything is set-up, you can execute again the first curl call (auth_email_get_signup_settings) and you will receive the challenge hash and image URl and also the javascript version
      17. If you are able to read clearly the image URL, you can then add two new fields in the auth_email_signup_user request:
        • recaptchachallengehash
        • recaptcharesponse
      18. If you have problems reading the image, you can include the javascript file in a local html file, this will generate a new more readable image and a new challenge hash (you must explore the html to get the hash that is part of the image path)
      Show
      As admin add the following settings in your Moodle: passwordpolicy: Configure a password policy in the site sitepolicy: Add a link to a document (any), simulating the site policy defaultcity and country: Add a default city and country Add a couple of profile fields, both configured to be displayed in the sign-up form, mark one as required. Then, execute the following curl request: curl 'http://localhost/m/stable_master/lib/ajax/service.php' --data-binary ' [{"index":0,"methodname":"auth_email_get_signup_settings","args":{}}] ' | python -m "json.tool" And check that you receive all the correct for the values you set-up including the list of profile fields. Now, use the following command to create a new user account, please, included valid data. Note that for the profile fields you have to include the type, the complete name of the field and the value, in the following command there are examples for text, datetime, text area and menu curl 'http://localhost/m/stable_master/lib/ajax/service.php' --data-binary '[{"index":0,"methodname":"auth_email_signup_user","args":{"username": "studentjuan2", "password": "moodle", "email": "juan@moodle.comz", "firstname": "asb", "lastname": "asdfasdf", "city": "Barcelona", "country": "ES", "customprofilefields": [ { "type": "menu", "name": "profile_field_menutest", "value": "option 1"},{ "type": "text", "name": "profile_field_textinputtest01", "value": "asdfasfd"}, { "type": "datetime", "name": "profile_field_datetimetest", "value": "1474625100"}, { "type": "textarea", "name": "profile_field_textareatest01", "value": "{\"text\":\"blah blah\",\"format\":1}"}]}}]' | python -m "json.tool" If everything goes ok, you should see receive a success Now, execute the same curl command to check that you receive several warnings: username, email already used You can also try to submit a user with a password not matching the password policy, you should receive warnings If you don't include the mandatory custom profile fields you should receive a invalid_parameter_exception parameter exception Now, you can confirm the user using the following curl request (passing the secret in the user table secret field (or the secret that you received via email - removing the username part)) curl 'http://localhost/m/stable_master/lib/ajax/service.php' --data-binary '[{"index":0,"methodname":"core_auth_confirm_user","args":{"username": "", "secret": ""}}]' | python -m "json.tool" If you try to confirm a user that already exists you should receive a warning If you use an incorrect secret you will see an exception Finally, you can check the registration using recaptcha (this is optional since is not easy to test) You must get a recaptcha public and private key here: https://www.google.com/recaptcha/intro/index.html (please, enter localhost as a valid domain if you are testing locally) Then, you must enable captcha in the global settings and in the auth email settings Once everything is set-up, you can execute again the first curl call (auth_email_get_signup_settings) and you will receive the challenge hash and image URl and also the javascript version If you are able to read clearly the image URL, you can then add two new fields in the auth_email_signup_user request: recaptchachallengehash recaptcharesponse If you have problems reading the image, you can include the javascript file in a local html file, this will generate a new more readable image and a new challenge hash (you must explore the html to get the hash that is part of the image path)
    • Affected Branches:
      MOODLE_31_STABLE
    • Fixed Branches:
      MOODLE_32_STABLE
    • Pull from Repository:
    • Pull Master Branch:
      MDL-56092-master

      Description

      If we want users to be able to auto-register in a site, we should implement the following methods:

      • auth_email_get_signup_settings: To get the required form element and settings (site policy, if captcha is enabled and the html code, the mandatory profile fields, the order of the name/surname fields)
      • auth_email_signup_user: To do the sign up process
      • core_auth_confirm_user: To confirm the user account (entering the received codes)

      Please, note that the confirm_user WS does not depend on the auth plugin itself, the sign up process depends completely in specific auth plugins because they can redefine some basic settings (like the sign-up form itself)

        Attachments

          Issue Links

            Activity

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                8 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:
                  Fix Release Date:
                  5/Dec/16