Added mirror

.github/workflows/main.yml

@@ -0,0 +1,17 @@
+name: Workflow
+
+on: [push]
+
+jobs:
+  mirror:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v3
+      with:
+        fetch-depth: 0
+
+    - uses: yesolutions/mirror-action@master
+      with:
+        REMOTE: 'https://git.popov.link/moodle/auth_token.git'
+        GIT_USERNAME: ${{ secrets.GIT_USERNAME }}
+        GIT_PASSWORD: ${{ secrets.GIT_PASSWORD }}

CONTRIBUTING.md

@@ -0,0 +1,12 @@
+# Contributing
+
+We love pull requests from everyone.
+By participating in this project, you agree to abide by the
+[code of conduct](https://opensource.guide/how-to-contribute).
+
+Some things that will increase the chance that your pull request is accepted:
+* Write tests.
+* Follow our
+[style guide](https://docs.moodle.org/dev/Coding_style).
+* Write a
+[good commit message](http://tbaggery.com/2008/04/19/a-note-about-git-commit-messages.html).

README.md

@@ -1,8 +1,37 @@
-# Authorization by tokens
+# Authorization by token's
 
-User authorization module.
+[![GitHub Release](https://img.shields.io/github/release/valentineus/moodle-auth_token.svg)](https://github.com/valentineus/moodle-auth_token/releases)
+[![Build Status](https://travis-ci.org/valentineus/moodle-auth_token.svg?branch=master)](https://travis-ci.org/valentineus/moodle-auth_token)
+[![Codacy Badge](https://api.codacy.com/project/badge/Grade/20fe9989b8a04887a53c67d8b87e33d1)](https://www.codacy.com/app/valentineus/moodle-auth_token)
+[![Gitter Badge](https://badges.gitter.im/Join%20Chat.svg)](https://gitter.im/moodle-tool_managertokens/auth_token)
 
-**The plugin is in active development.**
+Token-based authentication (also known as
+[JSON Web Token authentication](https://jwt.io/))
+is a new way of handling authentication of users in applications.
+It is an alternative to
+[session-based authentication](https://security.stackexchange.com/questions/81756/).
+
+The most notable difference between the session-based and token-based authentication is that former relies heavily on the server.
+A record is created for each logged-in user.
+
+Token-based authentication is stateless - it does not store anything on the server but creates a unique encoded token that gets checked every time a request is made.
+
+Unlike session-based authentication, a token approach would not associate a user with login information but with a unique token that is used to carry client-host transactions.
+Many applications, including Facebook, Google, and GitHub, use the token-based approach.
+
+## Requirements
+
+* **PHP**: 5.6.32+;
+* **Moodle**: 3.2+;
+* **Plug-ins**:
+    * [tool_managertokens](https://github.com/valentineus/moodle-tool_managertokens);
+
+## Documentation
+
+* [Install the plugin](docs/getting-started.md#installation);
+* [User's Manual](docs/getting-started.md#users-manual);
+* [Bug Tracker](https://github.com/valentineus/moodle-auth_token/issues);
+* [Contributing](CONTRIBUTING.md);
 
 ## License
 

auth.php

@@ -36,7 +36,7 @@ class auth_plugin_token extends auth_plugin_base {
      */
     public function __construct() {
         $this->authtype = "token";
-        $this->config = get_config("auth_token");
+        $this->config   = get_config("auth_token");
     }
 
     /**
@@ -138,27 +138,22 @@ class auth_plugin_token extends auth_plugin_base {
      * This method is called from login/index.php page for all enabled auth plugins.
      */
     public function loginpage_hook() {
+        global $USER;
+
         if ($token = $this->definition_token()) {
-            if ($user = $this->definition_user($token)) {
+            if (isloggedin()) {
+                tool_managertokens_perform_additional_action($token, $USER);
+                $this->redirect_user();
+            }
+
+            if ($user = tool_managertokens_definition_user($token)) {
                 complete_user_login($user);
-                $this->additional_actions($token);
+                tool_managertokens_perform_additional_action($token, $user);
+                $this->redirect_user();
             }
         }
     }
 
-    /**
-     * Executes additional conditions and redirects the user.
-     *
-     * @param object $token
-     */
-    private function additional_actions($token) {
-        if ($token->extendedaction == "redirect") {
-            $this->redirect_user($token->extendedoptions);
-        }
-
-        $this->redirect_user();
-    }
-
     /**
      * Indicates the transmitted token, if any.
      *
@@ -170,36 +165,18 @@ class auth_plugin_token extends auth_plugin_base {
         return $token;
     }
 
-    /**
-     * Identifies the user who owns the token.
-     *
-     * @param  object $token
-     * @return object
-     */
-    private function definition_user($token) {
-        $user = false;
-
-        if ($token->targettype == "user") {
-            $user = core_user::get_user($token->targetid);
-        }
-
-        return $user;
-    }
-
     /**
      * Redirects the user.
      *
      * @param string $url
      */
-    private function redirect_user($url = "") {
+    private function redirect_user() {
         global $CFG, $SESSION;
 
-        $wantsurl = optional_param("wantsurl", "", PARAM_URL);
+        $wantsurl = optional_param("wantsurl", null, PARAM_URL);
         $redirect = $CFG->wwwroot;
 
-        if (!empty($url)) {
-            $redirect = new moodle_url($url);
-        } else if (isset($SESSION->wantsurl)) {
+        if (isset($SESSION->wantsurl)) {
             $redirect = $SESSION->wantsurl;
         } else if (!empty($wantsurl)) {
             $redirect = $wantsurl;

build.sh

@@ -1,7 +1,7 @@
 #!/bin/sh
 # Author:       Valentin Popov
 # Email:        info@valentineus.link
-# Date:         2017-12-02
+# Date:         2017-12-15
 # Usage:        /bin/sh build.sh
 # Description:  Build the final package for installation in Moodle.
 
@@ -12,9 +12,10 @@ export PATH="$PATH:/usr/local/scripts"
 # Build the package
 cd ..
 mv "./moodle-auth_token" "./auth_token"
-zip -9 -r "auth_token.zip" "auth_token" \
-        -x "auth_token/.git*"           \
-        -x "auth_token/.travis.yml"     \
+zip -9 -r "auth_token.zip" "auth_token"  \
+        -x "auth_token/.git*"            \
+        -x "auth_token/.travis.yml"      \
+        -x "auth_token/.CONTRIBUTING.md" \
         -x "auth_token/build.sh"
 
 # End of work

docs/getting-started.md

@@ -0,0 +1,54 @@
+# Getting Started
+
+## Navigation
+
+* [Installation](#installation);
+    * [Build](#build);
+* [User's Manual](#users-manual);
+
+## Installation
+
+Get the installation package in any of the available methods:
+
+* [GitHub Releases](https://github.com/valentineus/moodle-auth_token/releases).
+* [Compilation from the source code](#build).
+
+### Build
+
+Self-assembly package is as follows:
+
+* Clone the repository:
+```bash
+git clone https://github.com/valentineus/moodle-auth_token.git moodle-auth_token
+```
+
+* Run the build script:
+```bash
+cd ./moodle-auth_token
+/bin/sh build.sh
+```
+
+## User's Manual
+
+An authentication plug-in is a method of handling user authentication to Moodle when users log into your site.
+You can have one or more methods as the same time enabled on your site, but each user can only use one method of authentication at a time.
+
+You must enable and configure the method, as you need for your users in `Site administration` > `Plugins` > `Authentication` > `Manage authentication`.
+Note that the order of processing on this page does matter and after `manual` and `nologin`, you should next put the method that most users will have.
+
+![Manage authentication](screenshots/manageauths.jpg)
+
+The authentication plug-in has no configuration.
+This means that the third-party plug-in is responsible for setting the keys.
+
+**Note**:
+Users will not receive any error or other message when they try to log in but it simply will not allow them in.
+
+To authenticate a user, create a link for it:
+
+```Text
+/login/index.php?token=secret
+```
+
+The authentication plug-in does not add graphical forms to the user.
+This means that custom forms are created by developers for a particular task.

lang/en/auth_token.php

@@ -15,11 +15,11 @@
 // along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
 
 /**
- * Strings for component "auth_token", language "en".
+ * Strings for component 'auth_token', language 'en'.
  *
  * @package   auth_token
  * @copyright 2017 "Valentin Popov" <info@valentineus.link>
  * @license   http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
  */
 
-$string["pluginname"] = "Authorization by tokens";
+$string["pluginname"] = "Authorization by token's";

version.php

@@ -25,8 +25,8 @@
 defined("MOODLE_INTERNAL") || die();
 
 $plugin->component    = "auth_token";
-$plugin->dependencies = array( "tool_managertokens" => 2017120200 );
+$plugin->dependencies = array( "tool_managertokens" => 2017120300 );
 $plugin->maturity     = "MATURITY_RC";
-$plugin->release      = "0.1.0 (Build: 2017120200)";
-$plugin->requires     = 2017120200;
-$plugin->version      = 2016112900;
+$plugin->release      = "0.2.1 (Build: 2017121500)";
+$plugin->requires     = 2016112900;
+$plugin->version      = 2017121500;