Index: openacs-4/packages/openacs-bootstrap3-theme/resources/templates/packages/acs-subsite/lib/login.tcl =================================================================== RCS file: /usr/local/cvsroot/openacs-4/packages/openacs-bootstrap3-theme/resources/templates/packages/acs-subsite/lib/login.tcl,v diff -u -N -r1.4.2.2 -r1.4.2.3 --- openacs-4/packages/openacs-bootstrap3-theme/resources/templates/packages/acs-subsite/lib/login.tcl 10 Jul 2019 16:31:05 -0000 1.4.2.2 +++ openacs-4/packages/openacs-bootstrap3-theme/resources/templates/packages/acs-subsite/lib/login.tcl 10 Jul 2019 16:40:08 -0000 1.4.2.3 @@ -29,8 +29,8 @@ set self_registration [parameter::get_from_package_key \ -package_key acs-authentication \ - -parameter AllowSelfRegister \ - -default 1] + -parameter AllowSelfRegister \ + -default 1] if { $subsite_id eq "" } { set subsite_id [subsite::get_element -element object_id] } @@ -52,11 +52,8 @@ } } - - - # Persistent login -# The logic is: +# The logic is: # 1. Allowed if allowed both site-wide (on acs-kernel) and on the subsite # 2. Default setting is in acs-kernel @@ -103,11 +100,11 @@ -show_required_p 0 \ -edit_buttons $login_button \ -action "[subsite::get_url]register/" -form { - {return_url:text(hidden)} - {time:text(hidden)} - {host_node_id:text(hidden),optional} - {token_id:integer(hidden)} - {hash:text(hidden)} + {return_url:text(hidden)} + {time:text(hidden)} + {host_node_id:text(hidden),optional} + {token_id:integer(hidden)} + {hash:text(hidden)} } set username_widget text @@ -118,9 +115,9 @@ set focus {} if { [auth::UseEmailForLoginP] } { ad_form -extend -name login \ - -form [list [list email:text($username_widget),nospell \ - [list label [_ acs-subsite.Email]:] \ - {html {style "width: 300px" class "form-control"}}]] + -form [list [list email:text($username_widget),nospell \ + [list label [_ acs-subsite.Email]:] \ + {html {style "width: 300px" class "form-control"}}]] set user_id_widget_name email if { $email ne "" } { set focus "password" @@ -130,8 +127,8 @@ } else { if { [llength $authority_options] > 1 } { ad_form -extend -name login -form { - {authority_id:integer(select) - {label "[_ acs-subsite.Authority]:"} + {authority_id:integer(select) + {label "[_ acs-subsite.Authority]:"} {options $authority_options} } } @@ -151,9 +148,9 @@ set focus "login.$focus" ad_form -extend -name login -form { - {password:text(password) + {password:text(password) {label "[_ acs-subsite.Password]:"} - {html {style "width: 300px" class "form-control" autocomplete "new-password"}} + {html {style "width: 300px" class "form-control" autocomplete "new-password"}} } } @@ -168,7 +165,7 @@ } ad_form -extend -name login -form { - {ok:text(submit) + {ok:text(submit) {html {class "btn btn-default"}} } } @@ -182,7 +179,7 @@ # after a user logs out and relogin by using the cached password in # the browser. We generate a unique hashed timestamp so that users # cannot use the back button. - + set time [ns_time] set token_id [sec_get_random_cached_token_id] set token [sec_get_token $token_id] @@ -198,15 +195,15 @@ # Check timestamp set token [sec_get_token $token_id] set computed_hash [ns_sha1 "$time$token_id$token"] - + set expiration_time [parameter::get -parameter LoginPageExpirationTime -package_id [ad_acs_kernel_id] -default 600] - if { $expiration_time < 30 } { + if { $expiration_time < 30 } { # If expiration_time is less than 30 seconds, it's practically impossible to login # and you will have completely hosed login on your entire site set expiration_time 30 } - if { $hash ne $computed_hash || + if { $hash ne $computed_hash || $time < [ns_time] - $expiration_time } { ad_returnredirect -message [_ acs-subsite.Login_has_expired] -- [export_vars -base [ad_conn url] { return_url }] ad_script_abort @@ -216,7 +213,7 @@ set persistent_p "f" } if {![element exists login email]} { - set email [ns_queryget email ""] + set email [ns_queryget email ""] } set first_names [ns_queryget first_names ""] set last_name [ns_queryget last_name ""] @@ -235,9 +232,9 @@ -last_name $last_name \ -username [string trim $username] \ -password $password \ - -host_node_id $host_node_id \ + -host_node_id $host_node_id \ -persistent=[expr {$allow_persistent_login_p && [template::util::is_true $persistent_p]}]] - + # Handle authentication problems switch $auth_info(auth_status) { ok { @@ -264,47 +261,47 @@ # Continue below } default { - # if element_messages exists we try to get the element info - if {[info exists auth_info(element_messages)] - && [auth::authority::get_element \ - -authority_id $authority_id \ - -element allow_user_entered_info_p]} { - foreach message [lsort $auth_info(element_messages)] { - ns_log notice "LOGIN $message" - switch -glob -- $message { - *email* { - if {[element exists login email]} { - set operation set_properties - } else { - set operation create - } - element $operation login email -widget $username_widget -datatype text -label [_ acs-subsite.Email] - if {[element error_p login email]} { - template::form::set_error login email [_ acs-subsite.Email_not_provided_by_authority] - } - } - *first* { - element create login first_names -widget text -datatype text -label [_ acs-subsite.First_names] - template::form::set_error login email [_ acs-subsite.First_names_not_provided_by_authority] - } - *last* { - element create login last_name -widget text -datatype text -label [_ acs-subsite.Last_name] - template::form::set_error login last_name [_ acs-subsite.Last_name_not_provided_by_authority] - } - } - } - set auth_info(account_message) "" - - ad_return_template - - } else { - # Display the message on a separate page - ad_returnredirect \ - -message $auth_info(account_message) \ - -html \ - [export_vars -base "[subsite::get_element -element url]register/account-closed"] - ad_script_abort - } + # if element_messages exists we try to get the element info + if {[info exists auth_info(element_messages)] + && [auth::authority::get_element \ + -authority_id $authority_id \ + -element allow_user_entered_info_p]} { + foreach message [lsort $auth_info(element_messages)] { + ns_log notice "LOGIN $message" + switch -glob -- $message { + *email* { + if {[element exists login email]} { + set operation set_properties + } else { + set operation create + } + element $operation login email -widget $username_widget -datatype text -label [_ acs-subsite.Email] + if {[element error_p login email]} { + template::form::set_error login email [_ acs-subsite.Email_not_provided_by_authority] + } + } + *first* { + element create login first_names -widget text -datatype text -label [_ acs-subsite.First_names] + template::form::set_error login email [_ acs-subsite.First_names_not_provided_by_authority] + } + *last* { + element create login last_name -widget text -datatype text -label [_ acs-subsite.Last_name] + template::form::set_error login last_name [_ acs-subsite.Last_name_not_provided_by_authority] + } + } + } + set auth_info(account_message) "" + + ad_return_template + + } else { + # Display the message on a separate page + ad_returnredirect \ + -message $auth_info(account_message) \ + -html \ + [export_vars -base "[subsite::get_element -element url]register/account-closed"] + ad_script_abort + } } } } -after_submit { @@ -314,12 +311,18 @@ # Handle account_message if { [info exists auth_info(account_message)] && $auth_info(account_message) ne "" } { ad_returnredirect [export_vars -base "[subsite::get_element -element url]register/account-message" { - { message $auth_info(account_message) } return_url - }] + { message $auth_info(account_message) } return_url + }] ad_script_abort } elseif {![info exists auth_info(element_messages)]} { - # No message - ad_returnredirect $return_url - ad_script_abort + # No message + ad_returnredirect $return_url + ad_script_abort } } + +# Local variables: +# mode: tcl +# tcl-indent-level: 4 +# indent-tabs-mode: nil +# End: