Commit ecfc8ff5 authored by Bertrand Gauthier's avatar Bertrand Gauthier
Browse files

Support de l'authentification locale.

parent cb8ef280
......@@ -6,11 +6,22 @@ use UnicaenAuth\Service\ShibService;
use UnicaenAuth\Service\ShibServiceFactory;
use UnicaenAuth\Service\UserContextFactory;
use UnicaenAuth\View\Helper\LdapConnectViewHelperFactory;
use UnicaenAuth\View\Helper\LocalConnectViewHelperFactory;
use UnicaenAuth\View\Helper\ShibConnectViewHelperFactory;
use UnicaenAuth\View\Helper\UserUsurpationHelperFactory;
$settings = [
/**
* Configuration de l'authentification locale.
*/
'local' => [
/**
* Possibilité ou non de s'authentifier à l'aide d'un compte local.
*/
'enabled' => true,
],
/**
* Configuration de l'authentification LDAP.
*/
......@@ -453,6 +464,7 @@ return [
'userProfileSelect' => 'UnicaenAuth\View\Helper\UserProfileSelectFactory',
'userProfileSelectRadioItem' => 'UnicaenAuth\View\Helper\UserProfileSelectRadioItemFactory',
'userUsurpation' => UserUsurpationHelperFactory::class,
'localConnect' => LocalConnectViewHelperFactory::class,
'ldapConnect' => LdapConnectViewHelperFactory::class,
'shibConnect' => ShibConnectViewHelperFactory::class,
],
......
......@@ -7,6 +7,16 @@
*/
$settings = [
/**
* Configuration de l'authentification locale.
*/
'local' => [
/**
* Possibilité ou non de s'authentifier à l'aide d'un compte local.
*/
'enabled' => true,
],
/**
* Configuration de l'authentification LDAP.
*/
......
......@@ -107,4 +107,26 @@ class AuthController extends AbstractActionController
throw new RuntimeException("Impossible d'écrire dans le storage");
}
}
public function sendPasswordRenewalMailAction()
{
// lecture email fourni
// tester email connu dans table utilisateur
// générer / enregistrer token dans table utilisateur
// envoyer mail avec lien/token
}
public function changePasswordAction()
{
// lecture token fourni
// test token fourni existe dans table utilisateur
// afficher formulaire de màj
// màj password
}
}
\ No newline at end of file
......@@ -9,6 +9,13 @@ namespace UnicaenAuth\Options;
*/
class ModuleOptions extends \ZfcUser\Options\ModuleOptions
{
/**
* Paramètres concernant l'authentification locale.
*
* @var array
*/
protected $local = [];
/**
* Paramètres concernant l'authentification LDAP.
*
......@@ -46,6 +53,25 @@ class ModuleOptions extends \ZfcUser\Options\ModuleOptions
*/
protected $entityManagerName = 'doctrine.entitymanager.orm_default';
/**
* @return array
*/
public function getLocal()
{
return $this->local;
}
/**
* @param array $local
* @return self
*/
public function setLocal(array $local)
{
$this->local = $local;
return $this;
}
/**
* Retourne les paramètres concernant l'authentification LDAP.
*
......
......@@ -327,6 +327,9 @@ EOS;
if ($this->getShibbolethSimulate()) {
return '/';
}
if ($this->getAuthenticatedUser() === null) {
return '/';
}
$logoutRelativeUrl = '/Shibboleth.sso/Logout?return='; // NB: '?return=' semble obligatoire!
......
......@@ -62,10 +62,12 @@ class LdapConnectViewHelper extends AbstractHelper
}
try {
return $this->getView()->render("ldap-connect", [
return $this->getView()->render("connect", [
'title' => null,
'enabled' => $this->enabled,
'form' => $this->form,
'redirect' => null,
'password_reset' => false,
]);
} catch (\Exception $e) {
return '<p>' . $e->getMessage() . '</p><p>' . $e->getTraceAsString() . '</p>';
......
<?php
namespace UnicaenAuth\View\Helper;
use Zend\Form\Form;
use Zend\View\Helper\AbstractHelper;
use Zend\View\Renderer\PhpRenderer;
use Zend\View\Resolver\TemplatePathStack;
/**
* Aide de vue dessinant le formulaire d'authentification locale,
* si l'authentification locale est activée.
*
* @method PhpRenderer getView()
* @author Unicaen
*/
class LocalConnectViewHelper extends AbstractHelper
{
/**
* @var bool
*/
protected $enabled = true;
/**
* @var Form
*/
protected $form;
/**
* @param bool $enabled
* @return $this
*/
public function setEnabled($enabled = true)
{
$this->enabled = $enabled;
return $this;
}
/**
* @param Form $form
* @return $this
*/
public function __invoke(Form $form)
{
$this->form = $form;
$this->getView()->resolver()->attach(
new TemplatePathStack(['script_paths' => [__DIR__ . "/partial"]])
);
return $this;
}
/**
* @return string
*/
public function __toString()
{
if (! $this->enabled) {
return '';
}
try {
return $this->getView()->render("connect", [
'title' => "Avec un compte local",
'enabled' => $this->enabled,
'form' => $this->form,
'redirect' => null,
'password_reset' => true,
]);
} catch (\Exception $e) {
return '<p>' . $e->getMessage() . '</p><p>' . $e->getTraceAsString() . '</p>';
}
}
}
\ No newline at end of file
<?php
namespace UnicaenAuth\View\Helper;
use UnicaenAuth\Options\ModuleOptions;
use Zend\View\HelperPluginManager;
class LocalConnectViewHelperFactory
{
/**
* @param HelperPluginManager $hpm
* @return LocalConnectViewHelper
*/
public function __invoke(HelperPluginManager $hpm)
{
/** @var ModuleOptions $moduleOptions */
$moduleOptions = $hpm->getServiceLocator()->get('unicaen-auth_module_options');
$config = $moduleOptions->getLocal();
$enabled = isset($config['enabled']) && (bool) $config['enabled'];
$helper = new LocalConnectViewHelper();
$helper->setEnabled($enabled);
return $helper;
}
}
\ No newline at end of file
......@@ -41,7 +41,7 @@ class ShibConnectViewHelper extends AbstractHelper
$shibUrl = $this->getView()->url('auth/shibboleth', [], ['query' => $this->getView()->queryParams()], true);
return <<<EOS
Se connecter via la
<h3 class="connect-title">Via la fédération d'identité</h3>
<a href="$shibUrl" class="btn btn-success btn-lg">Fédération d'identité Renater</a>
EOS;
}
......
......@@ -5,22 +5,30 @@ use Zend\Form\Form;
/**
* @var bool $enabled
* @var Form $form
* @var string $title
* @var string $redirect
*/
?>
<?php if ($title): ?>
<h3 class="connect-title">
<?php echo $title ?>
</h3>
<?php endif ?>
<?php echo $this->form()->openTag($form) ?>
<?php if (($errors = $this->formErrors($form))): ?>
<p><?php echo $errors ?></p>
<?php endif ?>
<p>
<p class="connect-identity">
<?php
$identity = $form->get($name = 'identity')->setAttributes(['id' => $name, 'class' => 'form-control']);
echo $this->formLabel($identity);
echo $this->formInput($identity);
?>
</p>
<p>
<p class="connect-credentials">
<?php
$identity = $form->get($name = 'credential')->setAttributes(['id' => $name, 'class' => 'form-control']);
echo $this->formLabel($identity);
......@@ -30,7 +38,9 @@ use Zend\Form\Form;
<?php if ($redirect): ?>
<input type="hidden" name="redirect" value="<?php echo $redirect ?>"/>
<?php endif ?>
<p>
<p class="connect-submit">
<?php echo $this->formButton($form->get('submit')->setAttribute('class', 'btn btn-primary')) ?>
</p>
<?php echo $this->form()->closeTag() ?>
<?php
use Zend\Form\Form;
/**
* @var bool $enabled
* @var Form $form
* @var string $title
* @var string $redirect
*/
?>
<?php if ($title): ?>
<h3 class="password-reset-title">
<?php echo $title ?>
</h3>
<?php endif ?>
<?php echo $this->form()->openTag($form) ?>
<?php if (($errors = $this->formErrors($form))): ?>
<p><?php echo $errors ?></p>
<?php endif ?>
<p class="password-reset-identity">
<?php
$identity = $form->get($name = 'identity')->setAttributes(['id' => $name, 'class' => 'form-control']);
echo $this->formLabel($identity);
echo $this->formInput($identity);
?>
</p>
<?php if ($redirect): ?>
<input type="hidden" name="redirect" value="<?php echo $redirect ?>"/>
<?php endif ?>
<p class="password-reset-submit">
<?php echo $this->formButton($form->get('submit')->setAttribute('class', 'btn btn-primary')) ?>
</p>
<?php echo $this->form()->closeTag() ?>
<?php $this->headTitle("Connexion") ?>
<?php
/**
* @var PhpRenderer $this
*
* @method LocalConnectViewHelper localConnect()
* @method LdapConnectViewHelper ldapConnect()
* @method ShibConnectViewHelper shibConnect()
*/
use UnicaenAuth\View\Helper\LdapConnectViewHelper;
use UnicaenAuth\View\Helper\LocalConnectViewHelper;
use UnicaenAuth\View\Helper\ShibConnectViewHelper;
use Zend\Form\Form;
use Zend\View\Renderer\PhpRenderer;
$this->headTitle("Connexion") ?>
<?php
/** @var Form $form */
$form = $this->loginForm;
$form->prepare();
$form->setAttributes([
......@@ -25,9 +41,10 @@ $form->setAttributes([
<div class="panel-body">
<?php
$localAuthHtml = (string) $this->localConnect($form);
$ldapAuthHtml = (string) $this->ldapConnect($form);
$shibAuthHtml = (string) $this->shibConnect($form);
echo implode('<hr>', array_filter([$ldapAuthHtml, $shibAuthHtml]));
echo implode('<hr>', array_filter([$ldapAuthHtml, $shibAuthHtml, $localAuthHtml]));
?>
</div>
</div>
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment