Limiting User Accounts to Login Locations

Is it possible to limit users to specific login locations?

Use Case: OpenMRS being used to capture information for clients in multiple clinics, the entry of information in each clinic is done by specific users. The users cannot (should not be able to change) the location they are logging into (requires removal of locations on the login page too)

Thoughts, comments and approaches are welcome

Am not aware of any such existing functionality.

As for approaches, you could do this in a module where you store login locations for each user in the user_property table via User.setUserProperty(name, value). Then on login, after Context.authenticate() succeeds, you do an extra check if the session location is among the user properties. That is after this line:

@ssmusoke, in the past @mseaton has pushed for removing Login Location from the login screen, and I would generally approve of making this change as part of the reference application itself.

E.g. the login screen just has username/password. If you successfully enter those, the next screen can show you available login locations (and it can use user details to do this, in addition to the current cookie value for last login location). Once you choose this, you’re then taken to the home screen. (To keep the workflow fast, you should be able to select the most recent location, or the recommended location, just by pressing enter.)

Mike’s preference was actually to just take you to the home page without specifying a location, and from there you can optionally set one, but some apps could be accessed with no location. You’d want to do some analysis about which of these works better for real users before committing us to one direction or the other.

Interested in taking this on as a new reference application feature?

@darius Yes I am and also looking to add this to the Conference Hackathon for a proof of concept see