Note: You are currently viewing documentation for Moodle 4.0. Up-to-date documentation for the latest stable version of Moodle may be available here: resetpassword.

resetpassword: Difference between revisions

From MoodleDocs
resetpassword
Type local
Set N/A
Downloads https://github.com/SMERKY/moodle-local_resetpassword
Issues https://github.com/SMERKY/moodle-local_resetpassword/issues
Discussion https://moodle.org/mod/forum/discuss.php?d=260912
Maintainer(s) Aaron Leggett
No edit summary
m (→‎top: clean up, typos fixed: eg → e.g.)
 
(5 intermediate revisions by one other user not shown)
Line 11: Line 11:
By posting a secure key, along with the user accounts email address, the local plugin will check against certain criteria before loggin, and sending the moodle password reset email.
By posting a secure key, along with the user accounts email address, the local plugin will check against certain criteria before loggin, and sending the moodle password reset email.


The plugin checks a series of events before allowing the password reset email to be sent.
The plugin checks a series of events before allowing the password reset email to be sent.
1 - Checks the plugin has been enabled (plugin setting disabled by default)
1 - Checks the plugin has been enabled (plugin setting disabled by default)
2 - Checks the encrypted key from the POST message matches the one stored in moodle (plugin setting)
2 - Checks the encrypted key from the POST message matches the one stored in moodle (plugin setting)
3 - Checks the user exists in the moodle user table
3 - Checks the user exists in the moodle user table
4 - Checks the user is not an admin (admins have been restricted from using this plugin for security reasons)
4 - Checks the user is not an admin (admins have been restricted from using this plugin for security reasons)


The plugin works by an external service sendding a POST request to the following plugin file
The plugin works by an external service sendding a POST request to the following plugin file
[YOUR MOODLE URL] / local / resetpassword / reset.php
[YOUR MOODLE URL] / local / resetpassword / reset.php
eg moodle.example.com/local/resetpassword/reset.php
e.g. moodle.example.com/local/resetpassword/reset.php
    
    
The file requires two variables to be posted to it.<br>
The file requires two variables to be posted to it.
e - the email address of the account<br>
e - the email address of the account.
k - the encrypted key
k - the encrypted key
    
    
The encrypted key that is posted to the file is created by concatenation of the email address and the private key (set in moodle), this is then encrypted with MD5.
The encrypted key that is posted to the file is created by concatenation of the email address and the private key (set in moodle), this is then encrypted with MD5.
eg
e = test@test.com
k = MD5('test@test.com' . 'private key')
      
      
For any further information regarding this plugin, please see the GITHUB issues or email the developer with the details below
For any further information regarding this plugin, please see the GITHUB issues or email the developer with the details below
https://github.com/SMERKY/moodle-local_resetpassword/issues
https://github.com/SMERKY/moodle-local_resetpassword/issues
aaron@aaronleggett.com
mailto:aaron@aaronleggett.com

Latest revision as of 14:41, 11 August 2022

This local plugin allows an external service to access moodles reset password functionality. By posting a secure key, along with the user accounts email address, the local plugin will check against certain criteria before loggin, and sending the moodle password reset email. 

The plugin checks a series of events before allowing the password reset email to be sent.
1 - Checks the plugin has been enabled (plugin setting disabled by default)
2 - Checks the encrypted key from the POST message matches the one stored in moodle (plugin setting)
3 - Checks the user exists in the moodle user table
4 - Checks the user is not an admin (admins have been restricted from using this plugin for security reasons)

The plugin works by an external service sendding a POST request to the following plugin file [YOUR MOODLE URL] / local / resetpassword / reset.php e.g. moodle.example.com/local/resetpassword/reset.php

The file requires two variables to be posted to it. e - the email address of the account. k - the encrypted key

The encrypted key that is posted to the file is created by concatenation of the email address and the private key (set in moodle), this is then encrypted with MD5.

For any further information regarding this plugin, please see the GITHUB issues or email the developer with the details below 

https://github.com/SMERKY/moodle-local_resetpassword/issues
mailto:aaron@aaronleggett.com
Retrieved from "https://docs.moodle.org/400/en/index.php?title=resetpassword&oldid=144000"
Powered by MediaWiki