Unverified Commit 6e490791 authored by IKEDA Soji's avatar IKEDA Soji Committed by GitHub
Browse files

Merge pull request #424 from ikedas/issue-268-addition by ikedas

Refactoring and repairing login form
parents dd7b9fed bce46572
......@@ -314,7 +314,6 @@ nobase_default_DATA = \
web_tt2/lists.tt2 \
web_tt2/loginbanner.tt2 \
web_tt2/login_menu.tt2 \
web_tt2/loginrequest.tt2 \
web_tt2/login.tt2 \
web_tt2/ls_templates.tt2 \
web_tt2/maintenance.tt2 \
......
......@@ -435,6 +435,9 @@
[%~ ELSIF report_entry == 'user_notified' ~%]
[%|loc(report_param.notified_user)%]User %1 has been notified[%END%]
[%~ ELSIF report_entry == 'logout' ~%]
[%|loc%]You have logged out[%END%]
[%~ END ~%]
[%################~%]
......
<!-- including_lists.tt2 -->
<h2><i class="fa fa-envelope-square"></i> [%|loc(list)%]Lists including %1[%END%]</h2>
[% IF user.email ~%]
[% IF which.size ~%]
<p>[%|loc(list)%]Following lists are including list %1.[%END%]</p>
......@@ -48,9 +48,4 @@
[%~ END %]
[%~ ELSE ~%]
<article>
[% PROCESS loginrequest.tt2 %]
</article>
[%~ END %]
<!-- end including_lists.tt2 -->
<!-- login.tt2 -->
[% IF back_to_mom ~%]
<p>
[%|loc(user.email)%]You have logged in with email address %1[%END%]
</p>
[% ELSE ~%]
[%|loc(user.email)%]You have logged in with email address %1.[%END%]<br />
<h2>
<i class="fa fa-user"></i>
[% IF use_sso && use_passwd && only_passwd ~%]
[%|loc%]Login locally[%END%]
[%~ ELSE ~%]
[%|loc%]Login[%END%]
[%~ END %]
</h2>
<p>
[%|loc%]In order to perform a privileged operation (one that requires your email address), you need to login.[%END%]
</p>
[% IF use_sso && !only_passwd ~%]
<div class="row">
<div class="columns">
<form id="use-sso" action="[% path_cgi %]" method="post">
<fieldset>
<input type="hidden" name="previous_action"
value="[% previous_action %]" />
<input type="hidden" name="previous_list" value="[% previous_list %]" />
<input type="hidden" name="list" value="[% list %]" />
<input type="hidden" name="action" value="sso_login" />
<input type="hidden" name="nomenu" value="[% nomenu %]" />
[% IF sso_number == 1 ~%]
[% FOREACH server = sso ~%]
<input type="hidden" name="auth_service_name"
value="[% server.key %]" />
<button type="submit" name="action_sso_login"
value="[% server.value %]">
<i class="fa fa-user"></i> [% server.value %]
</button>
[%~ END %]
[%~ ELSE ~%]
<label for="auth_service_name">
[%|loc%]To login, select your organization authentication server below:[%END%]
</label>
<select id="auth_service_name" name="auth_service_name"
class="submitOnChange">
<option value="1" selected>---[%|loc%]Click to select[%END%]---</option>
[% FOREACH server = sso ~%]
<option value="[% server.key %]">[% server.value %]</option>
[%~ END %]
</select>
<noscript>
<button type="submit" name="action_sso_login"
value="[%|loc%]Go[%END%]">[%|loc%]Go[%END%]</button>
</noscript>
[%~ END %]
</fieldset>
</form>
</div>
</div>
[% END # IF use_sso && !only_passwd ~%]
[% IF use_passwd && use_sso && !only_passwd ~%]
<hr />
<h3>
<i class="fa fa-user"></i> [%|loc%]Login locally[%END%]
</h3>
[% END ~%]
[% IF use_passwd ~%]
<form action="[% path_cgi %]" method="post">
<fieldset>
<input type="hidden" name="previous_action" value="[% previous_action %]" />
<input type="hidden" name="previous_list" value="[% previous_list %]" />
<input type="hidden" name="only_passwd" value="[% only_passwd %]" />
<input type="hidden" name="referer" value="[% referer %]" />
<input type="hidden" name="failure_referer" value="[% failure_referer %]" />
<input type="hidden" name="list" value="[% list %]" />
<input type="hidden" name="action" value="login" />
<input type="hidden" name="nomenu" value="[% nomenu %]" />
<input type="hidden" name="submit" value="submit" />
<div class="row">
<div class="columns">
<label for="email_login">[%|loc%]email address:[%END%]</label>
<input type="text" name="email" id="email_login" size="28"
value="[% email %]" />
</div>
</div>
<div class="row">
<div class="columns">
<label for="passwd" >[%|loc%]password:[%END%]</label>
<input type="password" name="passwd" id="passwd" size="8" />
</div>
</div>
<div class="row">
<div class="columns">
<span><button class="heavyWork" type="submit" name="action_login"
value="[%|loc%]Login[%END%]">
<i class="fa fa-user"></i> [%|loc%]Go[%END%]
</button></span>
</div>
</div>
</fieldset>
</form>
[% IF authentication_info_url || ! is_ldap_user ~%]
<hr />
[% END ~%]
[% IF authentication_info_url ~%]
<ul>
<li><a class="menuLinks" href="[%authentication_info_url%]">
[%|loc%]Authentication help[% END %]
</a></li>
</ul>
[%~ ELSIF is_ldap_user ~%]
[%# No guides %]
[%~ ELSIF email ~%]
<ul>
<li><a href="[% 'firstpasswd' | url_rel([],{email=>email}) %]">
[%|loc%]First login?[%END%]
</a></li>
<li><a href="[% 'renewpasswd' | url_rel([],{email=>email}) %]">
[%|loc%]Lost password?[%END%]
</a></li>
</ul>
[%~ ELSE ~%]
<ul>
<li><a href="[% 'firstpasswd' | url_rel %]">
[%|loc%]First login?[%END%]
</a></li>
<li><a href="[% 'renewpasswd' | url_rel %]">
[%|loc%]Lost password?[%END%]
</a></li>
</ul>
[%~ END %]
[% END # IF use_passwd ~%]
[% END # IF back_to_mom ~%]
<!-- end login.tt2 -->
......@@ -6,7 +6,6 @@
<input type="hidden" name="previous_action"
value="[% previous_action %]" />
<input type="hidden" name="previous_list" value="[% previous_list %]" />
<input type="hidden" name="referer" value="[% referer %]" />
<input type="hidden" name="list" value="[% list %]" />
<input type="hidden" name="action" value="sso_login" />
[% IF sso_number == 1 ~%]
......@@ -43,16 +42,16 @@
[%~ END %]
[% IF use_passwd == '1' ~%]
[% IF action == 'loginrequest'; SET class = 'active'; END ~%]
[% IF action == 'login'; SET class = 'active'; END ~%]
<li class="[% class %]">
<form action="[% path_cgi %]" method="POST">
<fieldset>
<input type="hidden" name="previous_action" value="[% action %]" />
<input type="hidden" name="previous_list" value="[% list %]" />
[% IF use_sso ~%]
<input type="hidden" name="login_method" value="use_passwd" />
<input type="hidden" name="only_passwd" value="1" />
[%~ END %]
<span><button type="submit" name="action_loginrequest"
<span><button type="submit" name="action_login"
value="[%|loc%]Login[%END%]">
<i class="fa fa-user"></i>
[% IF use_sso ~%]
......
<!-- loginrequest.tt2 -->
<h2>
<i class="fa fa-user"></i>
[% UNLESS login_method == 'use_passwd' ~%]
[%|loc%]Login[%END%]
[%~ ELSE ~%]
[%|loc%]Login locally[%END%]
[%~ END %]
</h2>
<p>
[%|loc%]In order to perform a privileged operation (one that requires your email address), you need to login.[%END%]
</p>
[% IF use_sso && !login_method ~%]
<div class="row">
<div class="columns">
<form id="use-sso" action="[% path_cgi %]" method="post">
<fieldset>
<input type="hidden" name="previous_action"
value="[% previous_action %]" />
<input type="hidden" name="previous_list" value="[% previous_list %]" />
<input type="hidden" name="referer" value="[% referer %]" />
<input type="hidden" name="list" value="[% list %]" />
<input type="hidden" name="action" value="sso_login" />
[% IF sso_number == 1 ~%]
[% FOREACH server = sso ~%]
<input type="hidden" name="auth_service_name"
value="[% server.key %]" />
<button type="submit" name="action_sso_login"
value="[% server.value %]">
<i class="fa fa-user"></i> [% server.value %]
</button>
[%~ END %]
[%~ ELSE ~%]
<label for="auth_service_name">
[%|loc%]To login, select your organization authentication server below:[%END%]
</label>
<select id="auth_service_name" name="auth_service_name"
class="submitOnChange">
<option value="1" selected>---[%|loc%]Click to select[%END%]---</option>
[% FOREACH server = sso ~%]
<option value="[% server.key %]">[% server.value %]</option>
[%~ END %]
</select>
<noscript>
<button type="submit" name="action_sso_login"
value="[%|loc%]Go[%END%]">[%|loc%]Go[%END%]</button>
</noscript>
[%~ END %]
</fieldset>
</form>
</div>
</div>
[% IF use_passwd == '1' AND use_sso ~%]
<hr />
[%~ END %]
[%~ END # IF use_sso && !login_method %]
[% IF use_passwd == '1' ~%]
[% IF use_sso && !login_method ~%]
<h3>
<i class="fa fa-user"></i> [%|loc%]Login locally[%END%]
</h3>
[%~ END %]
<form action="[% path_cgi %]" method="post">
<fieldset>
<input type="hidden" name="previous_action" value="[% previous_action %]" />
<input type="hidden" name="previous_list" value="[% previous_list %]" />
<input type="hidden" name="referer" value="[% referer %]" />
<input type="hidden" name="list" value="[% list %]" />
<input type="hidden" name="action" value="login" />
<div class="row">
<div class="columns">
<label for="email_login">[%|loc%]email address:[%END%]</label>
<input type="text" name="email" id="email_login" size="28"
value="[% unauthenticated_email %]" />
</div>
</div>
<div class="row">
<div class="columns">
<label for="passwd" >[%|loc%]password:[%END%]</label>
<input type="password" name="passwd" id="passwd" size="8" />
</div>
</div>
<div class="row">
<div class="columns">
<span><button class="heavyWork" type="submit" name="action_login"
value="[%|loc%]Login[%END%]">
<i class="fa fa-user"></i> [%|loc%]Go[%END%]
</button></span>
</div>
</div>
</fieldset>
</form>
<hr />
<ul>
[% IF authentication_info_url ~%]
<li><a class="menuLinks" href="[%authentication_info_url%]">
[%|loc%]Authentication help[% END %]
</a></li>
[%~ ELSIF init_email ~%]
<li><a href="[% 'firstpasswd' | url_rel([],{email=>init_email}) %]">
[%|loc%]First login?[%END%]
</a></li>
<li><a href="[% 'renewpasswd' | url_rel([],{email=>init_email}) %]">
[%|loc%]Lost password?[%END%]
</a></li>
[%~ ELSE ~%]
<li><a href="[% 'firstpasswd' | url_rel %]">
[%|loc%]First login?[%END%]
</a></li>
<li><a href="[% 'renewpasswd' | url_rel %]">
[%|loc%]Lost password?[%END%]
</a></li>
[%~ END %]
</ul>
[%~ END # IF user_passwd == '1' %]
<!-- end loginrequest.tt2 -->
......@@ -28,7 +28,7 @@
[% END -%]
</head>
<body onload="[% IF back_to_mom %] setTimeout('refresh_mom_and_die()',1000);[% END %]">
<body[%IF back_to_mom%] class="backToMom"[%END%]>
[% top_menu = 1 %]
......@@ -39,7 +39,7 @@
[% IF nomenu %]
[% PROCESS error.tt2 IF errors %]
<div class="nomenu">
[% PROCESS notice.tt2 IF notices %]
[% PROCESS notice.tt2 IF notices || last_login_epoch %]
[% PROCESS "${action}.tt2" IF action %]
</div>
[% ELSE %]
......@@ -77,7 +77,7 @@
[% PROCESS nav.tt2 %]
[%~ END %]
[% PROCESS notice.tt2 IF notices %]
[% PROCESS notice.tt2 IF notices || last_login_epoch %]
[% PROCESS "${action}.tt2" IF action %]
[% PROCESS dumpvars.tt2 IF dumpvars == 'true'%]
......
<!-- my.tt2 -->
<h2><i class="fa fa-envelope-square"></i> [%|loc%]My lists[%END%]</h2>
[% IF user.email %]
<p>[%|loc%]You are subscribed to or managing the following lists.[%END%]</p>
<form class="noborder" action="[% path_cgi %]" method="post" name="suspend_request">
......@@ -62,9 +62,4 @@
</form>
[% ELSE %]
<article>
[% PROCESS loginrequest.tt2 %]
</article>
[% END %]
<!-- end my.tt2 -->
<!-- notice.tt2 -->
<div id="ephemeralMsg">
[% IF last_login_date ~%]
[% IF last_login_epoch ~%]
<div data-alert class="alert-box info radius">
<i class="fi-eye"></i>
[%|loc(last_login_host,last_login_date)%]last login from %1 (%2)[%END%]<br/>
<i class="fi-eye"></i>
[% last_login_date = BLOCK ~%]
[% last_login_epoch | optdesc('unixtime') %]
[%~ END ~%]
<p>
[%|loc(last_login_host,last_login_date)%]last login from %1 (%2)[%END%]
</p>
</div>
[%~ END%]
......
......@@ -2,16 +2,24 @@
[% SET SAFE_TO_REVEAL_EMAIL = 1 %]
[% IF account_creation %]
[%|loc%]You requested an account creation on this list server.[%END%]
<p>[%|loc%]You requested an account creation on this list server.[%END%]</p>
[% ELSIF login_error == 'wrong_password' %]
<div>[%|loc%]Unable to continue: The username / password combination provided was incorrect.[%END%]</div>
[%# Perhaps currently not used. ~%]
<h2>
<i class="fa fa-user"></i> [%|loc%]Login[%END%]
</h2>
<p>[%|loc%]Unable to continue: The username / password combination provided was incorrect.[%END%]</p>
[% SET SAFE_TO_REVEAL_EMAIL = 0 %]
[% ELSIF login_error == 'password_reset' %]
[%|loc%]Too many wrong passwords were submitted for this account. Your account has been blocked in order to protect you against attacks. You must renew your password in order to login.[%END%]
<h2>
<i class="fa fa-user"></i> [%|loc%]Login[%END%]
</h2>
<p>[%|loc%]Too many wrong passwords were submitted for this account. Your account has been blocked in order to protect you against attacks. You must renew your password in order to login.[%END%]</p>
[% ELSIF login_error == 'missing_password' %]
[%|loc%]The password was incorrect. Please try again. Perhaps you have forgotten it?[%END%]
[%# Perhaps currently not used. ~%]
<p>[%|loc%]The password was incorrect. Please try again. Perhaps you have forgotten it?[%END%]</p>
[% ELSIF login_error == 'ticket_sent' %]
[%|loc%]You will receive an email that will allow you to choose your password.[%END%]
<p>[%|loc%]You will receive an email that will allow you to choose your password.[%END%]</p>
[% ELSE %]
[% IF requestpasswd_context == 'firstpasswd' %]
<p>[%|loc%]Please enter your email address to begin the registration process.[%END%]</p>
......@@ -20,19 +28,30 @@
[% END %]
[% END %]
[% IF SAFE_TO_REVEAL_EMAIL %]
<form class="bold_label" action="[% path_cgi %]" method="post">
<fieldset>
<input type="hidden" name="referer" value="[% referer %]" />
<input type="hidden" name="action" value="sendpasswd" />
<form class="bold_label" action="[% path_cgi %]" method="post">
<fieldset>
<input type="hidden" name="previous_action" value="[% previous_action %]" />
<input type="hidden" name="previous_list" value="[% previous_list %]" />
<input type="hidden" name="action" value="requestpasswd" />
<div class="row">
<div class="columns">
<label for="email">[%|loc%]Your e-mail address:[%END%] </label>
<input id="email" type="text" name="email" size="20" value="[% unauthenticated_email %]" />
<input id="email" type="text" name="email" size="20"
value="[% email %]" />
</div>
</div>
<div class="row">
<div class="columns">
<input class="MainMenuLinks" type="submit" name="action_requestpasswd"
[% IF requestpasswd_context == 'firstpasswd' %]
value="[%|loc%]Request first password[%END%]" />
[% ELSE %]
value="[%|loc%]Request new password[%END%]" />
[% END %]
</fieldset>
</form>
</div>
</div>
</fieldset>
</form>
[% END %]
<!-- end renewpasswd.tt2 -->
......@@ -8,7 +8,6 @@
<fieldset>
<input type="hidden" name="previous_action" value="[% previous_action %]" />
<input type="hidden" name="previous_list" value="[% previous_list %]" />
<input type="hidden" name="referer" value="[% referer %]" />
<input type="hidden" name="subaction" value="validateemail" />
<input type="hidden" name="action" value="sso_login" />
<input type="hidden" name="nomenu" value="[% nomenu %]" />
......
......@@ -62,13 +62,6 @@
</li>
[%~ END %]
[% IF last_login_date ~%]
<li><span>
[%|loc(last_login_host)%]last login from %1[%END%]
&nbsp;&nbsp; ([% last_login_date %])
<span></li>
[%~ END %]
<li><a href="[% 'pref' | url_rel %]">
<i class="fa fa-cog"></i> [%|loc%]My preferences[%END%]
</a></li>
......@@ -80,11 +73,6 @@
<form action="[% path_cgi %]" method="post">
<fieldset>
<input type="hidden" name="action" value="logout" />
[% IF referer ~%]
<input type="hidden" name="referer" value="[% referer %]" />
[%~ ELSE ~%]
<input type="hidden" name="previous_action" value="[% home %]" />
[%~ END %]
<span><button class="MainMenuLinks" type="submit" name="action_logout"
value="[%|loc%]Logout[%END%]">
<i class="fa fa-power-off"></i> [%|loc%]Logout[%END%]
......
......@@ -225,7 +225,7 @@ default/web_tt2/list_panel.tt2
default/web_tt2/lists.tt2
default/web_tt2/loginbanner.tt2
default/web_tt2/login_menu.tt2
default/web_tt2/loginrequest.tt2
#default/web_tt2/loginrequest.tt2
default/web_tt2/login.tt2
default/web_tt2/ls_templates.tt2
default/web_tt2/maintenance.tt2
......
This diff is collapsed.
......@@ -1273,7 +1273,11 @@ Keyword with length up to 20 o.
=item text
Text with length up to 500 o.
Text with length up to 2000 o at minimum.
4000 o or longer is recommended.
Note:
On Sympa 6.2.36 or later, required size was 500 o.
=item longtext
......
......@@ -53,7 +53,7 @@ sub translate_type {
# ODBC
$type =~ s/^double/real/g;
$type =~ s/^enum.*/varchar(20)/g;
$type =~ s/^text.*/varchar(500)/g;
$type =~ s/^text.*/varchar(4000)/g; # varchar(500) on <= 6.2.36
$type =~ s/^longtext.*/text/g;
$type =~ s/^datetime/timestamp/g;
$type =~ s/^mediumblob/longvarbinary/g;
......
......@@ -535,7 +535,9 @@ sub translate_type {
$type =~ s/^tinyint.*/number/g;
$type =~ s/^double/number/g;
$type =~ s/^enum.*/varchar2(20)/g;
$type =~ s/^text.*/varchar2(500)/g;
# varchar2(500) on <= 6.2.36
# FIXME: Oracle 8 and later support varchar2 up to 4000 o.
$type =~ s/^text.*/varchar2(2000)/g;
$type =~ s/^longtext.*/long/g;
$type =~ s/^datetime.*/date/g;
$type =~ s/^mediumblob/blob/g;
......
......@@ -639,7 +639,7 @@ sub translate_type {
$type =~ s/^tinyint\(.*\)/int2/g;
$type =~ s/^bigint.*/int8/g;
$type =~ s/^double/float8/g;
$type =~ s/^text.*/varchar(500)/g;
$type =~ s/^text.*/text/g; # varchar(500) on <= 6.2.36
$type =~ s/^longtext.*/text/g;
$type =~ s/^datetime.*/timestamptz/g;
$type =~ s/^enum.*/varchar(15)/g;
......
......@@ -8,6 +8,9 @@
# Copyright (c) 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005,
# 2006, 2007, 2008, 2009, 2010, 2011 Comite Reseau des Universites
# Copyright (c) 2011, 2012, 2013, 2014, 2015, 2016, 2017 GIP RENATER
# Copyright 2018 The Sympa Community. See the AUTHORS.md file at the
# top-level directory of this distribution and at
# <https://github.com/sympa-community/sympa.git>.
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
......@@ -539,49 +542,38 @@ sub get_session_cookie {
## Set user $email cookie, ckecksum use $secret, expire=(now|session|#sec)
## domain=(localhost|<a domain>)
sub set_cookie {
my ($self, $http_domain, $expires, $use_ssl) = @_;
$log->syslog('debug', '(%s, %s, secure= %s)',
$http_domain, $expires, $use_ssl);
$log->syslog('debug', '(%s, %s, %s, %s)', @_);
my $self = shift;
my $dom = shift;
my $expires = shift;
my $use_ssl = shift;
$expires = $Conf::Conf{'cookie_expire'} unless defined $expires;
my $expiration;
if ($expires =~ /now/i) {
if ($expires eq '0' or $expires eq 'session') {
$expiration = '';
} elsif ($expires =~ /now/i) { #FIXME: Perhaps never used.
## 10 years ago
$expiration = '-10y';
} else {
$expiration = '+' . $expires . 'm';
}
if ($http_domain eq 'localhost') {
$http_domain = "";
}
my $value = encrypt_session_id($self->{'id_session'});
my $cookie;
if ($expires =~ /session/i) {
$cookie = CGI::Cookie->new(
-name => 'sympa_session',
-value => $value,
-domain => $http_domain,
-path => '/',
-secure => $use_ssl,
-httponly => 1
);
} else {
$cookie = CGI::Cookie->new(
-name => 'sympa_session',
-value => $value,
-expires => $expiration,
-domain => $http_domain,
-path => '/',
-secure => $use_ssl,
-httponly => 1
);
}
my $cookie = CGI::Cookie->new(
-name => 'sympa_session',
-domain => (($dom eq 'localhost') ? '' : $dom),
-path => '/',
-secure => $use_ssl,
-httponly => 1,
-value => $value,
($expiration ? (-expires => $expiration) : ()),
);
## Send cookie to the client
# Send cookie to the client.
printf "Set-Cookie: %s\n", $cookie->as_string;
return 1;
}
# Build an HTTP cookie value to be sent to a SOAP client
......@@ -681,62 +673,43 @@ sub decrypt_session_id {