FEATURE: Optionally skip the create account popup for external auth

2025-02-25 18:55:32 -06:00 · 2020-06-18 18:53:17 +01:00 · 2020-06-18 18:53:17 +01:00 · 5284d41a8e
commit 5284d41a8e
parent 041d28295f
6 changed files with 107 additions and 25 deletions
--- a/app/assets/javascripts/discourse/app/controllers/create-account.js
+++ b/app/assets/javascripts/discourse/app/controllers/create-account.js
@ -20,6 +20,7 @@ import { userPath } from "discourse/lib/url";
 import { findAll } from "discourse/models/login-method";
 import EmberObject from "@ember/object";
 import User from "discourse/models/user";
 import { Promise } from "rsvp";
 export default Controller.extend(
  ModalFunctionality,
@ -41,9 +42,13 @@ export default Controller.extend(
    hasAuthOptions: notEmpty("authOptions"),
    canCreateLocal: setting("enable_local_logins"),
    showCreateForm: or("hasAuthOptions", "canCreateLocal"),
    requireInviteCode: setting("require_invite_code"),
    @discourseComputed("hasAuthOptions", "canCreateLocal", "skipConfirmation")
    showCreateForm(hasAuthOptions, canCreateLocal, skipConfirmation) {
      return (hasAuthOptions || canCreateLocal) && !skipConfirmation;
    },
    resetForm() {
      // We wrap the fields in a structure so we can assign a value
      this.setProperties({
@ -197,26 +202,44 @@ export default Controller.extend(
    @on("init")
    fetchConfirmationValue() {
-      return ajax(userPath("hp.json")).then(json => {
+      if (this._challengeDate === undefined && this._hpPromise) {
-        this._challengeDate = new Date();
+        // Request already in progress
-        // remove 30 seconds for jitter, make sure this works for at least
+        return this._hpPromise;
-        // 30 seconds so we don't have hard loops
+      }
        this._challengeExpiry = parseInt(json.expires_in, 10) - 30;
        if (this._challengeExpiry < 30) {
          this._challengeExpiry = 30;
        }
-        this.setProperties({
+      this._hpPromise = ajax(userPath("hp.json"))
-          accountHoneypot: json.value,
+        .then(json => {
-          accountChallenge: json.challenge
+          this._challengeDate = new Date();
-            .split("")
+          // remove 30 seconds for jitter, make sure this works for at least
-            .reverse()
+          // 30 seconds so we don't have hard loops
-            .join("")
+          this._challengeExpiry = parseInt(json.expires_in, 10) - 30;
-        });
+          if (this._challengeExpiry < 30) {
-      });
+            this._challengeExpiry = 30;
          }
          this.setProperties({
            accountHoneypot: json.value,
            accountChallenge: json.challenge
              .split("")
              .reverse()
              .join("")
          });
        })
        .finally(() => (this._hpPromise = undefined));
      return this._hpPromise;
    },
    performAccountCreation() {
      if (
        !this._challengeDate ||
        new Date() - this._challengeDate > 1000 * this._challengeExpiry
      ) {
        return this.fetchConfirmationValue().then(() =>
          this.performAccountCreation()
        );
      }
      const attrs = this.getProperties(
        "accountName",
        "accountEmail",
@ -263,6 +286,7 @@ export default Controller.extend(
              .find("input[name=redirect]")
              .val(userPath("account-created"));
            $hidden_login_form.submit();
            return new Promise(() => {}); // This will never resolve, the page will reload instead
          } else {
            this.flash(
              result.message || I18n.t("create_account.failed"),
@ -298,6 +322,14 @@ export default Controller.extend(
      );
    },
    onShow() {
      if (this.skipConfirmation) {
        this.performAccountCreation().finally(() =>
          this.set("skipConfirmation", false)
        );
      }
    },
    actions: {
      externalLogin(provider) {
        this.login.send("externalLogin", provider);
@ -332,13 +364,7 @@ export default Controller.extend(
          return;
        }
-        if (new Date() - this._challengeDate > 1000 * this._challengeExpiry) {
+        this.performAccountCreation();
          this.fetchConfirmationValue().then(() =>
            this.performAccountCreation()
          );
        } else {
          this.performAccountCreation();
        }
      }
    }
  }
--- a/app/assets/javascripts/discourse/app/controllers/login.js
+++ b/app/assets/javascripts/discourse/app/controllers/login.js
@ -381,12 +381,16 @@ export default Controller.extend(ModalFunctionality, {
      return;
    }
    const skipConfirmation =
      options && this.siteSettings.external_auth_skip_create_confirm;
    const createAccountController = this.createAccount;
    createAccountController.setProperties({
      accountEmail: options.email,
      accountUsername: options.username,
      accountName: options.name,
-      authOptions: EmberObject.create(options)
+      authOptions: EmberObject.create(options),
      skipConfirmation
    });
    showModal("createAccount", { modalClass: "create-account" });
--- a/app/assets/javascripts/discourse/app/templates/modal/create-account.hbs
+++ b/app/assets/javascripts/discourse/app/templates/modal/create-account.hbs
@ -7,6 +7,10 @@
        {{login-buttons externalLogin=(action "externalLogin")}}
      {{/unless}}
      {{#if skipConfirmation}}
        {{loading-spinner size="large"}}
      {{/if}}
      {{#if showCreateForm}}
        <div class="login-form">
          <form>
--- a/config/locales/server.en.yml
+++ b/config/locales/server.en.yml
@ -1624,6 +1624,8 @@ en:
    password_unique_characters: "Minimum number of unique characters that a password must have."
    block_common_passwords: "Don't allow passwords that are in the 10,000 most common passwords."
    external_auth_skip_create_confirm: When signing up via external auth, skip the create account popup. Best used alongside sso_overrides_email, sso_overrides_username and sso_overrides_name.
    enable_sso: "Enable single sign on via an external site (WARNING: USERS' EMAIL ADDRESSES *MUST* BE VALIDATED BY THE EXTERNAL SITE!)"
    verbose_sso_logging: "Log verbose SSO related diagnostics to <a href='%{base_path}/logs' target='_blank'>/logs</a>"
    enable_sso_provider: "Implement Discourse SSO provider protocol at the /session/sso_provider endpoint, requires sso_provider_secrets to be set"
--- a/config/site_settings.yml
+++ b/config/site_settings.yml
@ -379,6 +379,9 @@ login:
  discord_trusted_guilds:
    default: ""
    type: list
  external_auth_skip_create_confirm: 
    default: false
    client: true
  enable_sso:
    client: true
    default: false
--- a/test/javascripts/acceptance/create-account-external-test.js
+++ b/test/javascripts/acceptance/create-account-external-test.js
@ -0,0 +1,43 @@
 import { acceptance } from "helpers/qunit-helpers";
 acceptance("Create Account - external auth", {
  beforeEach() {
    const node = document.createElement("meta");
    node.dataset.authenticationData = JSON.stringify({
      auth_provider: "test",
      email: "blah@example.com",
      can_edit_username: true,
      can_edit_name: true
    });
    node.id = "data-authentication";
    document.querySelector("head").appendChild(node);
  },
  afterEach() {
    document
      .querySelector("head")
      .removeChild(document.getElementById("data-authentication"));
  }
 });
 QUnit.test("when skip is disabled (default)", async assert => {
  await visit("/");
  assert.ok(
    exists("#discourse-modal div.create-account"),
    "it shows the registration modal"
  );
  assert.ok(exists("#new-account-username"), "it shows the fields");
 });
 QUnit.test("when skip is enabled", async assert => {
  Discourse.SiteSettings.external_auth_skip_create_confirm = true;
  await visit("/");
  assert.ok(
    exists("#discourse-modal div.create-account"),
    "it shows the registration modal"
  );
  assert.not(exists("#new-account-username"), "it does not show the fields");
 });