Reintroduce email support for login (fixes #165; reverts #e208d30513f7cfafb6405324fee5b88902dcf2fb) - 2
Change-Id: Ia145f1e47295e2e5df0248604262024f87583bab
diff --git a/dev/demo/all.html b/dev/demo/all.html
index 593efe7..7e585ee 100644
--- a/dev/demo/all.html
+++ b/dev/demo/all.html
@@ -22,7 +22,7 @@
<fieldset>
<form>
<legend><span>Anmelden</span></legend>
- <input type="text" name="handle" placeholder="Benutzername" />
+ <input type="text" name="handle_or_email" placeholder="Benutzername" />
<div>
<input type="password" name="pwd" placeholder="Passwort" />
<button type="submit"><span>Go</span></button>
diff --git a/dev/demo/sidebar-login.html b/dev/demo/sidebar-login.html
index 5d395a2..05e0608 100644
--- a/dev/demo/sidebar-login.html
+++ b/dev/demo/sidebar-login.html
@@ -21,7 +21,7 @@
<fieldset>
<form action="/user/login" method="POST">
<legend><span>Anmelden</span></legend>
- <input name="handle" placeholder="Benutzername" type="text">
+ <input name="handle_or_email" placeholder="Benutzername" type="text">
<div>
<input name="pwd" placeholder="Passwort" type="password">
<button type="submit"><span>Los!</span></button>
diff --git a/kalamar.dict b/kalamar.dict
index 6c51d26..f6c4810 100644
--- a/kalamar.dict
+++ b/kalamar.dict
@@ -37,6 +37,7 @@
email => 'Email',
username => 'Benutzername',
upload => 'Hochladen',
+ userormail => 'Benutzername oder Email',
with => 'mit',
glimpse => {
desc => 'Zeige nur die ersten Treffer in beliebiger Reihenfolge'
@@ -126,6 +127,7 @@
email => 'Email',
username => 'Username',
upload => 'Upload',
+ userormail => 'Username or Email',
with => 'with',
notAvailInCorpus => 'Not available in the current corpus',
pubOn => 'published on',
diff --git a/lib/Kalamar/Plugin/Auth.pm b/lib/Kalamar/Plugin/Auth.pm
index d3d347a..dfaaad0 100644
--- a/lib/Kalamar/Plugin/Auth.pm
+++ b/lib/Kalamar/Plugin/Auth.pm
@@ -628,12 +628,12 @@
# Validate input
my $v = $c->validation;
- $v->required('handle', 'trim');
+ $v->required('handle_or_email', 'trim');
$v->required('pwd', 'trim');
$v->csrf_protect;
$v->optional('fwd')->closed_redirect;
- my $user = check_decode($v->param('handle'));
+ my $user = check_decode($v->param('handle_or_email'));
unless ($user) {
$c->notify(error => $c->loc('Auth_invalidChar'));
$c->param(handle_or_email => '');
@@ -643,7 +643,7 @@
my $fwd = $v->param('fwd');
# Set flash for redirect
- $c->flash(handle => $user);
+ $c->flash(handle_or_email => $user);
if ($v->has_error || index($user, ':') >= 0) {
if ($v->has_error('fwd')) {
@@ -761,7 +761,7 @@
$c->stash(auth => undef);
$c->stash(auth_exp => undef);
- $c->flash(handle => delete $c->session->{user});
+ $c->flash(handle_or_email => delete $c->session->{user});
delete $c->session->{auth};
delete $c->session->{auth_r};
delete $c->session->{auth_exp};
@@ -1549,12 +1549,12 @@
# Validate input
my $v = $c->validation;
- $v->required('handle', 'trim');
+ $v->required('handle_or_email', 'trim');
$v->required('pwd', 'trim');
$v->csrf_protect;
$v->optional('fwd')->closed_redirect;
- my $user = check_decode($v->param('handle'));
+ my $user = check_decode($v->param('handle_or_email'));
unless ($user) {
$c->notify(error => $c->loc('Auth_invalidChar'));
$c->param(handle_or_email => '');
@@ -1564,7 +1564,7 @@
my $fwd = $v->param('fwd');
# Set flash for redirect
- $c->flash(handle => $user);
+ $c->flash(handle_or_email => $user);
if ($v->has_error || index($user, ':') >= 0) {
if ($v->has_error('fwd')) {
diff --git a/lib/Kalamar/Plugin/Auth/templates/partial/auth/login.html.ep b/lib/Kalamar/Plugin/Auth/templates/partial/auth/login.html.ep
index 731c153..b80d7ad 100644
--- a/lib/Kalamar/Plugin/Auth/templates/partial/auth/login.html.ep
+++ b/lib/Kalamar/Plugin/Auth/templates/partial/auth/login.html.ep
@@ -1,16 +1,16 @@
%# # user not logged in
% if (!stash('documentation') && !$embedded && !$c->auth->token) {
-% if (flash('handle') && !param('handle')) {
-% param(handle => flash('handle'));
+% if (flash('handle_or_email') && !param('handle_or_email')) {
+% param(handle_or_email => flash('handle_or_email'));
%# Legacy-Support:
-% } elsif (flash('handle_or_email') && !param('handle_or_email')) {
-% param(handle => flash('handle_or_email'));
+% } elsif (flash('handle') && !param('handle')) {
+% param(handle_or_email => flash('handle'));
% };
<fieldset>
%= form_for 'login', 'accept-charset' => 'utf-8', class => 'login', begin
<legend><span><%= loc 'login' %></span></legend>
%= csrf_field
- %= text_field 'handle', placeholder => loc('username')
+ %= text_field 'handle_or_email', placeholder => loc('userormail')
%= hidden_field fwd => $c->url_with
% if (stash('client_id')) {
%= hidden_field 'client_id' => stash('client_id')
diff --git a/t/plugin/auth-oauth.t b/t/plugin/auth-oauth.t
index 45281df..7dc2549 100644
--- a/t/plugin/auth-oauth.t
+++ b/t/plugin/auth-oauth.t
@@ -116,7 +116,7 @@
$t->get_ok('/')
->status_is(200)
- ->element_exists('form[action=/user/login] input[name=handle]')
+ ->element_exists('form[action=/user/login] input[name=handle_or_email]')
->element_exists('aside.active')
->element_exists_not('aside.off')
;
@@ -128,12 +128,12 @@
# Test for bug with long password
$t->post_ok('/user/login' => form => {
- handle => 'test',
+ handle_or_email => 'test',
pwd => 'kjskjhndkjndqknaskjnakjdnkjdankajdnkjdsankjdsakjdfkjahzroiuqzriudjoijdmlamdlkmdsalkmdl' })
->status_is(302)
->header_is('Location' => '/');
-$t->post_ok('/user/login' => form => { handle => 'test', pwd => 'fail' })
+$t->post_ok('/user/login' => form => { handle_or_email => 'test', pwd => 'fail' })
->status_is(302)
->header_is('Location' => '/');
@@ -141,11 +141,11 @@
->status_is(200)
->element_exists('div.notify-error')
->text_is('div.notify-error', 'Bad CSRF token')
- ->element_exists('input[name=handle][value=test]')
+ ->element_exists('input[name=handle_or_email][value=test]')
->element_exists_not('div.button.top a')
;
-$t->post_ok('/user/login' => form => { handle => 'test', pwd => 'pass' })
+$t->post_ok('/user/login' => form => { handle_or_email => 'test', pwd => 'pass' })
->status_is(302)
->header_is('Location' => '/');
@@ -158,7 +158,7 @@
;
$t->post_ok('/user/login' => form => {
- handle => 'test',
+ handle_or_email => 'test',
pwd => 'ldaperr',
csrf_token => $csrf
})
@@ -170,14 +170,14 @@
->status_is(200)
->element_exists('div.notify-error')
->text_is('div.notify-error', '2022: LDAP Authentication failed due to unknown user or password!')
- ->element_exists('input[name=handle][value=test]')
+ ->element_exists('input[name=handle_or_email][value=test]')
->element_exists_not('div.button.top a')
->element_exists_not('div.notify-success')
->tx->res->dom->at('input[name=csrf_token]')->attr('value')
;
$t->post_ok('/user/login' => form => {
- handle => 'test',
+ handle_or_email => 'test',
pwd => 'unknown',
csrf_token => $csrf
})
@@ -189,13 +189,13 @@
->status_is(200)
->element_exists('div.notify-error')
->text_is('div.notify-error', '2022: LDAP Authentication failed due to unknown user or password!')
- ->element_exists('input[name=handle][value=test]')
+ ->element_exists('input[name=handle_or_email][value=test]')
->element_exists_not('div.button.top a')
->tx->res->dom->at('input[name=csrf_token]')->attr('value')
;
$t->post_ok('/user/login' => form => {
- handle => 'test',
+ handle_or_email => 'test',
pwd => 'pass',
csrf_token => $csrf
})
@@ -256,8 +256,8 @@
->element_exists_not('div.notify-error')
->element_exists('div.notify-success')
->text_is('div.notify-success', 'Logout successful')
- ->element_exists("input[name=handle]")
- ->element_exists("input[name=handle][value=test]")
+ ->element_exists("input[name=handle_or_email]")
+ ->element_exists("input[name=handle_or_email][value=test]")
;
$t->get_ok('/?q=Baum')
@@ -286,7 +286,7 @@
is($fwd, '/?q=Baum&ql=poliqarp', 'Redirect is valid');
$t->post_ok('/user/login' => form => {
- handle => 'test',
+ handle_or_email => 'test',
pwd => 'pass',
csrf_token => $csrf,
fwd => 'http://bad.example.com/test'
@@ -302,7 +302,7 @@
;
$t->post_ok('/user/login' => form => {
- handle => 'test',
+ handle_or_email => 'test',
pwd => 'pass',
csrf_token => $csrf,
fwd => $fwd
@@ -436,7 +436,7 @@
# This should fail
my $wide_char_login = "\x{61}\x{E5}\x{61}"; # "\x{443}\x{434}";
$t->post_ok('/user/login' => form => {
- handle => $wide_char_login,
+ handle_or_email => $wide_char_login,
pwd => 'pass',
csrf_token => $csrf,
fwd => $fwd
@@ -448,7 +448,7 @@
->status_is(200)
->element_exists('div.notify-error')
->text_is('div.notify-error', 'Invalid character in request')
- ->element_exists('input[name=handle]:not([value])')
+ ->element_exists('input[name=handle_or_email]:not([value])')
->element_exists_not('div.button.top a')
;
@@ -456,7 +456,7 @@
# UTF8 request
my $username = b('täst')->encode;
$t->post_ok('/user/login' => form => {
- handle => $username,
+ handle_or_email => $username,
pwd => 'pass',
csrf_token => $csrf
})
@@ -783,7 +783,7 @@
->element_exists_not('div.notify-error')
->element_exists('div.notify-success')
->text_is('div.notify-success', 'Logout successful')
- ->element_exists("input[name=handle]")
+ ->element_exists("input[name=handle_or_email]")
->tx->res->dom->at('input[name=csrf_token]')->attr('value')
;
@@ -817,7 +817,7 @@
state => 'abcde',
scope => 'search match',
redirect_uri => 'http://test.com/',
- handle => 'test',
+ handle_or_email => 'test',
pwd => 'pass',
fwd => $fwd
}))
diff --git a/t/plugin/auth.t b/t/plugin/auth.t
index 4ea6a2f..db19a36 100644
--- a/t/plugin/auth.t
+++ b/t/plugin/auth.t
@@ -50,12 +50,12 @@
$t->get_ok('/')
->status_is(200)
- ->element_exists('form[action=/user/login] input[name=handle]')
+ ->element_exists('form[action=/user/login] input[name=handle_or_email]')
->element_exists('aside.active')
->element_exists_not('aside.off')
;
-$t->post_ok('/user/login' => form => { handle => 'test', pwd => 'fail' })
+$t->post_ok('/user/login' => form => { handle_or_email => 'test', pwd => 'fail' })
->status_is(302)
->header_is('Location' => '/');
@@ -63,11 +63,11 @@
->status_is(200)
->element_exists('div.notify-error')
->text_is('div.notify-error', 'Bad CSRF token')
- ->element_exists('input[name=handle][value=test]')
+ ->element_exists('input[name=handle_or_email][value=test]')
->element_exists_not('div.button.top a')
;
-$t->post_ok('/user/login' => form => { handle => 'test', pwd => 'pass' })
+$t->post_ok('/user/login' => form => { handle_or_email => 'test', pwd => 'pass' })
->status_is(302)
->header_is('Location' => '/');
@@ -80,7 +80,7 @@
;
$t->post_ok('/user/login' => form => {
- handle => 'test',
+ handle_or_email => 'test',
pwd => 'ldaperr',
csrf_token => $csrf
})
@@ -92,13 +92,13 @@
->status_is(200)
->element_exists('div.notify-error')
->text_is('div.notify-error', '2022: LDAP Authentication failed due to unknown user or password!')
- ->element_exists('input[name=handle][value=test]')
+ ->element_exists('input[name=handle_or_email][value=test]')
->element_exists_not('div.button.top a')
->tx->res->dom->at('input[name=csrf_token]')->attr('value')
;
$t->post_ok('/user/login' => form => {
- handle => 'test',
+ handle_or_email => 'test',
pwd => 'unknown',
csrf_token => $csrf
})
@@ -110,13 +110,13 @@
->status_is(200)
->element_exists('div.notify-error')
->text_is('div.notify-error', 'Access denied')
- ->element_exists('input[name=handle][value=test]')
+ ->element_exists('input[name=handle_or_email][value=test]')
->element_exists_not('div.button.top a')
->tx->res->dom->at('input[name=csrf_token]')->attr('value')
;
$t->post_ok('/user/login' => form => {
- handle => 'test',
+ handle_or_email => 'test',
pwd => 'pass',
csrf_token => $csrf
})
@@ -175,7 +175,7 @@
is($fwd, '/?q=Baum&ql=poliqarp', 'Redirect is valid');
$t->post_ok('/user/login' => form => {
- handle => 'test',
+ handle_or_email => 'test',
pwd => 'pass',
csrf_token => $csrf,
fwd => 'http://bad.example.com/test'
@@ -191,7 +191,7 @@
;
$t->post_ok('/user/login' => form => {
- handle => 'test',
+ handle_or_email => 'test',
pwd => 'pass',
csrf_token => $csrf,
fwd => $fwd
diff --git a/t/plugin/query_reference.t b/t/plugin/query_reference.t
index 4fdcf09..56053c7 100644
--- a/t/plugin/query_reference.t
+++ b/t/plugin/query_reference.t
@@ -106,7 +106,7 @@
;
$t->post_ok('/user/login' => form => {
- handle => 'test',
+ handle_or_email => 'test',
pwd => 'pass',
csrf_token => $csrf
})
diff --git a/t/subfolder.t b/t/subfolder.t
index f1e5730..88eba3a 100644
--- a/t/subfolder.t
+++ b/t/subfolder.t
@@ -19,7 +19,7 @@
my $q = qr!(?:\"|")!;
-$t->post_ok('/user/login' => form => { handle => 'test', pwd => 'fail' })
+$t->post_ok('/user/login' => form => { handle_or_email => 'test', pwd => 'fail' })
->status_is(302)
->header_is('Location' => '/');
@@ -29,7 +29,7 @@
->element_exists('script[src^=/js/kalamar-]')
->element_exists('div.notify-error')
->text_is('div.notify-error', 'Bad CSRF token')
- ->element_exists('input[name=handle][value=test]')
+ ->element_exists('input[name=handle_or_email][value=test]')
->element_exists_not('div.button.top a')
->attr_is('body','data-korap-url','')
->header_exists_not('Strict-Transport-Security')
@@ -50,7 +50,7 @@
}
});
-$t->post_ok('/user/login' => form => { handle => 'test', pwd => 'fail' })
+$t->post_ok('/user/login' => form => { handle_or_email => 'test', pwd => 'fail' })
->status_is(302)
->header_is('Location' => '/')
->header_is('Strict-Transport-Security', 'max-age=3600; includeSubDomains')
@@ -88,7 +88,7 @@
is('kalamar-koraptest',$t->app->sessions->cookie_name);
ok($t->app->sessions->secure);
-$t->post_ok('/user/login' => form => { handle => 'test', pwd => 'fail' })
+$t->post_ok('/user/login' => form => { handle_or_email => 'test', pwd => 'fail' })
->status_is(302)
->header_is('Location' => '/');