Is possible to create a public action non protected by login

More
1 year 2 months ago #186471 by LaCaraB
I'm implementing a plugin and I need to process a POST parameter generated by a 3rd party service in a view.

I have 2 alternatives:

- Process it in the authentication view.

Problem: CSRF issues since this view request a CSRF Token that the IdP ignores. Disable this check on the authentication login is not possible due security implications.


- Process it in a public view.

Problem: Right now I don't know how to create at the plugin an action where non logged users can access without being redirected to login view.

Can anyone share how create a such public action?
The topic has been locked.
LimeSurvey Partners
More
1 year 2 months ago #186473 by gabrieljenik
Hi,

I believe the unsecureRequest event could fit what you need, but to be honest, I don't remember an example of usage...

Solutions, code and workarounds presented in these forums are given without any warranty, implied or otherwise.

Checkout our Reporting Solutions and our plugin shop at www.encuesta.biz .

The topic has been locked.
More
1 year 2 months ago #186478 by DenisChenu

Assistance on LimeSurvey forum and LimeSurvey core development are on my free time.
I'm not a LimeSurvey GmbH member, professional service on demand , plugin development . I don't answer to private message.
The topic has been locked.

Start now!

Just create your account and start using Limesurvey today.

Register now