Commit 896e64b7 authored by Eric Davis's avatar Eric Davis

Added the ability to login via OpenID.

* Refactored AccountController#login to use either
  password or openid based authentication
* Extracted AccountController#successful_authentication
  to setup a user's session cookies and redirect
* Implemented the start of AccountController#open_id_authentication
  which will check with the OpenID server and perform authentication.
* Added text field for the OpenID url to /login
* Added identity_url for OpenID to the user forms.
* Added option to login with OpenID to the register form.
* Added a root url route, which is used by the OpenID plugin

  #699

git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@2442 e93f8b46-1217-0410-a6f0-8f06a7374b81
parent a4e6e13b
......@@ -46,24 +46,10 @@ class AccountController < ApplicationController
self.logged_user = nil
else
# Authenticate user
user = User.try_to_login(params[:username], params[:password])
if user.nil?
# Invalid credentials
flash.now[:error] = l(:notice_account_invalid_creditentials)
elsif user.new_record?
# Onthefly creation failed, display the registration form to fill/fix attributes
@user = user
session[:auth_source_registration] = {:login => user.login, :auth_source_id => user.auth_source_id }
render :action => 'register'
unless using_open_id?
password_authentication
else
# Valid user
self.logged_user = user
# generate a key and set cookie if autologin
if params[:autologin] && Setting.autologin?
token = Token.create(:user => user, :action => 'autologin')
cookies[:autologin] = { :value => token.value, :expires => 1.year.from_now }
end
redirect_back_or_default :controller => 'my', :action => 'page'
open_id_authenticate(params[:openid_url])
end
end
end
......@@ -191,4 +177,59 @@ private
session[:user_id] = nil
end
end
def password_authentication
user = User.try_to_login(params[:username], params[:password])
if user.nil?
# Invalid credentials
flash.now[:error] = l(:notice_account_invalid_creditentials)
elsif user.new_record?
# Onthefly creation failed, display the registration form to fill/fix attributes
@user = user
session[:auth_source_registration] = {:login => user.login, :auth_source_id => user.auth_source_id }
render :action => 'register'
else
# Valid user
successful_authentication(user)
end
end
def open_id_authenticate(openid_url)
user = nil
authenticate_with_open_id(openid_url, :required => [:nickname, :fullname, :email], :return_to => signin_url) do |result, identity_url, registration|
if result.successful?
user = User.find_or_initialize_by_identity_url(identity_url)
if user.new_record?
# Create on the fly
# TODO: name
user.login = registration['nickname']
user.mail = registration['email']
user.save
end
user.reload
if user.new_record?
# Onthefly creation failed, display the registration form to fill/fix attributes
@user = user
session[:auth_source_registration] = {:login => user.login, :identity_url => identity_url }
render :action => 'register'
else
successful_authentication(user)
end
end
end
end
def successful_authentication(user)
# Valid user
self.logged_user = user
# generate a key and set cookie if autologin
if params[:autologin] && Setting.autologin?
token = Token.create(:user => user, :action => 'autologin')
cookies[:autologin] = { :value => token.value, :expires => 1.year.from_now }
end
redirect_back_or_default :controller => 'my', :action => 'page'
end
end
......@@ -10,6 +10,10 @@
<td align="right"><label for="password"><%=l(:field_password)%>:</label></td>
<td align="left"><%= password_field_tag 'password', nil, :size => 40 %></td>
</tr>
<tr>
<td align="right"><label for="openid_url"><%=l(:field_identity_url)%></label></td>
<td align="left"><%= text_field_tag "openid_url" %></td>
</tr>
<tr>
<td></td>
<td align="left">
......
<h2><%=l(:label_register)%></h2>
<h2><%=l(:label_register)%> <%=link_to l(:label_login_with_open_id_option), signin_url %></h2>
<% form_tag({:action => 'register'}, :class => "tabular") do %>
<%= error_messages_for 'user' %>
......@@ -29,6 +29,9 @@
<p><label for="user_language"><%=l(:field_language)%></label>
<%= select("user", "language", lang_options_for_select) %></p>
<p><label for="user_identity_url"><%=l(:field_identity_url)%></label>
<%= text_field 'user', 'identity_url' %></p>
<% @user.custom_field_values.select {|v| v.editable? || v.required?}.each do |value| %>
<p><%= custom_field_tag_with_label :user, value %></p>
<% end %>
......
......@@ -15,6 +15,7 @@
<p><%= f.text_field :lastname, :required => true %></p>
<p><%= f.text_field :mail, :required => true %></p>
<p><%= f.select :language, lang_options_for_select %></p>
<p><%= f.text_field :identity_url %></p>
<% @user.custom_field_values.select(&:editable?).each do |value| %>
<p><%= custom_field_tag_with_label :user, value %></p>
......
......@@ -7,6 +7,7 @@
<p><%= f.text_field :lastname, :required => true %></p>
<p><%= f.text_field :mail, :required => true %></p>
<p><%= f.select :language, lang_options_for_select %></p>
<p><%= f.text_field :identity_url %></p>
<% @user.custom_field_values.each do |value| %>
<p><%= custom_field_tag_with_label :user, value %></p>
......
......@@ -255,4 +255,6 @@ ActionController::Routing::Routes.draw do |map|
# Install the default route as the lowest priority.
map.connect ':controller/:action/:id'
map.connect 'robots.txt', :controller => 'welcome', :action => 'robots'
# Used for OpenID
map.root :controller => 'account', :action => 'login'
end
......@@ -147,6 +147,7 @@ field_mail_notification: Email notifications
field_admin: Administrator
field_last_login_on: Last connection
field_language: Language
field_identity_url: OpenID URL
field_effective_date: Date
field_password: Password
field_new_password: New password
......@@ -332,6 +333,7 @@ label_information: Information
label_information_plural: Information
label_please_login: Please log in
label_register: Register
label_login_with_open_id_option: or login with OpenID
label_password_lost: Lost password
label_home: Home
label_my_page: My page
......
......@@ -69,6 +69,8 @@ html>body #content { min-height: 600px; }
#login-form table td {padding: 6px;}
#login-form label {font-weight: bold;}
input#openid_url { background: url(../images/openid-bg.gif) no-repeat; background-color: #fff; background-position: 0 50%; padding-left: 18px; }
.clear:after{ content: "."; display: block; height: 0; clear: both; visibility: hidden; }
/***** Links *****/
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment