1<?php
2// This file is part of Moodle - http://moodle.org/
3//
4// Moodle is free software: you can redistribute it and/or modify
5// it under the terms of the GNU General Public License as published by
6// the Free Software Foundation, either version 3 of the License, or
7// (at your option) any later version.
8//
9// Moodle is distributed in the hope that it will be useful,
10// but WITHOUT ANY WARRANTY; without even the implied warranty of
11// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
12// GNU General Public License for more details.
13//
14// You should have received a copy of the GNU General Public License
15// along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
16// phpcs:disable moodle.Files.RequireLogin.Missing
17// phpcs:disable moodle.PHP.ForbiddenFunctions.Found
18
19/**
20 * Login end point for Behat tests only.
21 *
22 * @package    core_auth
23 * @category   test
24 * @author     Guy Thomas
25 * @copyright  2021 Class Technologies Inc. {@link https://www.class.com/}
26 * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
27 */
28require(__DIR__.'/../../../config.php');
29require_once("{$CFG->dirroot}/login/lib.php");
30
31$behatrunning = defined('BEHAT_SITE_RUNNING') && BEHAT_SITE_RUNNING;
32if (!$behatrunning) {
33    redirect(new moodle_url('/'));
34}
35
36$username = required_param('username', PARAM_ALPHANUMEXT);
37$wantsurl = optional_param('wantsurl', null, PARAM_URL);
38
39if (isloggedin()) {
40    // If the user is already logged in, log them out and redirect them back to login again.
41    require_logout();
42    redirect(new moodle_url('/auth/tests/behat/login.php', [
43        'username' => $username,
44        'wantsurl' => (new moodle_url($wantsurl))->out(false),
45    ]));
46}
47
48// Note - with behat, the password is always the same as the username.
49$password = $username;
50
51$failurereason = null;
52$user = authenticate_user_login($username, $password, true, $failurereason, false);
53if ($failurereason) {
54    switch($failurereason) {
55        case AUTH_LOGIN_NOUSER:
56            $reason = get_string('invalidlogin');
57            break;
58        case AUTH_LOGIN_SUSPENDED:
59            $reason = 'User suspended';
60            break;
61        case AUTH_LOGIN_FAILED:
62            $reason = 'Login failed';
63            break;
64        case AUTH_LOGIN_LOCKOUT:
65            $reason = 'Account locked';
66            break;
67        case AUTH_LOGIN_UNAUTHORISED:
68            $reason = get_string('unauthorisedlogin', 'core', $username);
69            break;
70        default:
71            $reason = "Unknown login failure: '{$failurereason}'";
72            break;
73
74    }
75
76    // Note: Do not throw an exception here as we sometimes test that login does not work.
77    // Exceptions are automatic failures in Behat.
78    \core\notification::add($reason, \core\notification::ERROR);
79    redirect(new moodle_url('/'));
80}
81
82if (!complete_user_login($user)) {
83    throw new Exception("Failed to login as behat step for $username");
84}
85
86if (empty($wantsurl)) {
87    $wantsurl = core_login_get_return_url();
88}
89redirect(new moodle_url($wantsurl));
90