Even if i am a Sysadmin, i like to do web things (possibly challenging), and this time, it’s time to make wordpress authentication work on moodle too.
Scenario:
Wordpress installation and Moodle installation.
We are going to use the WordPress database in order to authenticate users within Moodle. Thus, we can sell courses using wordpress ecommerce plugin and have instant access from customers.
Wordpress installation and Moodle installation.
We are going to use the WordPress database in order to authenticate users within Moodle. Thus, we can sell courses using wordpress ecommerce plugin and have instant access from customers.
The two sites are on the very same machine but on different domains (actually WordPress is in the “www.domain.tld” and “*.domain.tld” subdomains and Moodle is on another subdomain (courses.domain.tld) so we need to authenticate users in both sites using the very same database and table.
The Problem: The Moodle external autentication plugin does not work with WordPress authentication out of the box, instead, it will need a couple of modification very easy to be made, don’t worry, even for a non php skilled person.
We will come back on this later on this post.
We will come back on this later on this post.
Let’s start our 20 minutes modification!
Shop list:
- WordPress Version 3.4.2
- WordPress database informations
- Moodle Version 2.0
- Moodle External Database Authentication Plugin (already in the Moodle defaultinstallation)
- Some coding so, all stuff for ftp things/sftp/ssh things and a decent text editor with some failsafe feature (save a copy before modify etc)
That’s enough to start working on.
Once installed the two systems, you will have to properly configure the external database authentication plugin on Moodle platform. To do this you have to authenticate yourself as site administrator, then on the menubar choose and click on “Site Administration” -> “Plugin” -> “Authentication” -> “Manage Authentication”.
You can use the provided image on the left to quickly find out the links path needed to get there.
Once there you will see a list of all authentication plugin, their status (active or inactive) their priority order and their “settings” link.As you can see in the image below, you have to enable and prioritize the plugin in order to make it work. You probably want to disable the self-registration (see picture in bottom part) feature in order to prevent user to signup using moodle platform because, otherwise, all users created within Moodle will not be able to authenticate themselves against WordPress.
Once you have done, let’s click on the “Setting” link and let’s try to configure this plugin at it best.
We have to enter all info used by Moodle to read the WordPress database.
Fields are:
Fields are:
- Host, in my case i will use “localhost” and probably you too unless your db is hosted on a different machine, in that case you have to use the Hostname or ip address of that machine
- Database, in my case “mysqli” (Please, notice the trailer “i” – mysqli and notmysql).
- Use sybase quotes, we do not need this to be on so we will leave it on “NO“
- Db name, the name of your wordpress database (get it from wp-config.php)
- Db User, mysql user that can access WordPress db tables
- Db Password, mysql password for mysql user
- Table, the name of the table where username/passwords are stored. The most of the time is “wp_users” unless you changed your table prefix
- Username Field, the field containing the username, for WordPress: “user_login”
- Password Field the field containing the password for username for WordPress: “user_pass”.
- Password Format, we should choose “wordpress” format but there is no such option in this drop down, so what? we will solve this later, don’t worry
- External db encoding, i use “UTF-8″
- SQL setup command, you can leave it blank
- Debug ADOdb, choose “NO“
- Password-change URL, we use the wordpress password recovery page link
These are the needed field to make this thing work, if you want more integration, you can configure the part named “cron syncronization script” and sync information such as first name, surname, user preferences and so.
But now we have to stay focused on the missing dropdown item and find a way to get it out of there.
We need to modify the file in /auth/db/config.html and change this (at line 190)
$passtype = array();
$passtype["plaintext"] = get_string("plaintext", "auth");
$passtype["md5"] = get_string("md5", "auth");
$passtype["sha1"] = get_string("sha1", "auth");
$passtype["internal"] = get_string("internal", "auth");
echo html_writer::select($passtype, "passtype", $config->passtype, false);
to this
$passtype = array();
$passtype["plaintext"] = get_string("plaintext", "auth");
$passtype["md5"] = get_string("md5", "auth");
$passtype["sha1"] = get_string("sha1", "auth");
$passtype["internal"] = get_string("internal", "auth");
$passtype["wordpress"] = "wordpress";
echo html_writer::select($passtype, "passtype", $config->passtype, false);
This modification will make “WordPress” authentication drop down item available, but still not working.
We need to process the password with this class: class-phpass.php [Phpass Website].
This class, can actually process passwords the same way wordpress does, so this is the missing link to make sso work.
Just copy the file class-phpass.php in your /moodle/lib folder
We need to process the password with this class: class-phpass.php [Phpass Website].
This class, can actually process passwords the same way wordpress does, so this is the missing link to make sso work.
Just copy the file class-phpass.php in your /moodle/lib folder
require_once($CFG->libdir."/class-phpass.php");
.
To make our modifications work we need to add a few lines of code to the file /auth/db/auth.php, it’s easy. Open the file and go about line 90, you should see something like this:
To make our modifications work we need to add a few lines of code to the file /auth/db/auth.php, it’s easy. Open the file and go about line 90, you should see something like this:
if ($this->config->;passtype === 'md5') { // Re-format password accordingly
$extpassword = md5($extpassword);
} else if ($this->config->;passtype === 'sha1') {
$extpassword = sha1($extpassword);
}
Now, let’s do our final modification and right after the lines here, add this code:
else if ($this->config->passtype === 'wordpress') {
$hash =new PasswordHash(8, false);
$rs = $authdb->Execute("SELECT * FROM {$this->config->table}
WHERE {$this->config->fielduser} = '".$this->ext_addslashes($extusername)."'");
$check = $hash->CheckPassword( $extpassword, $rs->fields["user_pass"]);
return $check;
}
If you are so lazy as i am, you can download a copy of both file here, but i strongly suggest you to make modification by hand because time goes by and releases change.
Now, finally we can come back to the settings page ad add “WordPress” as “Passwordformat“.
All you have to do to try if this works, is to logout from wordpress, signup intowordpress as new user, and then go and authenticate with the same credentials against Moodle. If all work you will be redirected to the user profile page on moodlewhere you can complete your profile with your informations.
No comments:
Post a Comment