|
| 1 | +How to user Browser-based Login and Registration |
| 2 | +================================================ |
| 3 | + |
| 4 | +Introduction |
| 5 | +------------ |
| 6 | + |
| 7 | +If your Open edX instance is set up with a custom authentication system that requires logging in |
| 8 | +via the browser, you can use the ``BROWSER_LOGIN`` and ``BROWSER_REGISTRATION`` flags to redirect |
| 9 | +login and registration to the browser. |
| 10 | + |
| 11 | +The ``BROWSER_LOGIN`` flag is used to redirect login to the browser. In this case clicking on the |
| 12 | +login button will open the authorization flow in an Android custom browser tab and redirect back to |
| 13 | +the application. |
| 14 | + |
| 15 | +The ``BROWSER_REGISTRATION`` flag is used to redirect registration to the browser. In this case |
| 16 | +clicking on the registration button will open the registration page in a regular browser tab. Once |
| 17 | +registered, the user will **not** be automatically redirected to the application. |
| 18 | + |
| 19 | +Usage |
| 20 | +----- |
| 21 | + |
| 22 | +In order to use the ``BROWSER_LOGIN`` feature, you need to set up an OAuth2 provider via |
| 23 | +``<LMS>/admin/oauth2_provider/application/`` that has a redirect URL with the following format |
| 24 | + |
| 25 | + ``<application id>://oauth2Callback`` |
| 26 | + |
| 27 | +Here application ID is the ID for the Android application and defaults to ``"org.openedx.app"``. This |
| 28 | +URI scheme is handled by the application and will be used by the app to get the OAuth2 token for |
| 29 | +using the APIs. |
| 30 | + |
| 31 | +Note that normally the Django OAuth Toolkit doesn't allow custom schemes like the above as redirect |
| 32 | +URIs, so you will need to explicitly allow the by adding this URI scheme to |
| 33 | +``ALLOWED_REDIRECT_URI_SCHEMES`` in the Django OAuth Toolkit settings in ``OAUTH2_PROVIDER``. You |
| 34 | +can add the following line to your django settings python file: |
| 35 | + |
| 36 | +.. code-block:: python |
| 37 | +
|
| 38 | + OAUTH2_PROVIDER["ALLOWED_REDIRECT_URI_SCHEMES"] = ["https", "org.openedx.app"] |
| 39 | +
|
| 40 | +Replace ``"org.openedx.app"`` with the correct id for your application. You must list all allowed |
| 41 | +schemes here, including ``"https"`` and ``"http"``. |
| 42 | + |
| 43 | +The authentication will then redirect to the browser in a custom tab that redirects back to the app. |
| 44 | + |
| 45 | +NOTE: If a user logs out from the application, they might still be logged in, in the browser. |
0 commit comments