Portal: Patient Login Bug

ophthal · January 22, 2021, 8:06pm

Patient is assigned credentials and tries to login.

Data sent to server via post to portal/get_patient_info.php

uname=Lulus3374&pass=v3PdO%23%25b4%40XK&passaddon=Users%40gmail.com&languageChoice=1

Script at line 112 is executed.
$sql = “SELECT " . implode(”,", array(
COL_ID, COL_PID, COL_POR_PWD, COL_POR_SALT, COL_POR_USER, COL_POR_LOGINUSER, COL_POR_PWD_STAT)) . " FROM " . TBL_PAT_ACC_ON .
" WHERE " . COL_POR_LOGINUSER . “= ?”;

However COL_POR_LOGINUSER is defined as “portal_login_username” but the value provided to this query is $_POST[‘uname’]. It should be $_POST[‘passaddon’] or COL_POR_LOGINUSER should be defined as “portal_username”. The next line looks to update password and uses ‘COL_POR_USER . “= $_POST[‘uname’].”;’ So I am not sure what is correct.

Changing

‘DEFINE(“COL_POR_LOGINUSER”, “portal_login_username”);’

to

‘DEFINE(“COL_POR_LOGINUSER”, “portal_username”);’

works…

sjpadgett · January 22, 2021, 9:37pm

Don’t know what to say. This works and has been for awhile.
The 5.0.1 upgrade added the portal_login_username and reset the portal_pwd_status to force existing patients to have to get new credentials.

We now use the old username as the patients portal account id and now the patients login username is the new portal_login_username. This defaults to a unique email address from patients contact email or trusted email. If by chance patient email is duplicated by say, another family member then, pid or table id(forget which) is appended to username email. i.e sjpadgett509@gmail.com

I just re-tested a patient login reset and tested email onetime.

Somehow you’ve missed something in upgrades as I applied my patch and tested. I wouldn’t modify any login code as it gets sort of involved with all the new security stuff which is intentionally confusing. Even after Brady and I spent many days on portal security, I still have to scratch my head.

I’m not saying there couldn’t be a bug however, this has been working well.

Sorry you’re having difficulty!

ophthal · January 23, 2021, 3:39pm

OK I hear you. I see it works for generating new credentials, for patients new to portal use. Resetting credentials on prior portal users is the problem on my server and since the only active portal users were test patients I am not going to worry about it.

With this new login mechanism, where login is the email, is there any need for “On File E-Mail Address” in the login process?

Also, I see work on OAuth2 for OpenEMR itself…

Does portal plan to incorporate gmail/github/facebook OAuth2 authentication for patients? That would be cool too.

sjpadgett · January 23, 2021, 5:02pm

You can turn the Email for login requirement off in globals. It is there as extra security.
Although we default to using patient email as a username, the patient can change their username to anything they want in the portal or using reset at login screen. It just needs to meet certain char requirements.

We now have our own OAuth/OICD/SMART server so I may add that to login. We also have implemented Rods MFA in server authentication as well.

I’m still not convinced using third party identity servers is a good idea. However, i’m old school and maybe one of the more hip devs will want to do.