Merge 0d933ac into 09f6b0d

openstax · Nov 8, 2016 · cd4da35 · cd4da35
2 parents 09f6b0d + 0d933ac
commit cd4da35
Show file tree

Hide file tree

Showing 36 changed files with 255 additions and 130 deletions.
diff --git a/.travis.yml b/.travis.yml
@@ -1,5 +1,7 @@
 branches:
-  only: master
+  only:
+    - master
+    - 2016-accounts-flow
 sudo: false
 env: DISPLAY=:99.0 OXA_DB_USER=postgres OXA_TEST_DB=travis_ci_test PARALLEL_TEST_PROCESSORS=2
 language: ruby

diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb
@@ -6,16 +6,18 @@ class SessionsController < ApplicationController
   include RequireRecentSignin
 
   skip_before_filter :authenticate_user!, :expired_password,
-                     only: [:new, :create, :failure, :destroy, :help]
+                     only: [:new, :lookup_login, :authenticate,
+                            :create, :failure, :destroy, :help]
 
-  skip_before_filter :finish_sign_up, only: [:destroy]
+  skip_before_filter :finish_sign_up, only: [:destroy]  # TODO used?
 
   before_filter :get_authorization_url, only: [:new, :create]
 
   fine_print_skip :general_terms_of_use, :privacy_policy,
-                  only: [:new, :create, :failure, :destroy, :help]
+                  only: [:new, :lookup_login, :authenticate, :create, :failure, :destroy, :help]
 
-  helper_method :last_signin_provider
+  helper_method :last_signin_provider  #  TODO still useful?
+  helper_method :get_login_info
 
   # Login form
   def new
@@ -33,6 +35,23 @@ def new
     @application = Doorkeeper::Application.where(uid: params[:client_id]).first
   end
 
+  def lookup_login
+    handle_with(SessionsLookupLogin,
+                success: lambda do
+                  set_login_info(username_or_email: @handler_result.outputs.username_or_email,
+                                 names: @handler_result.outputs.names,
+                                 providers: @handler_result.outputs.providers)
+                  redirect_to :authenticate
+                end,
+                failure: lambda do
+                  render :new
+                end)
+  end
+
+  def authenticate
+    redirect_to root_path if signed_in?
+  end
+
   # Handle OAuth callback (actual login)
   # May add authentication method (OAuth provider) to account
   def create
@@ -140,7 +159,7 @@ def failure
       I18n.t :"controllers.sessions.incorrect_password"
     when 'too_many_login_attempts'
       I18n.t :"controllers.sessions.too_many_login_attempts.content",
-             reset_password: "<a href=\"#{signin_help_url}\">#{
+             reset_password: "<a href=\"#{login_help_url}\">#{
                                 I18n.t :"controllers.sessions.too_many_login_attempts.reset_password"
                              }</a>".html_safe
     else

diff --git a/app/controllers/signup_controller.rb b/app/controllers/signup_controller.rb
@@ -1,11 +1,19 @@
 
 class SignupController < ApplicationController
 
-  skip_before_filter :authenticate_user!, only: [:index, :password]
+  skip_before_filter :authenticate_user!, only: [:index, :password] # TODO change
   skip_before_filter :finish_sign_up
 
   fine_print_skip :general_terms_of_use, :privacy_policy
 
+  def start
+
+  end
+
+  def verify_email
+
+  end
+
   def password
     @errors ||= env['errors']
 

diff --git a/app/controllers/static_pages_controller.rb b/app/controllers/static_pages_controller.rb
@@ -20,7 +20,7 @@ def home
       redirect_to profile_path
     else
       store_url # needed for happy login flow, authenticate_user! does it too
-      redirect_to signin_path
+      redirect_to login_path
     end
   end
 

diff --git a/app/handlers/sessions_create.rb b/app/handlers/sessions_create.rb
@@ -42,6 +42,10 @@ def authorized?
     true
   end
 
+  # TODO compare incoming social authentication with login_info in cookies to make
+  # sure that the authentication matches the username or email that the user started
+  # with
+
   def handle
     authentication =
       Authentication.find_or_create_by(provider: @data.provider, uid: @data.uid.to_s)

diff --git a/app/handlers/sessions_lookup_login.rb b/app/handlers/sessions_lookup_login.rb
@@ -0,0 +1,27 @@
+class SessionsLookupLogin
+
+  lev_handler
+
+  paramify :login do
+    attribute :username_or_email, type: String
+    validates :username_or_email, presence: true
+  end
+
+  protected
+
+  def authorized?
+    true
+  end
+
+  def handle
+    users = LookupUsers.by_email_or_username(login_params.username_or_email)
+
+    fatal_error(code: :unknown_username_or_email) if users.empty?
+
+    outputs.names = users.map(&:standard_name).uniq
+    outputs.username_or_email = login_params.username_or_email
+    outputs.providers = Authentication.where{user_id.in users.map(&:id)}
+                                      .map(&:provider)
+                                      .uniq
+  end
+end
diff --git a/app/models/user.rb b/app/models/user.rb
@@ -132,10 +132,18 @@ def guessed_last_name
     full_name.present? ? full_name.split("\s").drop(1).join(' ') : nil
   end
 
-  def casual_name
+  def casual_name # TODO are we ok now that username not required?
     first_name.present? ? first_name : username
   end
 
+  def standard_name # TODO needs spec
+    formal_name.present? ? formal_name : casual_name
+  end
+
+  def formal_name # TODO needs spec
+    "#{title} #{last_name} #{suffix}".gsub(/\s+/,' ').strip if title.present? && last_name.present?
+  end
+
   def add_unread_update
     # Returns false if the update fails (aborting the save transaction)
     AddUnreadUpdateForUser.call(self).errors.none?

diff --git a/app/views/layouts/_application_header.html.erb b/app/views/layouts/_application_header.html.erb
@@ -22,7 +22,7 @@
     </span>
   <% else %>
     <span>
-      <%= link_to (t :".sign_in"), main_app.signin_path %>
+      <%= link_to (t :".sign_in"), main_app.login_path %>
     </span>
   <% end %>
   </div>

diff --git a/app/views/sessions/authenticate.html.erb b/app/views/sessions/authenticate.html.erb
@@ -0,0 +1,74 @@
+<% @parent_col_id = "signin" %>
+
+<%= page_heading (t :".page_heading"), sub_heading_text: (t :".page_sub_heading"), center: true %>
+
+<% login_info = get_login_info %>
+
+<h3>
+  Hi<%= login_info[:names].size == 1 ? " #{login_info[:names].first}!" : "!" %>
+</h3>
+
+<div id="options" class="row">
+  <div class="col-sm-12">
+
+    <% if login_info[:providers].include?('identity') %>
+      <div class="button-form-group">
+        <%= form_tag '/auth/identity/callback' do %>
+          <input type='hidden' id='auth_key' name='auth_key' class="form-control"
+                 value='<%= login_info[:username_or_email] %>'/>
+          <div class="form-group">
+            <label for='password'><%= t :".password" %></label>
+            <input type='password' id='password' name='password' class="form-control"/>
+          </div>
+
+          <div class='password-actions'>
+            <button type="submit" class="btn btn-primary"><%= t :".sign_in" %></button>
+          </div>
+
+        <% end %>
+      </div>
+
+      <% if login_info[:providers].size > 1 %>
+        <div id="horizontal-or-bar">
+          <span><%= t :".separator_or" %></span>
+        </div>
+      <% end %>
+    <% end %>
+
+    <% if login_info[:providers].include?('facebook') %>
+      <%= link_to "/auth/facebook", class: 'btn btn-block btn-social btn-facebook',
+                                    id: 'facebook-login-button' do %>
+        <span class="fa fa-facebook"></span> <%= t :".sign_in_with_facebook" %>
+      <% end %>
+    <% end %>
+
+    <% if login_info[:providers].include?('google_oauth2') %>
+      <%= link_to "/auth/google_oauth2", class: 'btn btn-block btn-social btn-google',
+                                         id: 'google-login-button' do %>
+        <span class="fa fa-google"></span> <%= t :".sign_in_with_google" %>
+      <% end %>
+    <% end %>
+
+  </div>
+</div>
+
+<div id="cant-sign-in" class="row">
+  <div class="col-xs-12" style='text-align: center'>
+    <span><%= link_to (t :".cant_sign_in"), login_help_path %></span>
+  </div>
+</div>
+
+<div id="reminders" class="row">
+  <div class="col-xs-12">
+    <p><%= t :".openstax_wont_use_social_media_without_permission_html" %>
+
+    <style type="text/css">
+      p.b-no-wrap > b {
+        white-space: nowrap;
+      }
+    </style>
+    <p class="b-no-wrap">
+      <%= t :".logout_reminder_html" %>
+    </p>
+  </div>
+</div>
diff --git a/app/views/sessions/new.html.erb b/app/views/sessions/new.html.erb
@@ -4,88 +4,15 @@
 
 <%= page_heading (t :".page_heading"), sub_heading_text: (t :".page_sub_heading"), center: true %>
 
-<div id="options" class="row">
+<div class="row">
+  <h3>Log in to OpenStax</h3>
 
-  <div id="social-login" class="col-sm-6">
+  <%= lev_form_for :login, url: lookup_login_path, method: :post do |f| %>
+    <%= f.text_field :username_or_email, placeholder: (t :".username_or_email") %>
+    <%= f.submit (t :".next"), class: 'btn btn-primary' %>
+  <% end %>
 
-    <div class="button-form-group">
-      <%= link_to "/auth/facebook", class: 'btn btn-block btn-social btn-facebook', id: 'facebook-login-button' do %>
-        <span class="fa fa-facebook"></span> <%= t :".sign_in_with_facebook" %>
-      <% end %>
-      <%= last_signin_mark('facebook') %>
+  <hr/>
 
-      <%= link_to "/auth/google_oauth2", class: 'btn btn-block btn-social btn-google', id: 'google-login-button' do %>
-        <span class="fa fa-google"></span> <%= t :".sign_in_with_google" %>
-      <% end %>
-      <%= last_signin_mark('google_oauth2') %>
-
-      <%= link_to "/auth/twitter", class: 'btn btn-block btn-social btn-twitter', id: 'twitter-login-button' do %>
-        <span class="fa fa-twitter"></span> <%= t :".sign_in_with_twitter" %>
-      <% end %>
-      <%= last_signin_mark('twitter') %>
-    </div>
-
-  </div>
-
-  <div id="password-login" class="col-sm-6">
-
-    <span id="vertical-or" class="hidden-xs"><%= t :".separator_or" %></span>
-
-    <div id="horizontal-or-bar" class="visible-xs">
-      <span><%= t :".separator_or" %></span>
-    </div>
-
-    <div class="button-form-group">
-      <%= form_tag '/auth/identity/callback' do %>
-        <div class="form-group">
-          <label for='auth_key'><%= t :".username_or_email" %></label>
-          <input type='text' id='auth_key' name='auth_key' class="form-control" autocapitalize="off" autocorrect="off"/>
-        </div>
-        <%= last_signin_mark('identity') %>
-
-        <div class="form-group">
-          <label for='password'><%= t :".password" %></label>
-          <input type='password' id='password' name='password' class="form-control"/>
-        </div>
-
-        <div class='password-actions'>
-          <button type="submit" class="btn btn-primary"><%= t :".sign_in" %></button>
-
-          <span class='sign-up'><%= link_to (t :".sign_up"), signup_path %></span>
-        </div>
-
-      <% end %>
-    </div>
-
-  </div>
-</div>
-
-<div id="last-signin-explanation" class="row" style="<%= 'display:none' if last_signin_provider.blank? %>">
-  <div class="col-xs-12" style="text-align: center">
-    <div class="content">
-      <span class="last-signin-symbol">*</span>&nbsp;&nbsp;&nbsp;<%= t :".used_this_method_last_time" %>
-    </div>
-  </div>
-</div>
-
-<div id="cant-sign-in" class="row">
-  <div class="col-xs-12" style='text-align: center'>
-    <span><%= link_to (t :".cant_sign_in"), signin_help_path %></span>
-  </div>
-</div>
-
-<div id="reminders" class="row">
-  <div class="col-xs-12">
-    <p><%= t :".openstax_wont_use_social_media_without_permission_html" %>
-
-    <style type="text/css">
-      p.b-no-wrap > b {
-        white-space: nowrap;
-      }
-    </style>
-    <p class="b-no-wrap">
-      <%= t :".logout_reminder_html" %>
-    </p>
-    <%# <p>If you're on a public computer, <b style="white-space:nowrap">be sure to sign out</b> when you're done!</p> %>
-  </div>
+  <p>No account? <span class='sign-up'><%= link_to (t :".sign_up"), signup_path %></span></p>
 </div>
diff --git a/app/views/signup/index.html.erb b/app/views/signup/index.html.erb
@@ -41,7 +41,7 @@
       <p class='already-have-account'>
         <%= t :".already_have_an_account.content_html",
               link: (link_to (t :".already_have_an_account.sign_in"),
-                             signin_path)
+                             login_path)
             %>
       </p>
     </div>

diff --git a/app/views/signup/start.html.erb b/app/views/signup/start.html.erb
@@ -0,0 +1,3 @@
+<p>start.html.erb</p>
+
+<p>Solicit role and email address</p>
diff --git a/app/views/signup/verify_email.html.erb b/app/views/signup/verify_email.html.erb
@@ -0,0 +1,3 @@
+<p>verify_email.html.erb</p>
+
+<p>Verify email by PIN (during signup)</p>
diff --git a/config/environment.rb b/config/environment.rb
@@ -7,10 +7,12 @@
 require 'contracts_not_required'
 require 'require_recent_signin'
 require 'json_serialize'
+require 'lookup_users'
 require 'omniauth/strategies/custom_identity'
 require 'salesforce/client'
 require 'salesforce/user_missing'
 require 'salesforce/contact'
+require 'salesforce/lead'
 
 SITE_NAME = 'OpenStax Accounts'
 PAGE_TITLE_SUFFIX = SITE_NAME

diff --git a/config/initializers/controllers.rb b/config/initializers/controllers.rb
@@ -67,6 +67,26 @@ def expired_password
     redirect_to reset_password_path(code_hash)
   end
 
+  def set_login_info(username_or_email:, names:, providers:)
+    cookies.signed[:login_key] = @handler_result.outputs.username_or_email
+    cookies.signed[:login_names] = @handler_result.outputs.names
+    cookies.signed[:login_providers] = @handler_result.outputs.providers
+  end
+
+  def get_login_info
+    {
+      username_or_email: cookies.signed[:login_key],
+      names: cookies.signed[:login_names],
+      providers: cookies.signed[:login_providers]
+    }
+  end
+
+  def clear_login_info
+    cookies.delete(:login_key)
+    cookies.delete(:login_names)
+    cookies.delete(:login_providers)
+  end
+
   def set_last_signin_provider(provider)
     cookies.signed[:last_signin_provider] = provider
   end