summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJeffery To <jeffery.to@gmail.com>2009-08-09 19:12:59 +0800
committerJeffery To <jeffery.to@gmail.com>2009-08-10 13:57:39 +0800
commit14b46e2183f10359cc53d597913a878f53e23719 (patch)
tree5abe41f6f475be0a05168f8859542e1a1a3b3b21
parentc1b19929f6234c4b9e30e16bae419c89c38c1169 (diff)
Added configuration option to only allow OpenID logins.
If $config['site']['openidonly'] is set to true: * the Login/Register pages will be removed from the navigation; * directly accesses to the Login/Register pages will redirect to the OpenID login page; * most links to the Login/Register pages will link to the OpenID login page instead. The user will still need to set a password to access the API and RSS feeds.
-rw-r--r--README2
-rw-r--r--actions/all.php4
-rw-r--r--actions/confirmaddress.php6
-rw-r--r--actions/favorited.php3
-rw-r--r--actions/groupsearch.php3
-rw-r--r--actions/invite.php2
-rw-r--r--actions/login.php6
-rw-r--r--actions/noticesearch.php4
-rw-r--r--actions/public.php11
-rw-r--r--actions/publictagcloud.php3
-rw-r--r--actions/register.php4
-rw-r--r--actions/remotesubscribe.php12
-rw-r--r--actions/replies.php4
-rw-r--r--actions/showfavorites.php4
-rw-r--r--actions/showgroup.php5
-rw-r--r--actions/showstream.php10
-rw-r--r--actions/subscribers.php4
-rw-r--r--actions/userauthorization.php6
-rw-r--r--config.php.sample2
-rw-r--r--index.php20
-rw-r--r--lib/action.php15
-rw-r--r--lib/common.php1
-rw-r--r--lib/facebookaction.php9
-rw-r--r--lib/logingroupnav.php12
24 files changed, 108 insertions, 44 deletions
diff --git a/README b/README
index 12c465869..e37934aaa 100644
--- a/README
+++ b/README
@@ -940,6 +940,8 @@ closed: If set to 'true', will disallow registration on your site.
the service, *then* set this variable to 'true'.
inviteonly: If set to 'true', will only allow registration if the user
was invited by an existing user.
+openidonly: If set to 'true', will only allow registrations and logins
+ through OpenID.
private: If set to 'true', anonymous users will be redirected to the
'login' page. Also, API methods that normally require no
authentication will require it. Note that this does not turn
diff --git a/actions/all.php b/actions/all.php
index f06ead2a8..5db09a0e6 100644
--- a/actions/all.php
+++ b/actions/all.php
@@ -88,7 +88,9 @@ class AllAction extends ProfileAction
}
}
else {
- $message .= sprintf(_('Why not [register an account](%%%%action.register%%%%) and then nudge %s or post a notice to his or her attention.'), $this->user->nickname);
+ $message .= sprintf(_('Why not [register an account](%%%%action.%s%%%%) and then nudge %s or post a notice to his or her attention.'),
+ (!common_config('site','openidonly')) ? 'register' : 'openidlogin',
+ $this->user->nickname);
}
$this->elementStart('div', 'guide');
diff --git a/actions/confirmaddress.php b/actions/confirmaddress.php
index 725c1f1e3..3c41a5c70 100644
--- a/actions/confirmaddress.php
+++ b/actions/confirmaddress.php
@@ -67,7 +67,11 @@ class ConfirmaddressAction extends Action
parent::handle($args);
if (!common_logged_in()) {
common_set_returnto($this->selfUrl());
- common_redirect(common_local_url('login'));
+ if (!common_config('site', 'openidonly')) {
+ common_redirect(common_local_url('login'));
+ } else {
+ common_redirect(common_local_url('openidlogin'));
+ }
return;
}
$code = $this->trimmed('code');
diff --git a/actions/favorited.php b/actions/favorited.php
index 156c7a700..a3d1a5e20 100644
--- a/actions/favorited.php
+++ b/actions/favorited.php
@@ -153,7 +153,8 @@ class FavoritedAction extends Action
$message .= _('Be the first to add a notice to your favorites by clicking the fave button next to any notice you like.');
}
else {
- $message .= _('Why not [register an account](%%action.register%%) and be the first to add a notice to your favorites!');
+ $message .= sprintf(_('Why not [register an account](%%%%action.%s%%%%) and be the first to add a notice to your favorites!'),
+ (!common_config('site','openidonly')) ? 'register' : 'openidlogin');
}
$this->elementStart('div', 'guide');
diff --git a/actions/groupsearch.php b/actions/groupsearch.php
index c50466ce6..7437166e6 100644
--- a/actions/groupsearch.php
+++ b/actions/groupsearch.php
@@ -82,7 +82,8 @@ class GroupsearchAction extends SearchAction
$message = _('If you can\'t find the group you\'re looking for, you can [create it](%%action.newgroup%%) yourself.');
}
else {
- $message = _('Why not [register an account](%%action.register%%) and [create the group](%%action.newgroup%%) yourself!');
+ $message = sprintf(_('Why not [register an account](%%%%action.%s%%%%) and [create the group](%%%%action.newgroup%%%%) yourself!'),
+ (!common_config('site','openidonly')) ? 'register' : 'openidlogin');
}
$this->elementStart('div', 'guide');
$this->raw(common_markup_to_html($message));
diff --git a/actions/invite.php b/actions/invite.php
index 26c951ed2..bdc0d34cb 100644
--- a/actions/invite.php
+++ b/actions/invite.php
@@ -235,7 +235,7 @@ class InviteAction extends CurrentUserDesignAction
common_root_url(),
$personal,
common_local_url('showstream', array('nickname' => $user->nickname)),
- common_local_url('register', array('code' => $invite->code)));
+ common_local_url((!common_config('site', 'openidonly')) ? 'register' : 'openidlogin', array('code' => $invite->code)));
mail_send($recipients, $headers, $body);
}
diff --git a/actions/login.php b/actions/login.php
index 50de83f6f..c20854f15 100644
--- a/actions/login.php
+++ b/actions/login.php
@@ -65,6 +65,8 @@ class LoginAction extends Action
*
* Switches on request method; either shows the form or handles its input.
*
+ * Checks if only OpenID is allowed and redirects to openidlogin if so.
+ *
* @param array $args $_REQUEST data
*
* @return void
@@ -73,7 +75,9 @@ class LoginAction extends Action
function handle($args)
{
parent::handle($args);
- if (common_is_real_login()) {
+ if (common_config('site', 'openidonly')) {
+ common_redirect(common_local_url('openidlogin'));
+ } else if (common_is_real_login()) {
$this->clientError(_('Already logged in.'));
} else if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$this->checkLogin();
diff --git a/actions/noticesearch.php b/actions/noticesearch.php
index 49b473d9e..90b3309cf 100644
--- a/actions/noticesearch.php
+++ b/actions/noticesearch.php
@@ -121,7 +121,9 @@ class NoticesearchAction extends SearchAction
$message = sprintf(_('Be the first to [post on this topic](%%%%action.newnotice%%%%?status_textarea=%s)!'), urlencode($q));
}
else {
- $message = sprintf(_('Why not [register an account](%%%%action.register%%%%) and be the first to [post on this topic](%%%%action.newnotice%%%%?status_textarea=%s)!'), urlencode($q));
+ $message = sprintf(_('Why not [register an account](%%%%action.%s%%%%) and be the first to [post on this topic](%%%%action.newnotice%%%%?status_textarea=%s)!'),
+ (!common_config('site','openidonly')) ? 'register' : 'openidlogin',
+ urlencode($q));
}
$this->elementStart('div', 'guide');
diff --git a/actions/public.php b/actions/public.php
index d0317ac70..dd128925b 100644
--- a/actions/public.php
+++ b/actions/public.php
@@ -183,7 +183,8 @@ class PublicAction extends Action
}
else {
if (! (common_config('site','closed') || common_config('site','inviteonly'))) {
- $message .= _('Why not [register an account](%%action.register%%) and be the first to post!');
+ $message .= sprintf(_('Why not [register an account](%%%%action.%s%%%%) and be the first to post!'),
+ (!common_config('site','openidonly')) ? 'register' : 'openidlogin');
}
}
@@ -238,9 +239,11 @@ class PublicAction extends Action
function showAnonymousMessage()
{
if (! (common_config('site','closed') || common_config('site','inviteonly'))) {
- $m = _('This is %%site.name%%, a [micro-blogging](http://en.wikipedia.org/wiki/Micro-blogging) service ' .
- 'based on the Free Software [Laconica](http://laconi.ca/) tool. ' .
- '[Join now](%%action.register%%) to share notices about yourself with friends, family, and colleagues! ([Read more](%%doc.help%%))');
+ $m = sprintf(_('This is %%%%site.name%%%%, a [micro-blogging](http://en.wikipedia.org/wiki/Micro-blogging) service ' .
+ 'based on the Free Software [Laconica](http://laconi.ca/) tool. ' .
+ '[Join now](%%%%action.%s%%%%) to share notices about yourself with friends, family, and colleagues! ' .
+ '([Read more](%%%%doc.help%%%%))'),
+ (!common_config('site','openidonly')) ? 'register' : 'openidlogin');
} else {
$m = _('This is %%site.name%%, a [micro-blogging](http://en.wikipedia.org/wiki/Micro-blogging) service ' .
'based on the Free Software [Laconica](http://laconi.ca/) tool.');
diff --git a/actions/publictagcloud.php b/actions/publictagcloud.php
index e9f33d58b..a2772869d 100644
--- a/actions/publictagcloud.php
+++ b/actions/publictagcloud.php
@@ -72,7 +72,8 @@ class PublictagcloudAction extends Action
$message .= _('Be the first to post one!');
}
else {
- $message .= _('Why not [register an account](%%action.register%%) and be the first to post one!');
+ $message .= sprintf(_('Why not [register an account](%%%%action.%s%%%%) and be the first to post one!'),
+ (!common_config('site','openidonly')) ? 'register' : 'openidlogin');
}
$this->elementStart('div', 'guide');
diff --git a/actions/register.php b/actions/register.php
index dcbbbdb6a..046a76b80 100644
--- a/actions/register.php
+++ b/actions/register.php
@@ -116,6 +116,8 @@ class RegisterAction extends Action
*
* Checks if registration is closed and shows an error if so.
*
+ * Checks if only OpenID is allowed and redirects to openidlogin if so.
+ *
* @param array $args $_REQUEST data
*
* @return void
@@ -127,6 +129,8 @@ class RegisterAction extends Action
if (common_config('site', 'closed')) {
$this->clientError(_('Registration not allowed.'));
+ } else if (common_config('site', 'openidonly')) {
+ common_redirect(common_local_url('openidlogin'));
} else if (common_logged_in()) {
$this->clientError(_('Already logged in.'));
} else if ($_SERVER['REQUEST_METHOD'] == 'POST') {
diff --git a/actions/remotesubscribe.php b/actions/remotesubscribe.php
index e658f8d37..7323103fc 100644
--- a/actions/remotesubscribe.php
+++ b/actions/remotesubscribe.php
@@ -71,11 +71,13 @@ class RemotesubscribeAction extends Action
if ($this->err) {
$this->element('div', 'error', $this->err);
} else {
- $inst = _('To subscribe, you can [login](%%action.login%%),' .
- ' or [register](%%action.register%%) a new ' .
- ' account. If you already have an account ' .
- ' on a [compatible microblogging site](%%doc.openmublog%%), ' .
- ' enter your profile URL below.');
+ $inst = sprintf(_('To subscribe, you can [login](%%%%action.%s%%%%),' .
+ ' or [register](%%%%action.%s%%%%) a new ' .
+ ' account. If you already have an account ' .
+ ' on a [compatible microblogging site](%%doc.openmublog%%), ' .
+ ' enter your profile URL below.'),
+ (!common_config('site','openidonly')) ? 'login' : 'openidlogin',
+ (!common_config('site','openidonly')) ? 'register' : 'openidlogin');
$output = common_markup_to_html($inst);
$this->elementStart('div', 'instructions');
$this->raw($output);
diff --git a/actions/replies.php b/actions/replies.php
index d7ed440e9..f14383d33 100644
--- a/actions/replies.php
+++ b/actions/replies.php
@@ -187,7 +187,9 @@ class RepliesAction extends OwnerDesignAction
}
}
else {
- $message .= sprintf(_('Why not [register an account](%%%%action.register%%%%) and then nudge %s or post a notice to his or her attention.'), $this->user->nickname);
+ $message .= sprintf(_('Why not [register an account](%%%%action.%s%%%%) and then nudge %s or post a notice to his or her attention.'),
+ (!common_config('site','openidonly')) ? 'register' : 'openidlogin',
+ $this->user->nickname);
}
$this->elementStart('div', 'guide');
diff --git a/actions/showfavorites.php b/actions/showfavorites.php
index 8b4926f01..9f549baf2 100644
--- a/actions/showfavorites.php
+++ b/actions/showfavorites.php
@@ -173,7 +173,9 @@ class ShowfavoritesAction extends OwnerDesignAction
}
}
else {
- $message = sprintf(_('%s hasn\'t added any notices to his favorites yet. Why not [register an account](%%%%action.register%%%%) and then post something interesting they would add to their favorites :)'), $this->user->nickname);
+ $message = sprintf(_('%s hasn\'t added any notices to his favorites yet. Why not [register an account](%%%%action.%s%%%%) and then post something interesting they would add to their favorites :)'),
+ $this->user->nickname,
+ (!common_config('site','openidonly')) ? 'register' : 'openidlogin');
}
$this->elementStart('div', 'guide');
diff --git a/actions/showgroup.php b/actions/showgroup.php
index 32ec674a9..4d8ba5fa8 100644
--- a/actions/showgroup.php
+++ b/actions/showgroup.php
@@ -440,8 +440,9 @@ class ShowgroupAction extends GroupDesignAction
$m = sprintf(_('**%s** is a user group on %%%%site.name%%%%, a [micro-blogging](http://en.wikipedia.org/wiki/Micro-blogging) service ' .
'based on the Free Software [Laconica](http://laconi.ca/) tool. Its members share ' .
'short messages about their life and interests. '.
- '[Join now](%%%%action.register%%%%) to become part of this group and many more! ([Read more](%%%%doc.help%%%%))'),
- $this->group->nickname);
+ '[Join now](%%%%action.%s%%%%) to become part of this group and many more! ([Read more](%%%%doc.help%%%%))'),
+ $this->group->nickname,
+ (!common_config('site','openidonly')) ? 'register' : 'openidlogin');
} else {
$m = sprintf(_('**%s** is a user group on %%%%site.name%%%%, a [micro-blogging](http://en.wikipedia.org/wiki/Micro-blogging) service ' .
'based on the Free Software [Laconica](http://laconi.ca/) tool. Its members share ' .
diff --git a/actions/showstream.php b/actions/showstream.php
index cd5d4bb70..3f603d64f 100644
--- a/actions/showstream.php
+++ b/actions/showstream.php
@@ -358,7 +358,9 @@ class ShowstreamAction extends ProfileAction
}
}
else {
- $message .= sprintf(_('Why not [register an account](%%%%action.register%%%%) and then nudge %s or post a notice to his or her attention.'), $this->user->nickname);
+ $message .= sprintf(_('Why not [register an account](%%%%action.%s%%%%) and then nudge %s or post a notice to his or her attention.'),
+ (!common_config('site','openidonly')) ? 'register' : 'openidlogin',
+ $this->user->nickname);
}
$this->elementStart('div', 'guide');
@@ -387,8 +389,10 @@ class ShowstreamAction extends ProfileAction
if (!(common_config('site','closed') || common_config('site','inviteonly'))) {
$m = sprintf(_('**%s** has an account on %%%%site.name%%%%, a [micro-blogging](http://en.wikipedia.org/wiki/Micro-blogging) service ' .
'based on the Free Software [Laconica](http://laconi.ca/) tool. ' .
- '[Join now](%%%%action.register%%%%) to follow **%s**\'s notices and many more! ([Read more](%%%%doc.help%%%%))'),
- $this->user->nickname, $this->user->nickname);
+ '[Join now](%%%%action.%s%%%%) to follow **%s**\'s notices and many more! ([Read more](%%%%doc.help%%%%))'),
+ $this->user->nickname,
+ (!common_config('site','openidonly')) ? 'register' : 'openidlogin',
+ $this->user->nickname);
} else {
$m = sprintf(_('**%s** has an account on %%%%site.name%%%%, a [micro-blogging](http://en.wikipedia.org/wiki/Micro-blogging) service ' .
'based on the Free Software [Laconica](http://laconi.ca/) tool. '),
diff --git a/actions/subscribers.php b/actions/subscribers.php
index 66ac00fb1..404738012 100644
--- a/actions/subscribers.php
+++ b/actions/subscribers.php
@@ -111,7 +111,9 @@ class SubscribersAction extends GalleryAction
}
}
else {
- $message = sprintf(_('%s has no subscribers. Why not [register an account](%%%%action.register%%%%) and be the first?'), $this->user->nickname);
+ $message = sprintf(_('%s has no subscribers. Why not [register an account](%%%%action.%s%%%%) and be the first?'),
+ $this->user->nickname,
+ (!common_config('site','openidonly')) ? 'register' : 'openidlogin');
}
$this->elementStart('div', 'guide');
diff --git a/actions/userauthorization.php b/actions/userauthorization.php
index 00903ae01..7e397e888 100644
--- a/actions/userauthorization.php
+++ b/actions/userauthorization.php
@@ -47,7 +47,11 @@ class UserauthorizationAction extends Action
# Go log in, and then come back
common_set_returnto($_SERVER['REQUEST_URI']);
- common_redirect(common_local_url('login'));
+ if (!common_config('site', 'openidonly')) {
+ common_redirect(common_local_url('login'));
+ } else {
+ common_redirect(common_local_url('openidlogin'));
+ }
return;
}
diff --git a/config.php.sample b/config.php.sample
index 21b6865e1..42d42cf86 100644
--- a/config.php.sample
+++ b/config.php.sample
@@ -38,6 +38,8 @@ $config['site']['path'] = 'laconica';
// $config['site']['closed'] = true;
// Only allow registration for people invited by another user
// $config['site']['inviteonly'] = true;
+// Only allow registrations and logins through OpenID
+// $config['site']['openidonly'] = true;
// Make the site invisible to non-logged-in users
// $config['site']['private'] = true;
diff --git a/index.php b/index.php
index 2e74d38fb..980b9881b 100644
--- a/index.php
+++ b/index.php
@@ -182,12 +182,20 @@ function main()
// If the site is private, and they're not on one of the "public"
// parts of the site, redirect to login
- if (!$user && common_config('site', 'private') &&
- !in_array($action, array('login', 'openidlogin', 'finishopenidlogin',
- 'recoverpassword', 'api', 'doc', 'register')) &&
- !preg_match('/rss$/', $action)) {
- common_redirect(common_local_url('login'));
- return;
+ if (!$user && common_config('site', 'private')) {
+ $public_actions = array('openidlogin', 'finishopenidlogin',
+ 'recoverpassword', 'api', 'doc');
+ $login_action = 'openidlogin';
+ if (!common_config('site', 'openidonly')) {
+ $public_actions[] = 'login';
+ $public_actions[] = 'register';
+ $login_action = 'login';
+ }
+ if (!in_array($action, $public_actions) &&
+ !preg_match('/rss$/', $action)) {
+ common_redirect(common_local_url($login_action));
+ return;
+ }
}
$action_class = ucfirst($action).'Action';
diff --git a/lib/action.php b/lib/action.php
index 326edf3a0..6da9adab5 100644
--- a/lib/action.php
+++ b/lib/action.php
@@ -436,12 +436,17 @@ class Action extends HTMLOutputter // lawsuit
_('Logout'), _('Logout from the site'), false, 'nav_logout');
}
else {
- if (!common_config('site', 'closed')) {
- $this->menuItem(common_local_url('register'),
- _('Register'), _('Create an account'), false, 'nav_register');
+ if (!common_config('site', 'openidonly')) {
+ if (!common_config('site', 'closed')) {
+ $this->menuItem(common_local_url('register'),
+ _('Register'), _('Create an account'), false, 'nav_register');
+ }
+ $this->menuItem(common_local_url('login'),
+ _('Login'), _('Login to the site'), false, 'nav_login');
+ } else {
+ $this->menuItem(common_local_url('openidlogin'),
+ _('OpenID'), _('Login with OpenID'), false, 'nav_openid');
}
- $this->menuItem(common_local_url('login'),
- _('Login'), _('Login to the site'), false, 'nav_login');
}
$this->menuItem(common_local_url('doc', array('title' => 'help')),
_('Help'), _('Help me!'), false, 'nav_help');
diff --git a/lib/common.php b/lib/common.php
index be30519f4..bf078378d 100644
--- a/lib/common.php
+++ b/lib/common.php
@@ -109,6 +109,7 @@ $config =
'broughtbyurl' => null,
'closed' => false,
'inviteonly' => false,
+ 'openidonly' => false,
'private' => false,
'ssl' => 'never',
'sslserver' => null,
diff --git a/lib/facebookaction.php b/lib/facebookaction.php
index ab11b613e..289e702c6 100644
--- a/lib/facebookaction.php
+++ b/lib/facebookaction.php
@@ -256,8 +256,13 @@ class FacebookAction extends Action
$this->elementStart('dd');
$this->elementStart('p');
$this->text(sprintf($loginmsg_part1, common_config('site', 'name')));
- $this->element('a',
- array('href' => common_local_url('register')), _('Register'));
+ if (!common_config('site', 'openidonly')) {
+ $this->element('a',
+ array('href' => common_local_url('register')), _('Register'));
+ } else {
+ $this->element('a',
+ array('href' => common_local_url('openidlogin')), _('Register'));
+ }
$this->text($loginmsg_part2);
$this->elementEnd('p');
$this->elementEnd('dd');
diff --git a/lib/logingroupnav.php b/lib/logingroupnav.php
index f23985f3a..919fd3db9 100644
--- a/lib/logingroupnav.php
+++ b/lib/logingroupnav.php
@@ -72,11 +72,13 @@ class LoginGroupNav extends Widget
// action => array('prompt', 'title')
$menu = array();
- $menu['login'] = array(_('Login'),
- _('Login with a username and password'));
- if (!(common_config('site','closed') || common_config('site','inviteonly'))) {
- $menu['register'] = array(_('Register'),
- _('Sign up for a new account'));
+ if (!common_config('site','openidonly')) {
+ $menu['login'] = array(_('Login'),
+ _('Login with a username and password'));
+ if (!(common_config('site','closed') || common_config('site','inviteonly'))) {
+ $menu['register'] = array(_('Register'),
+ _('Sign up for a new account'));
+ }
}
$menu['openidlogin'] = array(_('OpenID'),
_('Login or register with OpenID'));