We would like to create an external multi-site login feature.
The idea is to create an external “site” table with redirects to each installed site in it. The goal is to allow a user to enter a site id, username and password, this should send the user to their site and log them in automatically.
We have the multi-site login scenario at http://www.tajemo.co.za/site_login/ (try username: demo password: pass) this allows us to have “complex” URLs without needing to tell the client what they are, it also meens we can change URL’s without the need to inform the client’s
We are now trying to integrate OpenEMR login with this feature, is there a login API that we can use ?
If not, how is the session variable “authPass” created ? we can set the Session variables and redirect to <url>/interface/main/main_screen.php?auth=login&site=<siteName> with the sessions set if that is better.
we would prefer not to send the unencoded password around wherever possible.
So here is the logic, user goes to <ourURL>/sitelogin.php enters siteID, userName, Password.
if site exists in our Sites table, redirect to <siteURL>/login.php?u=<username>&p=<encodedpassword>
any better suggestions are welcome, if this is a usefull feature we would like to contribute it once we are done.
The idea is to allow for multiple domain’s, having the user redirected to the domain for their site.
This would allow for much easier maintenance over multiple domains.
- If a site’s url should ever change, we can just change the redirect
- easier url’s for clients to remember - <HostDomain>/login/ (or some such domain) - see http://www.tajemo.co.za/site_login/ for an idea (site id= demo password = pass)
the admin.php file lists all installed sites for a mulitple site installation, I would prefer for the users not to have that information if possible.
Have done some homework and getting close to a solution, if I find one, will upload code to GIT.
Is there a way to simply leverage the current login screen and have this controlled in Administration->Globals ?
For example, in the normal login screen, could place a Selector above the login screen to choose the Site ID. To prettify the Selector could even make a file ‘name’ in each sites/* which simply lists the Title that will show up in the Selector. This way the selector could populate with the dirs in sites as the values and the string in the name file as the titles. And the display of the selector could be controlled by a global, such as ‘Turn on multisite selector’ (or something like that) from the default site instance (actually could be on any (and all) instances where the users land). Although I don’t think this can support multiple domains, it should make the logging into of different sites instances of happen from one login page.
Hi,
To expand above, could also have an option to force free text entry of the site id rather than the selector if you don’t want the users to see the other sites.
-brady
while I like the idea of intergrating with the login, it only allows for a single server situation, if a EMR Solution Provider has multiple servers, then I thought of having a single login mechanism for all servers.