Added the ability to login via OpenID.

* Refactored AccountController#login to use either password or openid based authentication * Extracted AccountController#successful_authentication to setup a user's session cookies and redirect * Implemented the start of AccountController#open_id_authentication which will check with the OpenID server and perform authentication. * Added text field for the OpenID url to /login * Added identity_url for OpenID to the user forms. * Added option to login with OpenID to the register form. * Added a root url route, which is used by the OpenID plugin #699 git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@2442 e93f8b46-1217-0410-a6f0-8f06a7374b81
2009-02-11 19:07:07 +00:00 · 2009-02-11 19:07:07 +00:00 · 896e64b759
parent a4e6e13b70
commit 896e64b759
9 changed files with 74 additions and 18 deletions
--- a/app/controllers/account_controller.rb
+++ b/app/controllers/account_controller.rb
@ -46,24 +46,10 @@ class AccountController < ApplicationController
      self.logged_user = nil
    else
      # Authenticate user
-      user = User.try_to_login(params[:username], params[:password])
+      unless using_open_id?
-      if user.nil?
+        password_authentication
        # Invalid credentials
        flash.now[:error] = l(:notice_account_invalid_creditentials)
      elsif user.new_record?
        # Onthefly creation failed, display the registration form to fill/fix attributes
        @user = user
        session[:auth_source_registration] = {:login => user.login, :auth_source_id => user.auth_source_id }
        render :action => 'register'
      else
-        # Valid user
+        open_id_authenticate(params[:openid_url])
        self.logged_user = user
        # generate a key and set cookie if autologin
        if params[:autologin] && Setting.autologin?
          token = Token.create(:user => user, :action => 'autologin')
          cookies[:autologin] = { :value => token.value, :expires => 1.year.from_now }
        end
        redirect_back_or_default :controller => 'my', :action => 'page'
      end
    end
  end
@ -191,4 +177,59 @@ private
      session[:user_id] = nil
    end
  end
  def password_authentication
    user = User.try_to_login(params[:username], params[:password])
    if user.nil?
      # Invalid credentials
      flash.now[:error] = l(:notice_account_invalid_creditentials)
    elsif user.new_record?
      # Onthefly creation failed, display the registration form to fill/fix attributes
      @user = user
      session[:auth_source_registration] = {:login => user.login, :auth_source_id => user.auth_source_id }
      render :action => 'register'
    else
      # Valid user
      successful_authentication(user)
    end
  end
  def open_id_authenticate(openid_url)
    user = nil
    authenticate_with_open_id(openid_url, :required => [:nickname, :fullname, :email], :return_to => signin_url) do |result, identity_url, registration|
      if result.successful?
        user = User.find_or_initialize_by_identity_url(identity_url)
        if user.new_record?
          # Create on the fly
          # TODO: name
          user.login = registration['nickname']
          user.mail = registration['email']
          user.save
        end
        user.reload
        if user.new_record?
          # Onthefly creation failed, display the registration form to fill/fix attributes
          @user = user
          session[:auth_source_registration] = {:login => user.login, :identity_url => identity_url }
          render :action => 'register'
        else
          successful_authentication(user)
        end
      end
    end
  end
  def successful_authentication(user)
    # Valid user
    self.logged_user = user
    # generate a key and set cookie if autologin
    if params[:autologin] && Setting.autologin?
      token = Token.create(:user => user, :action => 'autologin')
      cookies[:autologin] = { :value => token.value, :expires => 1.year.from_now }
    end
    redirect_back_or_default :controller => 'my', :action => 'page'
  end
 end
--- a/app/views/account/login.rhtml
+++ b/app/views/account/login.rhtml
@ -10,6 +10,10 @@
    <td align="right"><label for="password"><%=l(:field_password)%>:</label></td>
    <td align="left"><%= password_field_tag 'password', nil, :size => 40 %></td>
 </tr>
 <tr>
  <td align="right"><label for="openid_url"><%=l(:field_identity_url)%></label></td>
  <td align="left"><%= text_field_tag "openid_url" %></td>
 </tr>
 <tr>
    <td></td>
    <td align="left">
--- a/app/views/account/register.rhtml
+++ b/app/views/account/register.rhtml
@ -1,4 +1,4 @@
-<h2><%=l(:label_register)%></h2>
+<h2><%=l(:label_register)%> <%=link_to l(:label_login_with_open_id_option), signin_url %></h2>
 <% form_tag({:action => 'register'}, :class => "tabular") do %>
 <%= error_messages_for 'user' %>
@ -29,6 +29,9 @@
 <p><label for="user_language"><%=l(:field_language)%></label>
 <%= select("user", "language", lang_options_for_select) %></p>
 <p><label for="user_identity_url"><%=l(:field_identity_url)%></label>
 <%= text_field 'user', 'identity_url'  %></p>
 <% @user.custom_field_values.select {|v| v.editable? || v.required?}.each do |value| %>
 	<p><%= custom_field_tag_with_label :user, value %></p>
 <% end %>
--- a/app/views/my/account.rhtml
+++ b/app/views/my/account.rhtml
@ -15,6 +15,7 @@
 <p><%= f.text_field :lastname, :required => true %></p>
 <p><%= f.text_field :mail, :required => true %></p>
 <p><%= f.select :language, lang_options_for_select %></p>
 <p><%= f.text_field :identity_url  %></p>
 <% @user.custom_field_values.select(&:editable?).each do |value| %>
 	<p><%= custom_field_tag_with_label :user, value %></p>
--- a/app/views/users/_form.rhtml
+++ b/app/views/users/_form.rhtml
@ -7,6 +7,7 @@
 <p><%= f.text_field :lastname, :required => true %></p>
 <p><%= f.text_field :mail, :required => true %></p>
 <p><%= f.select :language, lang_options_for_select %></p>
 <p><%= f.text_field :identity_url  %></p>
 <% @user.custom_field_values.each do |value| %>
 	<p><%= custom_field_tag_with_label :user, value %></p>
--- a/config/routes.rb
+++ b/config/routes.rb
@ -255,4 +255,6 @@ ActionController::Routing::Routes.draw do |map|
  # Install the default route as the lowest priority.
  map.connect ':controller/:action/:id'
  map.connect 'robots.txt', :controller => 'welcome', :action => 'robots'
  # Used for OpenID
  map.root :controller => 'account', :action => 'login'
 end
--- a/lang/en.yml
+++ b/lang/en.yml
@ -147,6 +147,7 @@ field_mail_notification: Email notifications
 field_admin: Administrator
 field_last_login_on: Last connection
 field_language: Language
 field_identity_url: OpenID URL
 field_effective_date: Date
 field_password: Password
 field_new_password: New password
@ -332,6 +333,7 @@ label_information: Information
 label_information_plural: Information
 label_please_login: Please log in
 label_register: Register
 label_login_with_open_id_option: or login with OpenID
 label_password_lost: Lost password
 label_home: Home
 label_my_page: My page
--- a/public/images/openid-bg.gif
+++ b/public/images/openid-bg.gif
--- a/public/stylesheets/application.css
+++ b/public/stylesheets/application.css
@ -69,6 +69,8 @@ html>body #content { min-height: 600px; }
 #login-form table td {padding: 6px;}
 #login-form label {font-weight: bold;}
 input#openid_url { background: url(../images/openid-bg.gif) no-repeat; background-color: #fff; background-position: 0 50%; padding-left: 18px; }
 .clear:after{ content: "."; display: block; height: 0; clear: both; visibility: hidden; }
 /***** Links *****/