From 14b46e2183f10359cc53d597913a878f53e23719 Mon Sep 17 00:00:00 2001 From: Jeffery To Date: Sun, 9 Aug 2009 19:12:59 +0800 Subject: Added configuration option to only allow OpenID logins. If $config['site']['openidonly'] is set to true: * the Login/Register pages will be removed from the navigation; * directly accesses to the Login/Register pages will redirect to the OpenID login page; * most links to the Login/Register pages will link to the OpenID login page instead. The user will still need to set a password to access the API and RSS feeds. --- actions/login.php | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'actions/login.php') diff --git a/actions/login.php b/actions/login.php index 50de83f6f..c20854f15 100644 --- a/actions/login.php +++ b/actions/login.php @@ -65,6 +65,8 @@ class LoginAction extends Action * * Switches on request method; either shows the form or handles its input. * + * Checks if only OpenID is allowed and redirects to openidlogin if so. + * * @param array $args $_REQUEST data * * @return void @@ -73,7 +75,9 @@ class LoginAction extends Action function handle($args) { parent::handle($args); - if (common_is_real_login()) { + if (common_config('site', 'openidonly')) { + common_redirect(common_local_url('openidlogin')); + } else if (common_is_real_login()) { $this->clientError(_('Already logged in.')); } else if ($_SERVER['REQUEST_METHOD'] == 'POST') { $this->checkLogin(); -- cgit v1.2.3-54-g00ecf From 7dc3a90d1252137859a687e32313ea569dcf8796 Mon Sep 17 00:00:00 2001 From: Jeffery To Date: Thu, 13 Aug 2009 22:18:06 +0800 Subject: Added a configuration option to disable OpenID. If $config['openid']['enabled'] is set to false, OpenID is removed from the navigation and direct accesses to OpenID login pages redirect to the login page. If OpenID is enabled, $config['site']['openidonly'] is ignored, i.e. OpenID is required to go OpenID-only. --- README | 8 ++++++++ actions/finishopenidlogin.php | 4 +++- actions/login.php | 6 +++++- actions/openidlogin.php | 4 +++- actions/openidsettings.php | 6 ++++++ actions/register.php | 24 ++++++++++++++++-------- config.php.sample | 3 +++ lib/accountsettingsaction.php | 4 ++++ lib/action.php | 3 ++- lib/common.php | 8 ++++++++ lib/logingroupnav.php | 6 ++++-- 11 files changed, 62 insertions(+), 14 deletions(-) (limited to 'actions/login.php') diff --git a/README b/README index e37934aaa..023061b80 100644 --- a/README +++ b/README @@ -1169,6 +1169,14 @@ For configuring invites. enabled: Whether to allow users to send invites. Default true. +openid +------ + +For configuring OpenID. + +enabled: Whether to allow users to register and login using OpenID. Default + true. + tag --- diff --git a/actions/finishopenidlogin.php b/actions/finishopenidlogin.php index ba1e933e3..a29195826 100644 --- a/actions/finishopenidlogin.php +++ b/actions/finishopenidlogin.php @@ -30,7 +30,9 @@ class FinishopenidloginAction extends Action function handle($args) { parent::handle($args); - if (common_is_real_login()) { + if (!common_config('openid', 'enabled')) { + common_redirect(common_local_url('login')); + } else if (common_is_real_login()) { $this->clientError(_('Already logged in.')); } else if ($_SERVER['REQUEST_METHOD'] == 'POST') { $token = $this->trimmed('token'); diff --git a/actions/login.php b/actions/login.php index c20854f15..6f1b4777e 100644 --- a/actions/login.php +++ b/actions/login.php @@ -251,11 +251,15 @@ class LoginAction extends Action return _('For security reasons, please re-enter your ' . 'user name and password ' . 'before changing your settings.'); - } else { + } else if (common_config('openid', 'enabled')) { return _('Login with your username and password. ' . 'Don\'t have a username yet? ' . '[Register](%%action.register%%) a new account, or ' . 'try [OpenID](%%action.openidlogin%%). '); + } else { + return _('Login with your username and password. ' . + 'Don\'t have a username yet? ' . + '[Register](%%action.register%%) a new account.'); } } diff --git a/actions/openidlogin.php b/actions/openidlogin.php index a8d052096..744aae713 100644 --- a/actions/openidlogin.php +++ b/actions/openidlogin.php @@ -26,7 +26,9 @@ class OpenidloginAction extends Action function handle($args) { parent::handle($args); - if (common_is_real_login()) { + if (!common_config('openid', 'enabled')) { + common_redirect(common_local_url('login')); + } else if (common_is_real_login()) { $this->clientError(_('Already logged in.')); } else if ($_SERVER['REQUEST_METHOD'] == 'POST') { $openid_url = $this->trimmed('openid_url'); diff --git a/actions/openidsettings.php b/actions/openidsettings.php index 5f59ebc01..40a480dc4 100644 --- a/actions/openidsettings.php +++ b/actions/openidsettings.php @@ -82,6 +82,12 @@ class OpenidsettingsAction extends AccountSettingsAction function showContent() { + if (!common_config('openid', 'enabled')) { + $this->element('div', array('class' => 'error'), + _('OpenID is not available.')); + return; + } + $user = common_current_user(); $this->elementStart('form', array('method' => 'post', diff --git a/actions/register.php b/actions/register.php index 046a76b80..683d21af8 100644 --- a/actions/register.php +++ b/actions/register.php @@ -329,14 +329,22 @@ class RegisterAction extends Action } else if ($this->error) { $this->element('p', 'error', $this->error); } else { - $instr = - common_markup_to_html(_('With this form you can create '. - ' a new account. ' . - 'You can then post notices and '. - 'link up to friends and colleagues. '. - '(Have an [OpenID](http://openid.net/)? ' . - 'Try our [OpenID registration]'. - '(%%action.openidlogin%%)!)')); + if (common_config('openid', 'enabled')) { + $instr = + common_markup_to_html(_('With this form you can create '. + ' a new account. ' . + 'You can then post notices and '. + 'link up to friends and colleagues. '. + '(Have an [OpenID](http://openid.net/)? ' . + 'Try our [OpenID registration]'. + '(%%action.openidlogin%%)!)')); + } else { + $instr = + common_markup_to_html(_('With this form you can create '. + ' a new account. ' . + 'You can then post notices and '. + 'link up to friends and colleagues.')); + } $this->elementStart('div', 'instructions'); $this->raw($instr); diff --git a/config.php.sample b/config.php.sample index 8b4b777f2..1dc123aaf 100644 --- a/config.php.sample +++ b/config.php.sample @@ -99,6 +99,9 @@ $config['sphinx']['port'] = 3312; // $config['xmpp']['public'][] = 'someindexer@example.net'; // $config['xmpp']['debug'] = false; +// Disable OpenID +// $config['openid']['enabled'] = false; + // Turn off invites // $config['invite']['enabled'] = false; diff --git a/lib/accountsettingsaction.php b/lib/accountsettingsaction.php index 4ab50abce..1a21d871e 100644 --- a/lib/accountsettingsaction.php +++ b/lib/accountsettingsaction.php @@ -126,6 +126,10 @@ class AccountSettingsNav extends Widget $this->action->elementStart('ul', array('class' => 'nav')); foreach ($menu as $menuaction => $menudesc) { + if ($menuaction == 'openidsettings' && + !common_config('openid', 'enabled')) { + continue; + } $this->action->menuItem(common_local_url($menuaction), $menudesc[0], $menudesc[1], diff --git a/lib/action.php b/lib/action.php index 1bdc4daea..092a0ec9a 100644 --- a/lib/action.php +++ b/lib/action.php @@ -443,7 +443,8 @@ class Action extends HTMLOutputter // lawsuit } $this->menuItem(common_local_url('login'), _('Login'), _('Login to the site'), false, 'nav_login'); - } else { + } + if (common_config('openid', 'enabled')) { $this->menuItem(common_local_url('openidlogin'), _('OpenID'), _('Login with OpenID'), false, 'nav_openid'); } diff --git a/lib/common.php b/lib/common.php index f26155e70..3fc047af9 100644 --- a/lib/common.php +++ b/lib/common.php @@ -170,6 +170,8 @@ $config = 'host' => null, # only set if != server 'debug' => false, # print extra debug info 'public' => array()), # JIDs of users who want to receive the public stream + 'openid' => + array('enabled' => true), 'invite' => array('enabled' => true), 'sphinx' => @@ -371,6 +373,12 @@ if ($_db_name != 'laconica' && !array_key_exists('ini_'.$_db_name, $config['db'] $config['db']['ini_'.$_db_name] = INSTALLDIR.'/classes/laconica.ini'; } +// Ignore openidonly if OpenID is disabled + +if (!$config['openid']['enabled']) { + $config['site']['openidonly'] = false; +} + // XXX: how many of these could be auto-loaded on use? require_once 'Validate.php'; diff --git a/lib/logingroupnav.php b/lib/logingroupnav.php index 919fd3db9..2fb1828d6 100644 --- a/lib/logingroupnav.php +++ b/lib/logingroupnav.php @@ -80,8 +80,10 @@ class LoginGroupNav extends Widget _('Sign up for a new account')); } } - $menu['openidlogin'] = array(_('OpenID'), - _('Login or register with OpenID')); + if (common_config('openid', 'enabled')) { + $menu['openidlogin'] = array(_('OpenID'), + _('Login or register with OpenID')); + } $action_name = $this->action->trimmed('action'); $this->action->elementStart('ul', array('class' => 'nav')); -- cgit v1.2.3-54-g00ecf