Skip to content

Commit

Permalink
Merge pull request #34 from habari/461
Browse files Browse the repository at this point in the history 
Refactor the login form so it uses FormUI
  • Loading branch information
@chrismeller
chrismeller committed Feb 12, 2013
2 parents 0f585df + b182765 commit ed13329
Show file tree
Hide file tree
Showing 3 changed files with 51 additions and 56 deletions.
12 changes: 12 additions & 0 deletions admin/formcontrols/admincontrol_password.php
View file
@@ -0,0 +1,12 @@
<?php
namespace Habari;
if ( !defined( 'HABARI_PATH' ) ) { die('No direct access'); }
?>

<div class="container">
<p>
<label for="<?php echo $id; ?>" class="incontent <?php echo $class; ?>"><?php echo $caption; ?></label>
<input type="password" name="<?php echo $field; ?>" id="<?php echo $id; ?>" class="styledformelement text <?php echo $class; ?>" value="<?php echo Utils::htmlspecialchars($value); ?>" <?php echo isset($tabindex) ? ' tabindex="' . $tabindex . '"' : ''?>>
</p>
<?php $control->errors_out('<li>%s</li>', '<ul class="error">%s</ul>'); ?>
</div>
35 changes: 7 additions & 28 deletions admin/login.php
View file
Expand Up @@ -26,29 +26,7 @@
<h1><a href="<?php Site::out_url('habari'); ?>" title="<?php _e('Go to Site'); ?>"><?php Options::out('title'); ?></a></h1>

<div class="container">
<?php Plugins::act( 'theme_loginform_before' ); ?>
<form method="post" action="<?php URL::out( 'auth', array( 'page' => 'login' ) ); ?>">
<?php // TODO: Use Javascript to add this or automatically hide it on load rather than show it ?>
<p id="reset_message" style="display:none; margin-bottom:20px;">
<?php _e('Please enter the username you wish to reset the password for. A unique password reset link will be emailed to that user.'); ?>
</p>

<p>
<label for="habari_username" class="incontent abovecontent"><?php _e('Name'); ?></label><input type="text" name="habari_username" id="habari_username"<?php if (isset( $habari_username )) { ?> value="<?php echo Utils::htmlspecialchars( $habari_username ); ?>"<?php } ?> placeholder="<?php _e('name'); ?>" class="styledformelement">
</p>
<p>
<label for="habari_password" class="incontent abovecontent"><?php _e('Password'); ?></label><input type="password" name="habari_password" id="habari_password" placeholder="<?php _e('password'); ?>" class="styledformelement">
</p>
<?php Plugins::act( 'theme_loginform_controls' ); ?>
<p>
<input class="submit" type="submit" name="submit_button" value="<?php _e('Login'); ?>">
</p>
<p id="password_utils">
<input class="submit" type="submit" name="submit_button" value="<?php _e('Reset password'); ?>">
</p>

</form>
<?php Plugins::act( 'theme_loginform_after' ); ?>
<?php echo $form; ?>
</div>

</div>
Expand All @@ -61,6 +39,7 @@
var password_label;
$(document).ready( function() {
<?php Session::messages_out( true, Method::create( '\Habari\Format', 'humane_messages' ) ); ?>
$("#reset_message").hide();
password_label = $('label[for=habari_password]');
// to fix autofill issues, we need to check the password field on every keyup
$('#habari_username').keyup( function() {
Expand All @@ -73,15 +52,15 @@

// Make the login form a bit more intuitive when requesting a password reset
// TODO: Stop this submitting the form when we click the Reset Password the first time when the field is populated.
$("#password_utils input").click(function() {
// Hide password box
$("p:has(input[name=habari_password])").hide();
$("#passwordreset_button input").click(function() {
// Hide password box (and surrounding container)
$("#habari_password").parent().hide();
// Hide Login button
$("p:has(input[name=submit_button])").first().hide();
$("#submit_button").hide();
// Show message that explains things a bit better
$("p#reset_message").fadeIn();
// Unbind click function
$("#password_utils input").unbind('click');
$("#passwordreset_button input").unbind('click');
return false;
});
});
Expand Down
60 changes: 32 additions & 28 deletions handlers/userhandler.php
View file
Expand Up @@ -18,12 +18,16 @@ class UserHandler extends ActionHandler
* create a session for them; or handle a password reset request.
*/
public function act_login()
{
// Display the login form.
$this->login_form();
}

public function loginform_success ( $form )
{
// If we're a reset password request, do that.
if ( isset( $_POST['submit_button'] ) && $_POST['submit_button'] === _t( 'Reset password' ) ) {
Utils::check_request_method( array( 'POST' ) );

$name = $this->handler_vars['habari_username'];
if ( isset( $form->passwordreset_button->value ) && !empty( $form->passwordreset_button->value ) ) {
$name = $form->habari_username->value;
if ( $name !== null ) {
if ( !is_numeric( $name ) && $user = User::get( $name ) ) {
$hash = Utils::random_password();
Expand All @@ -40,9 +44,8 @@ public function act_login()
}
// Back to actual login.
else {
Utils::check_request_method( array( 'GET', 'HEAD', 'POST' ) );
$name = $_POST['habari_username'];
$pass = $_POST['habari_password'];
$name = $form->habari_username->value;
$pass = $form->habari_password->value;

if ( ( null != $name ) || ( null != $pass ) ) {
$user = User::authenticate( $name, $pass );
Expand Down Expand Up @@ -102,13 +105,10 @@ public function act_login()

/* Authentication failed. */
// Remove submitted password, see, we're secure!
$_POST['habari_password'] = '';
$form->habari_password->value = '';
$this->handler_vars['error'] = _t( 'Bad credentials' );
}
}

// Display the login form.
$this->login_form( $name );
}

/**
Expand Down Expand Up @@ -137,26 +137,33 @@ public function act_logout()
*
* @param string $name Pre-fill the name field with this name
*/
protected function login_form( $name )
protected function login_form()
{
// Display the login form.
// Build theme and login page template
$this->theme = Themes::create();
if ( !$this->theme->template_exists( 'login' ) ) {
$this->theme = Themes::create( 'admin', 'RawPHPEngine', Site::get_dir( 'admin_theme', true ) );
$this->theme->assign( 'admin_page', 'login' );
}
$request = new \StdClass();
foreach ( URL::get_active_rules() as $rule ) {
$request->{$rule->name} = ( $rule->name == URL::get_matched_rule()->name );
}

if ( isset( $this->handler_vars['error'] ) ) {
$this->theme->assign( 'error', Utils::htmlspecialchars( $this->handler_vars['error'] ) );
}

$this->theme->assign( 'request', $request );
$this->theme->assign( 'habari_username', htmlentities( $name, ENT_QUOTES, 'UTF-8' ) );

// Build the login form
$form = new FormUI( 'habari_login' );
$form->on_success( array( $this, 'loginform_success' ) );
$form->append( 'static', 'reset_message', '<p id="reset_message" style="margin-bottom:20px;">' . _t('Please enter the username you wish to reset the password for. A unique password reset link will be emailed to that user.') . '</p>' );
$form->append( 'text', 'habari_username', 'null:null', _t('Name') );
$form->habari_username->template = 'admincontrol_text';
$form->append( 'password', 'habari_password', 'null:null', _t('Password') );
$form->habari_password->template = 'admincontrol_password';
$form->append( 'submit', 'submit_button', _t('Login') );
$form->append( 'submit', 'passwordreset_button', _t('Reset password') );

// Let plugins alter this form
Plugins::act( 'form_login', $form );

// Assign login form and display the page
$this->theme->form = $form->get();
$this->display( 'login' );

return true;
}

Expand All @@ -180,7 +187,6 @@ public function act_password_reset()

$id = $this->handler_vars['id'];
$hash = $this->handler_vars['hash'];
$name = '';

if ( $user = User::get( $id ) ) {
if ( is_string( $hash ) && ( $user->info->password_reset == md5( $hash ) ) ) {
Expand All @@ -201,15 +207,13 @@ public function act_password_reset()
// Clear the request - it should only work once
unset( $user->info->password_reset );
$user->info->commit();

$name = $user->username;
}
else {
Session::notice( _t( 'The supplied password reset token has expired or is invalid.' ) );
}
}
// Display the login form.
$this->login_form( $name );
Utils::redirect( URL::get( 'auth', array( 'page' => 'login' ) ) );
}

}
Expand Down

0 comments on commit ed13329

Please sign in to comment.