auth: login/registration changes for upcomming new rules for login using external identities....
marcink -
r3386:e8cf67e0 default
Not Reviewed
Show More
Add another comment
TODOs: 0 unresolved 0 Resolved
COMMENTS: 0 General 0 Inline
@@ -74,20 +74,17
74 'default_password_reset': pwd_reset_setting,
74 'default_password_reset': pwd_reset_setting,
75 'default_extern_activate': 'hg.extern_activate.auto',
75 'default_extern_activate': 'hg.extern_activate.auto',
76 }
76 }
77 resp = self.app.post(route_path('admin_permissions_application_update'), params=params)
77 resp = self.app.post(
78 route_path('admin_permissions_application_update'), params=params)
78 self.logout_user()
79 self.logout_user()
79
80
80 login_page = self.app.get(route_path('login'))
81 login_page = self.app.get(route_path('login'))
81 asr_login = AssertResponse(login_page)
82 asr_login = AssertResponse(login_page)
82 index_page = self.app.get(h.route_path('home'))
83 asr_index = AssertResponse(index_page)
84
83
85 if show_link:
84 if show_link:
86 asr_login.one_element_exists('a.pwd_reset')
85 asr_login.one_element_exists('a.pwd_reset')
87 asr_index.one_element_exists('a.pwd_reset')
88 else:
86 else:
89 asr_login.no_element_exists('a.pwd_reset')
87 asr_login.no_element_exists('a.pwd_reset')
90 asr_index.no_element_exists('a.pwd_reset')
91
88
92 response = self.app.get(route_path('reset_password'))
89 response = self.app.get(route_path('reset_password'))
93
90
@@ -24,6 +24,9
24
24
25 import logging
25 import logging
26
26
27 import colander
28
29 from rhodecode.authentication.schema import AuthnPluginSettingsSchemaBase
27 from rhodecode.translation import _
30 from rhodecode.translation import _
28
31
29 from rhodecode.authentication.base import RhodeCodeAuthPluginBase, hybrid_property
32 from rhodecode.authentication.base import RhodeCodeAuthPluginBase, hybrid_property
@@ -43,6 +46,18
43 pass
46 pass
44
47
45
48
49 class RhodeCodeSettingsSchema(AuthnPluginSettingsSchemaBase):
50
51 superadmin_restriction = colander.SchemaNode(
52 colander.Bool(),
53 default=False,
54 description=_('Only allow super-admins to log-in using this plugin.'),
55 missing=False,
56 title=_('Enabled'),
57 widget='bool',
58 )
59
60
46 class RhodeCodeAuthPlugin(RhodeCodeAuthPluginBase):
61 class RhodeCodeAuthPlugin(RhodeCodeAuthPluginBase):
47 uid = 'rhodecode'
62 uid = 'rhodecode'
48
63
@@ -64,6 +79,9
64 route_name='auth_home',
79 route_name='auth_home',
65 context=RhodecodeAuthnResource)
80 context=RhodecodeAuthnResource)
66
81
82 def get_settings_schema(self):
83 return RhodeCodeSettingsSchema()
84
67 def get_display_name(self):
85 def get_display_name(self):
68 return _('RhodeCode Internal')
86 return _('RhodeCode Internal')
69
87
@@ -650,10 +650,9
650 # SCM FILTERS available via h.
650 # SCM FILTERS available via h.
651 #==============================================================================
651 #==============================================================================
652 from rhodecode.lib.vcs.utils import author_name, author_email
652 from rhodecode.lib.vcs.utils import author_name, author_email
653 from rhodecode.lib.utils2 import credentials_filter, age as _age
653 from rhodecode.lib.utils2 import credentials_filter, age, age_from_seconds
654 from rhodecode.model.db import User, ChangesetStatus
654 from rhodecode.model.db import User, ChangesetStatus
655
655
656 age = _age
657 capitalize = lambda x: x.capitalize()
656 capitalize = lambda x: x.capitalize()
658 email = author_email
657 email = author_email
659 short_id = lambda x: x[:12]
658 short_id = lambda x: x[:12]
@@ -564,6 +564,12
564 return _(u'just now')
564 return _(u'just now')
565
565
566
566
567 def age_from_seconds(seconds):
568 seconds = safe_int(seconds) or 0
569 prevdate = time_to_datetime(time.time() + seconds)
570 return age(prevdate, show_suffix=False, show_short_version=True)
571
572
567 def cleaned_uri(uri):
573 def cleaned_uri(uri):
568 """
574 """
569 Quotes '[' and ']' from uri if there is only one of them.
575 Quotes '[' and ']' from uri if there is only one of them.
@@ -73,9 +73,6
73 }
73 }
74
74
75 .sign-in-title {
75 .sign-in-title {
76 h1 {
77 margin: 0;
78 }
79
76
80 h4 {
77 h4 {
81 margin: @padding*2 0;
78 margin: @padding*2 0;
@@ -299,87 +299,54
299 <%def name="usermenu(active=False)">
299 <%def name="usermenu(active=False)">
300 ## USER MENU
300 ## USER MENU
301 <li id="quick_login_li" class="${'active' if active else ''}">
301 <li id="quick_login_li" class="${'active' if active else ''}">
302 <a id="quick_login_link" class="menulink childs">
302 % if c.rhodecode_user.username == h.DEFAULT_USER:
303 ${gravatar(c.rhodecode_user.email, 20)}
303 <a id="quick_login_link" class="menulink childs" href="${h.route_path('login', _query={'came_from': h.current_route_path(request)})}">
304 <span class="user">
304 ${gravatar(c.rhodecode_user.email, 20)}
305 %if c.rhodecode_user.username != h.DEFAULT_USER:
305 <span class="user">
306 <span class="menu_link_user">${c.rhodecode_user.username}</span><div class="show_more"></div>
306 <span>${_('Sign in')}</span>
307 %else:
307 </span>
308 <span>${_('Sign in')}</span>
308 </a>
309 %endif
309 % else:
310 </span>
310 ## logged in user
311 </a>
311 <a id="quick_login_link" class="menulink childs">
312
312 ${gravatar(c.rhodecode_user.email, 20)}
313 <div class="user-menu submenu">
313 <span class="user">
314 <div id="quick_login">
314 <span class="menu_link_user">${c.rhodecode_user.username}</span>
315 %if c.rhodecode_user.username == h.DEFAULT_USER:
315 <div class="show_more"></div>
316 <h4>${_('Sign in to your account')}</h4>
316 </span>
317 ${h.form(h.route_path('login', _query={'came_from': h.current_route_path(request)}), needs_csrf_token=False)}
317 </a>
318 <div class="form form-vertical">
318 ## subnav with menu for logged in user
319 <div class="fields">
319 <div class="user-menu submenu">
320 <div class="field">
320 <div id="quick_login">
321 <div class="label">
321 %if c.rhodecode_user.username != h.DEFAULT_USER:
322 <label for="username">${_('Username')}:</label>
322 <div class="">
323 </div>
323 <div class="big_gravatar">${gravatar(c.rhodecode_user.email, 48)}</div>
324 <div class="input">
324 <div class="full_name">${c.rhodecode_user.full_name_or_username}</div>
325 ${h.text('username',class_='focus',tabindex=1)}
325 <div class="email">${c.rhodecode_user.email}</div>
326 </div>
327
328 </div>
329 <div class="field">
330 <div class="label">
331 <label for="password">${_('Password')}:</label>
332 %if h.HasPermissionAny('hg.password_reset.enabled')():
333 <span class="forgot_password">${h.link_to(_('(Forgot password?)'),h.route_path('reset_password'), class_='pwd_reset')}</span>
334 %endif
335 </div>
336 <div class="input">
337 ${h.password('password',class_='focus',tabindex=2)}
338 </div>
339 </div>
326 </div>
340 <div class="buttons">
327 <div class="">
341 <div class="register">
328 <ol class="links">
342 %if h.HasPermissionAny('hg.admin', 'hg.register.auto_activate', 'hg.register.manual_activate')():
329 <li>${h.link_to(_(u'My account'),h.route_path('my_account_profile'))}</li>
343 ${h.link_to(_("Don't have an account?"),h.route_path('register'))} <br/>
330 % if c.rhodecode_user.personal_repo_group:
344 %endif
331 <li>${h.link_to(_(u'My personal group'), h.route_path('repo_group_home', repo_group_name=c.rhodecode_user.personal_repo_group.group_name))}</li>
345 ${h.link_to(_("Using external auth? Sign In here."),h.route_path('login'))}
332 % endif
346 </div>
333 <li>${h.link_to(_(u'Pull Requests'), h.route_path('my_account_pullrequests'))}</li>
347 <div class="submit">
334
348 ${h.submit('sign_in',_('Sign In'),class_="btn btn-small",tabindex=3)}
335 <li class="logout">
349 </div>
336 ${h.secure_form(h.route_path('logout'), request=request)}
337 ${h.submit('log_out', _(u'Sign Out'),class_="btn btn-primary")}
338 ${h.end_form()}
339 </li>
340 </ol>
350 </div>
341 </div>
351 </div>
342 %endif
352 </div>
343 </div>
353 ${h.end_form()}
344 </div>
354 %else:
345 ## unread counter
355 <div class="">
346 <div class="pill_container">
356 <div class="big_gravatar">${gravatar(c.rhodecode_user.email, 48)}</div>
347 <a class="menu_link_notifications ${'empty' if c.unread_notifications == 0 else ''}" href="${h.route_path('notifications_show_all')}">${c.unread_notifications}</a>
357 <div class="full_name">${c.rhodecode_user.full_name_or_username}</div>
348 </div>
358 <div class="email">${c.rhodecode_user.email}</div>
349 % endif
359 </div>
360 <div class="">
361 <ol class="links">
362 <li>${h.link_to(_(u'My account'),h.route_path('my_account_profile'))}</li>
363 % if c.rhodecode_user.personal_repo_group:
364 <li>${h.link_to(_(u'My personal group'), h.route_path('repo_group_home', repo_group_name=c.rhodecode_user.personal_repo_group.group_name))}</li>
365 % endif
366 <li>${h.link_to(_(u'Pull Requests'), h.route_path('my_account_pullrequests'))}</li>
367
368 <li class="logout">
369 ${h.secure_form(h.route_path('logout'), request=request)}
370 ${h.submit('log_out', _(u'Sign Out'),class_="btn btn-primary")}
371 ${h.end_form()}
372 </li>
373 </ol>
374 </div>
375 %endif
376 </div>
377 </div>
378 %if c.rhodecode_user.username != h.DEFAULT_USER:
379 <div class="pill_container">
380 <a class="menu_link_notifications ${'empty' if c.unread_notifications == 0 else ''}" href="${h.route_path('notifications_show_all')}">${c.unread_notifications}</a>
381 </div>
382 % endif
383 </li>
350 </li>
384 </%def>
351 </%def>
385
352
@@ -25,17 +25,16
25
25
26 <div class="loginwrapper">
26 <div class="loginwrapper">
27 <rhodecode-toast id="notifications"></rhodecode-toast>
27 <rhodecode-toast id="notifications"></rhodecode-toast>
28
28 <div class="left-column">
29 <div class="left-column">
29 <img class="sign-in-image" src="${h.asset('images/sign-in.png')}" alt="RhodeCode"/>
30 <img class="sign-in-image" src="${h.asset('images/sign-in.png')}" alt="RhodeCode"/>
30 </div>
31 </div>
32
31 <%block name="above_login_button" />
33 <%block name="above_login_button" />
32 <div id="login" class="right-column">
34 <div id="login" class="right-column">
33 <!-- login -->
35 <!-- login -->
34 <div class="sign-in-title">
36 <div class="sign-in-title">
35 <h1>${_('Sign In')}</h1>
37 <h1>${_('Sign In using username/password')}</h1>
36 %if h.HasPermissionAny('hg.admin', 'hg.register.auto_activate', 'hg.register.manual_activate')():
37 <h4>${h.link_to(_("Go to the registration page to create a new account."), request.route_path('register'))}</h4>
38 %endif
39 </div>
38 </div>
40 <div class="inner form">
39 <div class="inner form">
41 ${h.form(request.route_path('login', _query={'came_from': c.came_from}), needs_csrf_token=False)}
40 ${h.form(request.route_path('login', _query={'came_from': c.came_from}), needs_csrf_token=False)}
@@ -47,7 +46,12
47 <br />
46 <br />
48 %endif
47 %endif
49
48
50 <label for="password">${_('Password')}:</label>
49 <label for="password">${_('Password')}:
50 %if h.HasPermissionAny('hg.password_reset.enabled')():
51 <div class="pull-right">${h.link_to(_('Forgot your password?'), h.route_path('reset_password'), class_='pwd_reset', tabindex="-1")}</div>
52 %endif
53
54 </label>
51 ${h.password('password', class_='focus')}
55 ${h.password('password', class_='focus')}
52 %if 'password' in errors:
56 %if 'password' in errors:
53 <span class="error-message">${errors.get('password')}</span>
57 <span class="error-message">${errors.get('password')}</span>
@@ -55,15 +59,25
55 %endif
59 %endif
56
60
57 ${h.checkbox('remember', value=True, checked=defaults.get('remember'))}
61 ${h.checkbox('remember', value=True, checked=defaults.get('remember'))}
58 <label class="checkbox" for="remember">${_('Remember me')}</label>
62 <% timeout = request.registry.settings.get('beaker.session.timeout', '0') %>
63 % if timeout == '0':
64 <% remember_label = _('Remember my indefinitely') %>
65 % else:
66 <% remember_label = _('Remember me for {}').format(h.age_from_seconds(timeout)) %>
67 % endif
68 <label class="checkbox" for="remember">${remember_label}</label>
59
69
60 %if h.HasPermissionAny('hg.password_reset.enabled')():
70 <p class="links">
61 <p class="links">
71 %if h.HasPermissionAny('hg.admin', 'hg.register.auto_activate', 'hg.register.manual_activate')():
62 ${h.link_to(_('Forgot your password?'), h.route_path('reset_password'), class_='pwd_reset')}
72 ${h.link_to(_("Create a new account."), request.route_path('register'))}
63 </p>
73 %endif
64 %elif h.HasPermissionAny('hg.password_reset.hidden')():
74 </p>
75
76 %if not h.HasPermissionAny('hg.password_reset.enabled')():
77 ## password reset hidden or disabled.
65 <p class="help-block">
78 <p class="help-block">
66 ${_('Password reset is disabled. Please contact ')}
79 ${_('Password reset is disabled.')} <br/>
80 ${_('Please contact ')}
67 % if c.visual.rhodecode_support_url:
81 % if c.visual.rhodecode_support_url:
68 <a href="${c.visual.rhodecode_support_url}" target="_blank">${_('Support')}</a>
82 <a href="${c.visual.rhodecode_support_url}" target="_blank">${_('Support')}</a>
69 ${_('or')}
83 ${_('or')}
@@ -72,18 +86,18
72 </p>
86 </p>
73 %endif
87 %endif
74
88
75 ${h.submit('sign_in', _('Sign In'), class_="btn sign-in")}
89 ${h.submit('sign_in', _('Sign In'), class_="btn sign-in", title=_('Sign in to {}').format(c.rhodecode_edition))}
76 <p class="help-block pull-right">
90
77 RhodeCode ${c.rhodecode_edition}
78 </p>
79 ${h.end_form()}
91 ${h.end_form()}
80 <script type="text/javascript">
92 <script type="text/javascript">
81 $(document).ready(function(){
93 $(document).ready(function(){
82 $('#username').focus();
94 $('#username').focus();
83 })
95 })
84 </script>
96 </script>
97
85 </div>
98 </div>
86 <!-- end login -->
99 <!-- end login -->
100
87 <%block name="below_login_button" />
101 <%block name="below_login_button" />
88 </div>
102 </div>
89 </div>
103 </div>
@@ -118,10 +118,7
118 ${register_message|n}
118 ${register_message|n}
119 </p>
119 </p>
120
120
121 ${h.submit('sign_up',_('Create Account'),class_="btn sign-in")}
121 ${h.submit('sign_up',_('Create Account'), class_="btn sign-in", title=_('Create Account in {}').format(c.rhodecode_edition))}
122 <p class="help-block pull-right">
123 RhodeCode ${c.rhodecode_edition}
124 </p>
125 ${h.end_form()}
122 ${h.end_form()}
126 </div>
123 </div>
127 <%block name="below_register_button" />
124 <%block name="below_register_button" />
Comments 0
You need to be logged in to leave comments. Login now