From 14b46e2183f10359cc53d597913a878f53e23719 Mon Sep 17 00:00:00 2001 From: Jeffery To Date: Sun, 9 Aug 2009 19:12:59 +0800 Subject: Added configuration option to only allow OpenID logins. If $config['site']['openidonly'] is set to true: * the Login/Register pages will be removed from the navigation; * directly accesses to the Login/Register pages will redirect to the OpenID login page; * most links to the Login/Register pages will link to the OpenID login page instead. The user will still need to set a password to access the API and RSS feeds. --- README | 2 ++ actions/all.php | 4 +++- actions/confirmaddress.php | 6 +++++- actions/favorited.php | 3 ++- actions/groupsearch.php | 3 ++- actions/invite.php | 2 +- actions/login.php | 6 +++++- actions/noticesearch.php | 4 +++- actions/public.php | 11 +++++++---- actions/publictagcloud.php | 3 ++- actions/register.php | 4 ++++ actions/remotesubscribe.php | 12 +++++++----- actions/replies.php | 4 +++- actions/showfavorites.php | 4 +++- actions/showgroup.php | 5 +++-- actions/showstream.php | 10 +++++++--- actions/subscribers.php | 4 +++- actions/userauthorization.php | 6 +++++- config.php.sample | 2 ++ index.php | 20 ++++++++++++++------ lib/action.php | 15 ++++++++++----- lib/common.php | 1 + lib/facebookaction.php | 9 +++++++-- lib/logingroupnav.php | 12 +++++++----- 24 files changed, 108 insertions(+), 44 deletions(-) diff --git a/README b/README index 12c465869..e37934aaa 100644 --- a/README +++ b/README @@ -940,6 +940,8 @@ closed: If set to 'true', will disallow registration on your site. the service, *then* set this variable to 'true'. inviteonly: If set to 'true', will only allow registration if the user was invited by an existing user. +openidonly: If set to 'true', will only allow registrations and logins + through OpenID. private: If set to 'true', anonymous users will be redirected to the 'login' page. Also, API methods that normally require no authentication will require it. Note that this does not turn diff --git a/actions/all.php b/actions/all.php index f06ead2a8..5db09a0e6 100644 --- a/actions/all.php +++ b/actions/all.php @@ -88,7 +88,9 @@ class AllAction extends ProfileAction } } else { - $message .= sprintf(_('Why not [register an account](%%%%action.register%%%%) and then nudge %s or post a notice to his or her attention.'), $this->user->nickname); + $message .= sprintf(_('Why not [register an account](%%%%action.%s%%%%) and then nudge %s or post a notice to his or her attention.'), + (!common_config('site','openidonly')) ? 'register' : 'openidlogin', + $this->user->nickname); } $this->elementStart('div', 'guide'); diff --git a/actions/confirmaddress.php b/actions/confirmaddress.php index 725c1f1e3..3c41a5c70 100644 --- a/actions/confirmaddress.php +++ b/actions/confirmaddress.php @@ -67,7 +67,11 @@ class ConfirmaddressAction extends Action parent::handle($args); if (!common_logged_in()) { common_set_returnto($this->selfUrl()); - common_redirect(common_local_url('login')); + if (!common_config('site', 'openidonly')) { + common_redirect(common_local_url('login')); + } else { + common_redirect(common_local_url('openidlogin')); + } return; } $code = $this->trimmed('code'); diff --git a/actions/favorited.php b/actions/favorited.php index 156c7a700..a3d1a5e20 100644 --- a/actions/favorited.php +++ b/actions/favorited.php @@ -153,7 +153,8 @@ class FavoritedAction extends Action $message .= _('Be the first to add a notice to your favorites by clicking the fave button next to any notice you like.'); } else { - $message .= _('Why not [register an account](%%action.register%%) and be the first to add a notice to your favorites!'); + $message .= sprintf(_('Why not [register an account](%%%%action.%s%%%%) and be the first to add a notice to your favorites!'), + (!common_config('site','openidonly')) ? 'register' : 'openidlogin'); } $this->elementStart('div', 'guide'); diff --git a/actions/groupsearch.php b/actions/groupsearch.php index c50466ce6..7437166e6 100644 --- a/actions/groupsearch.php +++ b/actions/groupsearch.php @@ -82,7 +82,8 @@ class GroupsearchAction extends SearchAction $message = _('If you can\'t find the group you\'re looking for, you can [create it](%%action.newgroup%%) yourself.'); } else { - $message = _('Why not [register an account](%%action.register%%) and [create the group](%%action.newgroup%%) yourself!'); + $message = sprintf(_('Why not [register an account](%%%%action.%s%%%%) and [create the group](%%%%action.newgroup%%%%) yourself!'), + (!common_config('site','openidonly')) ? 'register' : 'openidlogin'); } $this->elementStart('div', 'guide'); $this->raw(common_markup_to_html($message)); diff --git a/actions/invite.php b/actions/invite.php index 26c951ed2..bdc0d34cb 100644 --- a/actions/invite.php +++ b/actions/invite.php @@ -235,7 +235,7 @@ class InviteAction extends CurrentUserDesignAction common_root_url(), $personal, common_local_url('showstream', array('nickname' => $user->nickname)), - common_local_url('register', array('code' => $invite->code))); + common_local_url((!common_config('site', 'openidonly')) ? 'register' : 'openidlogin', array('code' => $invite->code))); mail_send($recipients, $headers, $body); } diff --git a/actions/login.php b/actions/login.php index 50de83f6f..c20854f15 100644 --- a/actions/login.php +++ b/actions/login.php @@ -65,6 +65,8 @@ class LoginAction extends Action * * Switches on request method; either shows the form or handles its input. * + * Checks if only OpenID is allowed and redirects to openidlogin if so. + * * @param array $args $_REQUEST data * * @return void @@ -73,7 +75,9 @@ class LoginAction extends Action function handle($args) { parent::handle($args); - if (common_is_real_login()) { + if (common_config('site', 'openidonly')) { + common_redirect(common_local_url('openidlogin')); + } else if (common_is_real_login()) { $this->clientError(_('Already logged in.')); } else if ($_SERVER['REQUEST_METHOD'] == 'POST') { $this->checkLogin(); diff --git a/actions/noticesearch.php b/actions/noticesearch.php index 49b473d9e..90b3309cf 100644 --- a/actions/noticesearch.php +++ b/actions/noticesearch.php @@ -121,7 +121,9 @@ class NoticesearchAction extends SearchAction $message = sprintf(_('Be the first to [post on this topic](%%%%action.newnotice%%%%?status_textarea=%s)!'), urlencode($q)); } else { - $message = sprintf(_('Why not [register an account](%%%%action.register%%%%) and be the first to [post on this topic](%%%%action.newnotice%%%%?status_textarea=%s)!'), urlencode($q)); + $message = sprintf(_('Why not [register an account](%%%%action.%s%%%%) and be the first to [post on this topic](%%%%action.newnotice%%%%?status_textarea=%s)!'), + (!common_config('site','openidonly')) ? 'register' : 'openidlogin', + urlencode($q)); } $this->elementStart('div', 'guide'); diff --git a/actions/public.php b/actions/public.php index d0317ac70..dd128925b 100644 --- a/actions/public.php +++ b/actions/public.php @@ -183,7 +183,8 @@ class PublicAction extends Action } else { if (! (common_config('site','closed') || common_config('site','inviteonly'))) { - $message .= _('Why not [register an account](%%action.register%%) and be the first to post!'); + $message .= sprintf(_('Why not [register an account](%%%%action.%s%%%%) and be the first to post!'), + (!common_config('site','openidonly')) ? 'register' : 'openidlogin'); } } @@ -238,9 +239,11 @@ class PublicAction extends Action function showAnonymousMessage() { if (! (common_config('site','closed') || common_config('site','inviteonly'))) { - $m = _('This is %%site.name%%, a [micro-blogging](http://en.wikipedia.org/wiki/Micro-blogging) service ' . - 'based on the Free Software [Laconica](http://laconi.ca/) tool. ' . - '[Join now](%%action.register%%) to share notices about yourself with friends, family, and colleagues! ([Read more](%%doc.help%%))'); + $m = sprintf(_('This is %%%%site.name%%%%, a [micro-blogging](http://en.wikipedia.org/wiki/Micro-blogging) service ' . + 'based on the Free Software [Laconica](http://laconi.ca/) tool. ' . + '[Join now](%%%%action.%s%%%%) to share notices about yourself with friends, family, and colleagues! ' . + '([Read more](%%%%doc.help%%%%))'), + (!common_config('site','openidonly')) ? 'register' : 'openidlogin'); } else { $m = _('This is %%site.name%%, a [micro-blogging](http://en.wikipedia.org/wiki/Micro-blogging) service ' . 'based on the Free Software [Laconica](http://laconi.ca/) tool.'); diff --git a/actions/publictagcloud.php b/actions/publictagcloud.php index e9f33d58b..a2772869d 100644 --- a/actions/publictagcloud.php +++ b/actions/publictagcloud.php @@ -72,7 +72,8 @@ class PublictagcloudAction extends Action $message .= _('Be the first to post one!'); } else { - $message .= _('Why not [register an account](%%action.register%%) and be the first to post one!'); + $message .= sprintf(_('Why not [register an account](%%%%action.%s%%%%) and be the first to post one!'), + (!common_config('site','openidonly')) ? 'register' : 'openidlogin'); } $this->elementStart('div', 'guide'); diff --git a/actions/register.php b/actions/register.php index dcbbbdb6a..046a76b80 100644 --- a/actions/register.php +++ b/actions/register.php @@ -116,6 +116,8 @@ class RegisterAction extends Action * * Checks if registration is closed and shows an error if so. * + * Checks if only OpenID is allowed and redirects to openidlogin if so. + * * @param array $args $_REQUEST data * * @return void @@ -127,6 +129,8 @@ class RegisterAction extends Action if (common_config('site', 'closed')) { $this->clientError(_('Registration not allowed.')); + } else if (common_config('site', 'openidonly')) { + common_redirect(common_local_url('openidlogin')); } else if (common_logged_in()) { $this->clientError(_('Already logged in.')); } else if ($_SERVER['REQUEST_METHOD'] == 'POST') { diff --git a/actions/remotesubscribe.php b/actions/remotesubscribe.php index e658f8d37..7323103fc 100644 --- a/actions/remotesubscribe.php +++ b/actions/remotesubscribe.php @@ -71,11 +71,13 @@ class RemotesubscribeAction extends Action if ($this->err) { $this->element('div', 'error', $this->err); } else { - $inst = _('To subscribe, you can [login](%%action.login%%),' . - ' or [register](%%action.register%%) a new ' . - ' account. If you already have an account ' . - ' on a [compatible microblogging site](%%doc.openmublog%%), ' . - ' enter your profile URL below.'); + $inst = sprintf(_('To subscribe, you can [login](%%%%action.%s%%%%),' . + ' or [register](%%%%action.%s%%%%) a new ' . + ' account. If you already have an account ' . + ' on a [compatible microblogging site](%%doc.openmublog%%), ' . + ' enter your profile URL below.'), + (!common_config('site','openidonly')) ? 'login' : 'openidlogin', + (!common_config('site','openidonly')) ? 'register' : 'openidlogin'); $output = common_markup_to_html($inst); $this->elementStart('div', 'instructions'); $this->raw($output); diff --git a/actions/replies.php b/actions/replies.php index d7ed440e9..f14383d33 100644 --- a/actions/replies.php +++ b/actions/replies.php @@ -187,7 +187,9 @@ class RepliesAction extends OwnerDesignAction } } else { - $message .= sprintf(_('Why not [register an account](%%%%action.register%%%%) and then nudge %s or post a notice to his or her attention.'), $this->user->nickname); + $message .= sprintf(_('Why not [register an account](%%%%action.%s%%%%) and then nudge %s or post a notice to his or her attention.'), + (!common_config('site','openidonly')) ? 'register' : 'openidlogin', + $this->user->nickname); } $this->elementStart('div', 'guide'); diff --git a/actions/showfavorites.php b/actions/showfavorites.php index 8b4926f01..9f549baf2 100644 --- a/actions/showfavorites.php +++ b/actions/showfavorites.php @@ -173,7 +173,9 @@ class ShowfavoritesAction extends OwnerDesignAction } } else { - $message = sprintf(_('%s hasn\'t added any notices to his favorites yet. Why not [register an account](%%%%action.register%%%%) and then post something interesting they would add to their favorites :)'), $this->user->nickname); + $message = sprintf(_('%s hasn\'t added any notices to his favorites yet. Why not [register an account](%%%%action.%s%%%%) and then post something interesting they would add to their favorites :)'), + $this->user->nickname, + (!common_config('site','openidonly')) ? 'register' : 'openidlogin'); } $this->elementStart('div', 'guide'); diff --git a/actions/showgroup.php b/actions/showgroup.php index 32ec674a9..4d8ba5fa8 100644 --- a/actions/showgroup.php +++ b/actions/showgroup.php @@ -440,8 +440,9 @@ class ShowgroupAction extends GroupDesignAction $m = sprintf(_('**%s** is a user group on %%%%site.name%%%%, a [micro-blogging](http://en.wikipedia.org/wiki/Micro-blogging) service ' . 'based on the Free Software [Laconica](http://laconi.ca/) tool. Its members share ' . 'short messages about their life and interests. '. - '[Join now](%%%%action.register%%%%) to become part of this group and many more! ([Read more](%%%%doc.help%%%%))'), - $this->group->nickname); + '[Join now](%%%%action.%s%%%%) to become part of this group and many more! ([Read more](%%%%doc.help%%%%))'), + $this->group->nickname, + (!common_config('site','openidonly')) ? 'register' : 'openidlogin'); } else { $m = sprintf(_('**%s** is a user group on %%%%site.name%%%%, a [micro-blogging](http://en.wikipedia.org/wiki/Micro-blogging) service ' . 'based on the Free Software [Laconica](http://laconi.ca/) tool. Its members share ' . diff --git a/actions/showstream.php b/actions/showstream.php index cd5d4bb70..3f603d64f 100644 --- a/actions/showstream.php +++ b/actions/showstream.php @@ -358,7 +358,9 @@ class ShowstreamAction extends ProfileAction } } else { - $message .= sprintf(_('Why not [register an account](%%%%action.register%%%%) and then nudge %s or post a notice to his or her attention.'), $this->user->nickname); + $message .= sprintf(_('Why not [register an account](%%%%action.%s%%%%) and then nudge %s or post a notice to his or her attention.'), + (!common_config('site','openidonly')) ? 'register' : 'openidlogin', + $this->user->nickname); } $this->elementStart('div', 'guide'); @@ -387,8 +389,10 @@ class ShowstreamAction extends ProfileAction if (!(common_config('site','closed') || common_config('site','inviteonly'))) { $m = sprintf(_('**%s** has an account on %%%%site.name%%%%, a [micro-blogging](http://en.wikipedia.org/wiki/Micro-blogging) service ' . 'based on the Free Software [Laconica](http://laconi.ca/) tool. ' . - '[Join now](%%%%action.register%%%%) to follow **%s**\'s notices and many more! ([Read more](%%%%doc.help%%%%))'), - $this->user->nickname, $this->user->nickname); + '[Join now](%%%%action.%s%%%%) to follow **%s**\'s notices and many more! ([Read more](%%%%doc.help%%%%))'), + $this->user->nickname, + (!common_config('site','openidonly')) ? 'register' : 'openidlogin', + $this->user->nickname); } else { $m = sprintf(_('**%s** has an account on %%%%site.name%%%%, a [micro-blogging](http://en.wikipedia.org/wiki/Micro-blogging) service ' . 'based on the Free Software [Laconica](http://laconi.ca/) tool. '), diff --git a/actions/subscribers.php b/actions/subscribers.php index 66ac00fb1..404738012 100644 --- a/actions/subscribers.php +++ b/actions/subscribers.php @@ -111,7 +111,9 @@ class SubscribersAction extends GalleryAction } } else { - $message = sprintf(_('%s has no subscribers. Why not [register an account](%%%%action.register%%%%) and be the first?'), $this->user->nickname); + $message = sprintf(_('%s has no subscribers. Why not [register an account](%%%%action.%s%%%%) and be the first?'), + $this->user->nickname, + (!common_config('site','openidonly')) ? 'register' : 'openidlogin'); } $this->elementStart('div', 'guide'); diff --git a/actions/userauthorization.php b/actions/userauthorization.php index 00903ae01..7e397e888 100644 --- a/actions/userauthorization.php +++ b/actions/userauthorization.php @@ -47,7 +47,11 @@ class UserauthorizationAction extends Action # Go log in, and then come back common_set_returnto($_SERVER['REQUEST_URI']); - common_redirect(common_local_url('login')); + if (!common_config('site', 'openidonly')) { + common_redirect(common_local_url('login')); + } else { + common_redirect(common_local_url('openidlogin')); + } return; } diff --git a/config.php.sample b/config.php.sample index 21b6865e1..42d42cf86 100644 --- a/config.php.sample +++ b/config.php.sample @@ -38,6 +38,8 @@ $config['site']['path'] = 'laconica'; // $config['site']['closed'] = true; // Only allow registration for people invited by another user // $config['site']['inviteonly'] = true; +// Only allow registrations and logins through OpenID +// $config['site']['openidonly'] = true; // Make the site invisible to non-logged-in users // $config['site']['private'] = true; diff --git a/index.php b/index.php index 2e74d38fb..980b9881b 100644 --- a/index.php +++ b/index.php @@ -182,12 +182,20 @@ function main() // If the site is private, and they're not on one of the "public" // parts of the site, redirect to login - if (!$user && common_config('site', 'private') && - !in_array($action, array('login', 'openidlogin', 'finishopenidlogin', - 'recoverpassword', 'api', 'doc', 'register')) && - !preg_match('/rss$/', $action)) { - common_redirect(common_local_url('login')); - return; + if (!$user && common_config('site', 'private')) { + $public_actions = array('openidlogin', 'finishopenidlogin', + 'recoverpassword', 'api', 'doc'); + $login_action = 'openidlogin'; + if (!common_config('site', 'openidonly')) { + $public_actions[] = 'login'; + $public_actions[] = 'register'; + $login_action = 'login'; + } + if (!in_array($action, $public_actions) && + !preg_match('/rss$/', $action)) { + common_redirect(common_local_url($login_action)); + return; + } } $action_class = ucfirst($action).'Action'; diff --git a/lib/action.php b/lib/action.php index 326edf3a0..6da9adab5 100644 --- a/lib/action.php +++ b/lib/action.php @@ -436,12 +436,17 @@ class Action extends HTMLOutputter // lawsuit _('Logout'), _('Logout from the site'), false, 'nav_logout'); } else { - if (!common_config('site', 'closed')) { - $this->menuItem(common_local_url('register'), - _('Register'), _('Create an account'), false, 'nav_register'); + if (!common_config('site', 'openidonly')) { + if (!common_config('site', 'closed')) { + $this->menuItem(common_local_url('register'), + _('Register'), _('Create an account'), false, 'nav_register'); + } + $this->menuItem(common_local_url('login'), + _('Login'), _('Login to the site'), false, 'nav_login'); + } else { + $this->menuItem(common_local_url('openidlogin'), + _('OpenID'), _('Login with OpenID'), false, 'nav_openid'); } - $this->menuItem(common_local_url('login'), - _('Login'), _('Login to the site'), false, 'nav_login'); } $this->menuItem(common_local_url('doc', array('title' => 'help')), _('Help'), _('Help me!'), false, 'nav_help'); diff --git a/lib/common.php b/lib/common.php index be30519f4..bf078378d 100644 --- a/lib/common.php +++ b/lib/common.php @@ -109,6 +109,7 @@ $config = 'broughtbyurl' => null, 'closed' => false, 'inviteonly' => false, + 'openidonly' => false, 'private' => false, 'ssl' => 'never', 'sslserver' => null, diff --git a/lib/facebookaction.php b/lib/facebookaction.php index ab11b613e..289e702c6 100644 --- a/lib/facebookaction.php +++ b/lib/facebookaction.php @@ -256,8 +256,13 @@ class FacebookAction extends Action $this->elementStart('dd'); $this->elementStart('p'); $this->text(sprintf($loginmsg_part1, common_config('site', 'name'))); - $this->element('a', - array('href' => common_local_url('register')), _('Register')); + if (!common_config('site', 'openidonly')) { + $this->element('a', + array('href' => common_local_url('register')), _('Register')); + } else { + $this->element('a', + array('href' => common_local_url('openidlogin')), _('Register')); + } $this->text($loginmsg_part2); $this->elementEnd('p'); $this->elementEnd('dd'); diff --git a/lib/logingroupnav.php b/lib/logingroupnav.php index f23985f3a..919fd3db9 100644 --- a/lib/logingroupnav.php +++ b/lib/logingroupnav.php @@ -72,11 +72,13 @@ class LoginGroupNav extends Widget // action => array('prompt', 'title') $menu = array(); - $menu['login'] = array(_('Login'), - _('Login with a username and password')); - if (!(common_config('site','closed') || common_config('site','inviteonly'))) { - $menu['register'] = array(_('Register'), - _('Sign up for a new account')); + if (!common_config('site','openidonly')) { + $menu['login'] = array(_('Login'), + _('Login with a username and password')); + if (!(common_config('site','closed') || common_config('site','inviteonly'))) { + $menu['register'] = array(_('Register'), + _('Sign up for a new account')); + } } $menu['openidlogin'] = array(_('OpenID'), _('Login or register with OpenID')); -- cgit v1.2.3-54-g00ecf