Skip to content

Instantly share code, notes, and snippets.

@charlycoste

charlycoste/login.haml

Last active December 21, 2015 18:59
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save charlycoste/6351155 to your computer and use it in GitHub Desktop.
Save charlycoste/6351155 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
login.haml
%form{ :method=>'post', :action=>$action }
%h1.maincontentheader = $title
- foreach ($warnings as $warning)
.warning[$warning]
%h2 = $warning->message
%ul
%li = $warning->hint
- foreach ($fields as $field)
%label.block[$field]
%span = $field->label
%input.halfbox{ :type=>$field->type, :size=>$field->size, :name=>$field->name, :id=>$field->id, :value=>$field->value }
- if ($RememberMeTimeout)
%label
%input.checkbox{ :name=>'Cookie', :id=>'id3' }/
%span
.buttonblock
%input{:class=>'defaultbutton', :type=>'submit', :name=>'LoginButton', :value=$login }/
%input{:class=>'button', :type=>'submit', :name=>'RegisterButton', :value=$Sign_up }/
-if ($CustomLoginPage)
%p
%a{ :href=>$forgotpassword_url } = $forgot_your_password
%input{ :type=>'hidden', :name=>'RedirectURI', :value=>$User:redirect_uri }/
- if ($User:post_data)
%input{ :name=>"Last_".$key, :value=>$item, :type=>'hidden' }/
Raw
login.mustache
<form method="post" action={{action}}>
<h1 class="maincontentheader">{{title}}</h1>
{{#warning}}
<div class="warning">
<h2>{{message}}</h2>
<ul>
<li>{{hint}}</li>
</ul>
</div>
{{/warning}}
{{#fields}}
<label class="block">
<span>{{label}}</span>
<input class="halfbox" type="{{type}}" {{#size}}size="{{size}}"{{/size}} name="{{name}}" id="{{id}}" value="{{value}}" />
</label>
{{/fields}}
{{#RememberMeTimeout}}
<label>
<input type="checkbox" tabindex="1" name="Cookie" id="id3" />
<span>{{Remember_me}}</span>
</label>
{{/RememberMeTimeout}}
<div class="buttonblock">
<input class="defaultbutton" type="submit" name="LoginButton" value="{{Login}}" tabindex="1" />
<input class="button" type="submit" name="RegisterButton" value="{{Sign_Up}} tabindex="1" />
</div>
{{#CustomLoginPage}}
<p><a href={'/user/forgotpassword'|ezurl}>{{Forgot_your_password}}</a></p>
{{/CustomLoginPage}}
<input type="hidden" name="RedirectURI" value="{{$User:redirect_uri}}" />
{{#$User:post_data}}
<input name="Last_{{key}}" value="{{$item}}" type="hidden" />
{{/$User:post_data}}
</form>
Raw
login.php
<?php
/**
* @copyright Copyright (C) 1999-2013 eZ Systems AS. All rights reserved.
* @license http://www.gnu.org/licenses/gpl-2.0.txt GNU General Public License v2
* @version //autogentag//
* @package kernel
*/
//$Module->setExitStatus( EZ_MODULE_STATUS_SHOW_LOGIN_PAGE );
$Module = $Params['Module'];
$ini = eZINI::instance();
$http = eZHTTPTool::instance();
$userLogin = '';
$userPassword = '';
$userRedirectURI = '';
$loginWarning = false;
$siteAccessAllowed = true;
$siteAccessName = false;
if ( isset( $Params['SiteAccessAllowed'] ) )
$siteAccessAllowed = $Params['SiteAccessAllowed'];
if ( isset( $Params['SiteAccessName'] ) )
$siteAccessName = $Params['SiteAccessName'];
$postData = ''; // Will contain post data from previous page.
if ( $http->hasSessionVariable( '$_POST_BeforeLogin', false ) )
{
$postData = $http->sessionVariable( '$_POST_BeforeLogin' );
$http->removeSessionVariable( '$_POST_BeforeLogin' );
}
if ( $Module->isCurrentAction( 'Login' ) and
$Module->hasActionParameter( 'UserLogin' ) and
$Module->hasActionParameter( 'UserPassword' ) and
!$http->hasPostVariable( "RegisterButton" )
)
{
$userLogin = $Module->actionParameter( 'UserLogin' );
$userPassword = $Module->actionParameter( 'UserPassword' );
$userRedirectURI = $Module->actionParameter( 'UserRedirectURI' );
if ( trim( $userRedirectURI ) == "" )
{
// Only use redirection if RequireUserLogin is disabled
$requireUserLogin = ( $ini->variable( "SiteAccessSettings", "RequireUserLogin" ) == "true" );
if ( !$requireUserLogin )
{
$userRedirectURI = trim( $http->postVariable( 'RedirectURI', '' ) );
if ( empty( $userRedirectURI ) )
{
$userRedirectURI = $http->sessionVariable( 'LastAccessesURI', '/' );
}
}
if ( $http->hasSessionVariable( "RedirectAfterLogin", false ) )
{
$userRedirectURI = $http->sessionVariable( "RedirectAfterLogin" );
}
}
// Save array of previous post variables in session variable
$post = $http->attribute( 'post' );
$lastPostVars = array();
foreach ( array_keys( $post ) as $postKey )
{
if ( substr( $postKey, 0, 5 ) == 'Last_' )
$lastPostVars[ substr( $postKey, 5, strlen( $postKey ) )] = $post[ $postKey ];
}
if ( count( $lastPostVars ) > 0 )
{
$postData = $lastPostVars;
$http->setSessionVariable( 'LastPostVars', $lastPostVars );
}
$user = false;
if ( $userLogin != '' )
{
if ( $http->hasSessionVariable( "RedirectAfterLogin", false ) )
{
$http->removeSessionVariable( 'RedirectAfterLogin' );
}
if ( $ini->hasVariable( 'UserSettings', 'LoginHandler' ) )
{
$loginHandlers = $ini->variable( 'UserSettings', 'LoginHandler' );
}
else
{
$loginHandlers = array( 'standard' );
}
$hasAccessToSite = true;
if ( $http->hasPostVariable( 'Cookie' )
&& $ini->hasVariable( 'Session', 'RememberMeTimeout' )
&& ( $rememberMeTimeout = $ini->variable( 'Session', 'RememberMeTimeout' ) )
)
{
eZSession::setCookieLifetime( $rememberMeTimeout );
}
foreach ( array_keys ( $loginHandlers ) as $key )
{
$loginHandler = $loginHandlers[$key];
$userClass = eZUserLoginHandler::instance( $loginHandler );
if ( !is_object( $userClass ) )
{
continue;
}
$user = $userClass->loginUser( $userLogin, $userPassword );
if ( $user instanceof eZUser )
{
$hasAccessToSite = $user->canLoginToSiteAccess( $GLOBALS['eZCurrentAccess'] );
if ( !$hasAccessToSite )
{
$user->logoutCurrent();
$user = null;
$siteAccessName = $GLOBALS['eZCurrentAccess']['name'];
$siteAccessAllowed = false;
}
break;
}
}
if ( !( $user instanceof eZUser ) and $hasAccessToSite )
$loginWarning = true;
}
else
{
$loginWarning = true;
}
$redirectionURI = $userRedirectURI;
// Determine if we already know redirection URI.
$haveRedirectionURI = ( $redirectionURI != '' && $redirectionURI != '/' );
if ( !$haveRedirectionURI )
$redirectionURI = $ini->variable( 'SiteSettings', 'DefaultPage' );
/* If the user has successfully passed authorization
* and we don't know redirection URI yet.
*/
if ( is_object( $user ) && !$haveRedirectionURI )
{
/*
* Choose where to redirect the user to after successful login.
* The checks are done in the following order:
* 1. Per-user.
* 2. Per-group.
* If the user object is published under several groups, main node is chosen
* (it its URI non-empty; otherwise first non-empty URI is chosen from the group list -- if any).
*
* See doc/features/3.8/advanced_redirection_after_user_login.txt for more information.
*/
// First, let's determine which attributes we should search redirection URI in.
$userUriAttrName = '';
$groupUriAttrName = '';
if ( $ini->hasVariable( 'UserSettings', 'LoginRedirectionUriAttribute' ) )
{
$uriAttrNames = $ini->variable( 'UserSettings', 'LoginRedirectionUriAttribute' );
if ( is_array( $uriAttrNames ) )
{
if ( isset( $uriAttrNames['user'] ) )
$userUriAttrName = $uriAttrNames['user'];
if ( isset( $uriAttrNames['group'] ) )
$groupUriAttrName = $uriAttrNames['group'];
}
}
$userObject = $user->attribute( 'contentobject' );
// 1. Check if redirection URI is specified for the user
$userUriSpecified = false;
if ( $userUriAttrName )
{
$userDataMap = $userObject->attribute( 'data_map' );
if ( !isset( $userDataMap[$userUriAttrName] ) )
{
eZDebug::writeWarning( "Cannot find redirection URI: there is no attribute '$userUriAttrName' in object '" .
$userObject->attribute( 'name' ) .
"' of class '" .
$userObject->attribute( 'class_name' ) . "'." );
}
elseif ( ( $uriAttribute = $userDataMap[$userUriAttrName] ) &&
( $uri = $uriAttribute->attribute( 'content' ) ) )
{
$redirectionURI = $uri;
$userUriSpecified = true;
}
}
// 2.Check if redirection URI is specified for at least one of the user's groups (preferring main parent group).
if ( !$userUriSpecified && $groupUriAttrName && $user->hasAttribute( 'groups' ) )
{
$groups = $user->attribute( 'groups' );
if ( isset( $groups ) && is_array( $groups ) )
{
$chosenGroupURI = '';
foreach ( $groups as $groupID )
{
$group = eZContentObject::fetch( $groupID );
$groupDataMap = $group->attribute( 'data_map' );
$isMainParent = ( $group->attribute( 'main_node_id' ) == $userObject->attribute( 'main_parent_node_id' ) );
if ( !isset( $groupDataMap[$groupUriAttrName] ) )
{
eZDebug::writeWarning( "Cannot find redirection URI: there is no attribute '$groupUriAttrName' in object '" .
$group->attribute( 'name' ) .
"' of class '" .
$group->attribute( 'class_name' ) . "'." );
continue;
}
$uri = $groupDataMap[$groupUriAttrName]->attribute( 'content' );
if ( $uri )
{
if ( $isMainParent )
{
$chosenGroupURI = $uri;
break;
}
elseif ( !$chosenGroupURI )
$chosenGroupURI = $uri;
}
}
if ( $chosenGroupURI ) // if we've chose an URI from one of the user's groups.
$redirectionURI = $chosenGroupURI;
}
}
}
$userID = 0;
if ( $user instanceof eZUser )
$userID = $user->id();
if ( $userID > 0 )
{
$http->removeSessionVariable( 'eZUserLoggedInID' );
$http->setSessionVariable( 'eZUserLoggedInID', $userID );
// Remove all temporary drafts
eZContentObject::cleanupAllInternalDrafts( $userID );
return $Module->redirectTo( $redirectionURI );
}
}
else
{
// called from outside of a template (?)
$requestedURI = $GLOBALS['eZRequestedURI'];
if ( $requestedURI instanceof eZURI )
{
$requestedModule = $requestedURI->element( 0, false );
$requestedView = $requestedURI->element( 1, false );
if ( $requestedModule != 'user' or
$requestedView != 'login' )
$userRedirectURI = $requestedURI->originalURIString( false );
}
}
if ( $http->hasPostVariable( "RegisterButton" ) )
{
$Module->redirectToView( 'register' );
}
$userIsNotAllowedToLogin = false;
$failedLoginAttempts = false;
$maxNumOfFailedLogin = !eZUser::isTrusted() ? eZUser::maxNumberOfFailedLogin() : false;
// Should we show message about failed login attempt and max number of failed login
if ( $loginWarning and isset( $GLOBALS['eZFailedLoginAttemptUserID'] ) )
{
$showMessageIfExceeded = $ini->hasVariable( 'UserSettings', 'ShowMessageIfExceeded' ) ? $ini->variable( 'UserSettings', 'ShowMessageIfExceeded' ) == 'true' : false;
$failedUserID = $GLOBALS['eZFailedLoginAttemptUserID'];
$failedLoginAttempts = eZUser::failedLoginAttemptsByUserID( $failedUserID );
$canLogin = eZUser::isEnabledAfterFailedLogin( $failedUserID );
if ( $showMessageIfExceeded and !$canLogin )
$userIsNotAllowedToLogin = true;
}
$tpl = eZTemplate::factory();
$tpl->setVariable( 'login', $userLogin, 'User' );
$tpl->setVariable( 'post_data', $postData, 'User' );
$tpl->setVariable( 'password', $userPassword, 'User' );
$tpl->setVariable( 'redirect_uri', $userRedirectURI . eZSys::queryString(), 'User' );
$tpl->setVariable( 'warning', array( 'bad_login' => $loginWarning ), 'User' );
$tpl->setVariable( 'site_access', array( 'allowed' => $siteAccessAllowed,
'name' => $siteAccessName ) );
$tpl->setVariable( 'user_is_not_allowed_to_login', $userIsNotAllowedToLogin, 'User' );
$tpl->setVariable( 'failed_login_attempts', $failedLoginAttempts, 'User' );
$tpl->setVariable( 'max_num_of_failed_login', $maxNumOfFailedLogin, 'User' );
$Result = array();
$Result['content'] = $tpl->fetch( 'design:user/login.tpl' );
$Result['path'] = array( array( 'text' => ezpI18n::tr( 'kernel/user', 'User' ),
'url' => false ),
array( 'text' => ezpI18n::tr( 'kernel/user', 'Login' ),
'url' => false ) );
if ( $ini->variable( 'SiteSettings', 'LoginPage' ) == 'custom' )
$Result['pagelayout'] = 'loginpagelayout.tpl';
?>
Raw
login.tpl
{* DO NOT EDIT THIS FILE! Use an override template instead. *}
<form method="post" action={"/user/login/"|ezurl}>
<div class="maincontentheader">
<h1>{"Login"|i18n("design/standard/user")}</h1>
</div>
{if $User:warning.bad_login}
<div class="warning">
<h2>{"Could not login"|i18n("design/standard/user")}</h2>
<ul>
<li>{"A valid username and password is required to login."|i18n("design/standard/user")}</li>
</ul>
</div>
{else}
{if $site_access.allowed|not}
<div class="warning">
<h2>{"Access not allowed"|i18n("design/standard/user")}</h2>
<ul>
<li>{"You are not allowed to access %1."|i18n("design/standard/user",,array($site_access.name))}</li>
</ul>
</div>
{/if}
{/if}
<div class="block">
<label for="id1">{"Username"|i18n("design/standard/user",'User name')}</label><div class="labelbreak"></div>
<input class="halfbox" type="text" size="10" name="Login" id="id1" value="{$User:login|wash}" tabindex="1" />
</div>
<div class="block">
<label for="id2">{"Password"|i18n("design/standard/user")}</label><div class="labelbreak"></div>
<input class="halfbox" type="password" size="10" name="Password" id="id2" value="" tabindex="1" />
</div>
{if and( ezini_hasvariable( 'Session', 'RememberMeTimeout' ), ezini( 'Session', 'RememberMeTimeout' ) )}
<div class="block">
<input type="checkbox" tabindex="1" name="Cookie" id="id3" /><label for="id3" style="display:inline;">{"Remember me"|i18n("design/admin/user/login")}</label>
</div>
{/if}
<div class="buttonblock">
<input class="defaultbutton" type="submit" name="LoginButton" value="{'Login'|i18n('design/standard/user','Button')}" tabindex="1" />
<input class="button" type="submit" name="RegisterButton" value="{'Sign Up'|i18n('design/standard/user','Button')}" tabindex="1" />
</div>
{if ezini( 'SiteSettings', 'LoginPage' )|eq( 'custom' )}
<p><a href={'/user/forgotpassword'|ezurl}>{'Forgot your password?'|i18n( 'design/standard/user' )}</a></p>
{/if}
<input type="hidden" name="RedirectURI" value="{$User:redirect_uri|wash}" />
{section show=and( is_set( $User:post_data ), is_array( $User:post_data ) )}
{section name=postData loop=$User:post_data }
<input name="Last_{$postData:key|wash}" value="{$postData:item|wash}" type="hidden" /><br/>
{/section}
{/section}
</form>
Raw
patch.php
$tpl->setVariable('action', eZURI::transformURI('/user/login'));
...
Raw
simple-login.tpl
{* DO NOT EDIT THIS FILE! Use an override template instead. *}
<form method="post" action={"/user/login/"|ezurl}>
<h1 class="maincontentheader">{"Login"|i18n("design/standard/user")}</h1>
{if $User:warning.bad_login}
<div class="warning">
<h2>{"Could not login"|i18n("design/standard/user")}</h2>
<ul>
<li>{"A valid username and password is required to login."|i18n("design/standard/user")}</li>
</ul>
</div>
{elseif $site_access.allowed|not}
<div class="warning">
<h2>{"Access not allowed"|i18n("design/standard/user")}</h2>
<ul>
<li>{"You are not allowed to access %1."|i18n("design/standard/user",,array($site_access.name))}</li>
</ul>
</div>
{/if}
<label class="block">
<span>{"Username"|i18n("design/standard/user",'User name')}
<input class="halfbox" type="text" size="10" name="Login" id="id1" value="{$User:login|wash}" tabindex="1" />
</label>
<label class="block">
<span>{"Password"|i18n("design/standard/user")}</span>
<input class="halfbox" type="password" size="10" name="Password" id="id2" value="" tabindex="1" />
</label>
{if and( ezini_hasvariable( 'Session', 'RememberMeTimeout' ), ezini( 'Session', 'RememberMeTimeout' ) )}
<label>
<input type="checkbox" tabindex="1" name="Cookie" id="id3" />
<span>{"Remember me"|i18n("design/admin/user/login")}</span>
</label>
{/if}
<div class="buttonblock">
<input class="defaultbutton" type="submit" name="LoginButton" value="{'Login'|i18n('design/standard/user','Button')}" tabindex="1" />
<input class="button" type="submit" name="RegisterButton" value="{'Sign Up'|i18n('design/standard/user','Button')}" tabindex="1" />
</div>
{if ezini( 'SiteSettings', 'LoginPage' )|eq( 'custom' )}
<p><a href={'/user/forgotpassword'|ezurl}>{'Forgot your password?'|i18n( 'design/standard/user' )}</a></p>
{/if}
<input type="hidden" name="RedirectURI" value="{$User:redirect_uri|wash}" />
{if and( is_set( $User:post_data ), is_array( $User:post_data ) )}
{foreach $User:post_data as $key=>$item}
<input name="Last_{$key|wash}" value="{$item|wash}" type="hidden" />
{/foreach}
{/if}
</form>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment