Skip to content
Permalink
Browse files

Add 'newaccount' endpoint.

  • Loading branch information
kohler committed Dec 7, 2019
1 parent 4c17b81 commit ed1edb63f17b136fa9fa10782bed792398b4fec9
Showing with 194 additions and 102 deletions.
  1. +39 −17 etc/pagepartials.json
  2. +30 −20 index.php
  3. +4 −0 lib/login.php
  4. +5 −0 newaccount.php
  5. +1 −13 scripts/script.js
  6. +0 −2 src/conference.php
  7. +6 −5 src/partials/p_home.php
  8. +108 −44 src/partials/{p_resetpassword.php → p_signin.php}
  9. +1 −1 src/tarball.sh
@@ -1,8 +1,9 @@
[
{
"name": "footer", "render_callback": "*Conf::footer"
"name": ":footer", "render_callback": "*Conf::footer"
},


{
"name": "home/profile_redirect", "position": 100,
"request_callback": "Home_Partial::profile_redirect_request"
@@ -67,6 +68,7 @@
"render_callback": "*Home_Partial::render_info_accepted"
},


{
"name": "home/message", "position": 2000,
"render_callback": "*Home_Partial::render_message"
@@ -100,41 +102,61 @@
"render_callback": "*Home_Partial::render_submissions"
},


{
"name": "resetpassword/request", "position": 100,
"request_callback": "*ResetPassword_Partial::reset_request"
"name": "newaccount/request", "position": 100,
"request_callback": "*Signin_Partial::create_request"
},
{
"name": "resetpassword/head", "position": 1000,
"render_callback": "*ResetPassword_Partial::render_reset_head",
"htitle": "Reset password"
"name": "newaccount/head", "position": 1000,
"render_callback": "*Signin_Partial::render_create_head",
"htitle": "Create account"
},
{
"name": "resetpassword/message", "position": 2000,
"alias": "home/message"
"name": "newaccount/message", "position": 2000, "alias": "home/message"
},
{
"name": "resetpassword/welcome", "position": 2500,
"alias": "home/welcome"
"name": "newaccount/welcome", "position": 2500, "alias": "home/welcome"
},
{
"name": "resetpassword/body", "position": 3000,
"render_callback": "*ResetPassword_Partial::render_reset_body",
"page": "resetpassword"
"name": "newaccount/body", "position": 3000,
"render_callback": "*Signin_Partial::render_create_body"
},


{
"name": "forgotpassword/request", "position": 100,
"request_callback": "*ResetPassword_Partial::forgot_request"
"request_callback": "*Signin_Partial::forgot_request"
},
{
"name": "forgotpassword/head", "position": 1000,
"render_callback": "*ResetPassword_Partial::render_forgot_head",
"render_callback": "*Signin_Partial::render_forgot_head",
"htitle": "Forgot password"
},
{
"name": "forgotpassword/body", "position": 3000,
"render_callback": "*ResetPassword_Partial::render_reset_body",
"page": "forgotpassword"
"render_callback": "*Signin_Partial::render_forgot_body"
},


{
"name": "resetpassword/request", "position": 100,
"request_callback": "*Signin_Partial::reset_request"
},
{
"name": "resetpassword/head", "position": 1000,
"render_callback": "*Signin_Partial::render_reset_head",
"htitle": "Reset password"
},
{
"name": "resetpassword/message", "position": 2000, "alias": "home/message"
},
{
"name": "resetpassword/welcome", "position": 2500, "alias": "home/welcome"
},
{
"name": "resetpassword/body", "position": 3000,
"render_callback": "*Signin_Partial::render_reset_body",
"page": "resetpassword"
}
]
@@ -32,26 +32,36 @@
require_once("src/initweb.php");
$page_template = $Conf->page_template($nav->page);

if (!$page_template) {
header("HTTP/1.0 404 Not Found");
} else if (isset($page_template->group)) {
// handle signin/signout -- may change $Me
if ($page_template->name === "index") {
$Me = Home_Partial::signin_requests($Me, $Qreq);
// that also got rid of disabled users
}
$gx = new GroupedExtensions($Me, ["etc/pagepartials.json"],
$Conf->opt("pagePartials"));
foreach ($gx->members($page_template->group) as $gj) {
if ($gx->request($gj, $Qreq, [$Me, $Qreq, $gx, $gj]) === false)
break;
if ($page_template && isset($page_template->require)) {
include($page_template->require);
} else {
$gx = new GroupedExtensions($Me, ["etc/pagepartials.json"], $Conf->opt("pagePartials"));

if ($page_template) {
$group = $page_template->group;
} else if (!str_starts_with($nav->page, ":") && $gx->is_group($nav->page)) {
$group = $nav->page;
} else {
$group = null;
}
$gx->start_render();
foreach ($gx->members($page_template->group) as $gj) {
if ($gx->render($gj, [$Me, $Qreq, $gx, $gj]) === false)
break;

if ($group) {
// handle signin/signout -- may change $Me
if ($group === "index") {
$Me = Home_Partial::signin_requests($Me, $Qreq);
// that also got rid of disabled users
}
foreach ($gx->members($group) as $gj) {
if ($gx->request($gj, $Qreq, [$Me, $Qreq, $gx, $gj]) === false)
break;
}
$gx->start_render();
foreach ($gx->members($group) as $gj) {
if ($gx->render($gj, [$Me, $Qreq, $gx, $gj]) === false)
break;
}
$gx->end_render();
} else {
header("HTTP/1.0 404 Not Found");
}
$gx->end_render();
} else {
include($page_template->require);
}
@@ -139,6 +139,10 @@ static function login(Conf $conf, Qrequest $qreq, $signinaction) {
// maybe reset password
$xuser = $user ? : $cdb_user;
if ($signinaction === "forgot" && $qreq->post_ok()) {
if ($external_login) {
Ht::error_at("email", "Password reset links aren’t used for this conference. Contact your system administrator if you’ve forgotten your password.");
return false;
}
$worked = $xuser->sendAccountInfo("forgot", true);
if ($worked === "@resetpassword") {
$conf->msg("A password reset link has been emailed to you. When you receive that email, visit the link to create a new password.", "xconfirm");
@@ -0,0 +1,5 @@
<?php
// newaccount.php -- HotCRP new account page
// Copyright (c) 2006-2019 Eddie Kohler; see LICENSE.

require_once("index.php");
@@ -7382,25 +7382,13 @@ handle_ui.on("js-signin", function (event) {
});
});

handle_ui.on("js-forgot-password", function (event) {
handle_ui.on("js-href-add-email", function (event) {
var e = this.closest("form");
if (e && e.email) {
this.href = hoturl_add(this.href, "email=" + urlencode(e.email.value));
}
});

handle_ui.on("js-create-account", function (event) {
var hc = popup_skeleton({action: hoturl("index", {signin: 1, action: "create"}), method: "post", maxWidth: "25rem", form_class: "ui-submit js-signin"});
hc.push('<h2>Create account</h2>');
hc.push('<p>Enter your email and we’ll create an account and send you an initial password.</p>')
hc.push('<div class="f-i"><label for="createaccount_email">Email</label>', '</div>');
hc.push_pop('<input type="email" name="email" size="36" class="fullw" autocomplete="email" id="createaccount_email">');
hc.push_actions(['<button type="submit" class="btn-success">Create account</button>',
'<button type="button" name="cancel">Cancel</button>']);
var $d = hc.show();
transfer_form_values($d.find("form"), $(this).closest("form"), ["email"]);
});


// paper UI
handle_ui.on("js-check-format", function () {
@@ -4418,8 +4418,6 @@ function page_template($page) {
return (object) ["name" => "index", "group" => "home"];
} else if (in_array($page, ["doc", "paper", "search", "review", "assign", "autoassign", "bulkassign", "buzzer", "checkupdates", "profile", "conflictassign", "deadlines", "graph", "help", "log", "mail", "manualassign", "mergeaccounts", "offline", "reviewprefs", "scorechart", "settings", "users"])) {
return (object) ["name" => $page, "require" => "$page.php"];
} else if (in_array($page, ["resetpassword", "forgotpassword"])) {
return (object) ["name" => $page, "group" => $page];
} else {
return null;
}
@@ -129,7 +129,7 @@ function render_head(Contact $user, Qrequest $qreq, $gx) {
} else {
$user->conf->header("Home", "home");
}
$gx->push_render_cleanup("footer");
$gx->push_render_cleanup(":footer");
echo '<noscript><div class="msg msg-error"><strong>This site requires JavaScript.</strong> Your browser does not support JavaScript.<br><a href="https://github.com/kohler/hotcrp/">Report bad compatibility problems</a></div></noscript>', "\n";
if ($user->privChair) {
echo '<div id="msg-clock-drift"></div>';
@@ -269,7 +269,7 @@ private function render_signin_login(Contact $user, Qrequest $qreq) {
if (!$is_external_login) {
echo '<div class="float-right"><a href="',
$conf->hoturl("forgotpassword"),
'" class="n x small uix js-forgot-password">Forgot your password?</a></div>';
'" class="n x small uix js-href-add-email">Forgot your password?</a></div>';
}
echo Ht::label("Password", "signin_password"),
Ht::password("password", $password_value, [
@@ -286,9 +286,9 @@ private function render_signin_login(Contact $user, Qrequest $qreq) {
Ht::submit("action", "Sign in", ["id" => "signin_signin", "class" => "btn-success", "tabindex" => 1, "value" => "go"]),
'</div>';
if ($conf->allow_user_self_register()) {
echo '<p class="hint">New to the site? <a href="?signin=1&amp;action=create" class="ui js-create-account" data-message="',
htmlspecialchars($this->_create_message($conf)),
'">Create an account</a></p>';
echo '<p class="hint">New to the site? <a href="',
$conf->hoturl("newaccount"),
'" class="uix js-href-add-email">Create an account</a></p>';
}
echo '</div><div class="fn">',
Ht::submit("action", "Sign in", ["class" => "btn-success", "tabindex" => 1, "value" => "start"]),
@@ -327,6 +327,7 @@ function render_signin(Contact $user, Qrequest $qreq) {
Ht::form($user->conf->hoturl("index", ["signin" => 1]), ["class" => "ui-submit js-signin compact-form"]),
Ht::hidden("post", post_value(true));
$action = $qreq->signin ? $qreq->action : null;
assert($action !== "forgot" && $action !== "create");
if ($action === "forgot" && !$user->conf->external_login()) {
$this->render_signin_forgot($user, $qreq);
} else if ($action === "create" && $user->conf->allow_user_self_register()) {

0 comments on commit ed1edb6

Please sign in to comment.
You can’t perform that action at this time.