IntenseWebs/discourse
3
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-02-25 18:55:32 -06:00
Code Issues Packages Projects Releases Wiki Activity

FEATURE: sso_overrides_(email|username|name) for all auth methods

Browse Source 
These settings previously applied only to discourse-sso. Now they work for all external authentication methods.
This commit is contained in:
David Taylor
2020-06-18 11:01:02 +01:00
parent ec448a1516
commit 977766e7a8
14 changed files with 143 additions and 60 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
app/assets/javascripts/discourse/app/controllers/create-account.js
View File

@@ -2,7 +2,7 @@ import getURL from "discourse-common/lib/get-url";
import I18n from "I18n";
import { A } from "@ember/array";
import { isEmpty } from "@ember/utils";
import { notEmpty, or, not } from "@ember/object/computed";
import { notEmpty, and } from "@ember/object/computed";
import Controller, { inject as controller } from "@ember/controller";
import { ajax } from "discourse/lib/ajax";
import ModalFunctionality from "discourse/mixins/modal-functionality";
@@ -69,7 +69,8 @@ export default Controller.extend(
return false;
},
usernameRequired: not("authOptions.omit_username"),
usernameDisabled: and("authOptions", "!authOptions.can_edit_username"),
nameDisabled: and("authOptions", "!authOptions.can_edit_name"),
@discourseComputed
fullnameRequired() {

2
app/assets/javascripts/discourse/app/controllers/login.js
View File

@@ -389,6 +389,6 @@ export default Controller.extend(ModalFunctionality, {
authOptions: EmberObject.create(options)
});
showModal("createAccount");
showModal("createAccount", { modalClass: "create-account" });
}
});

38
app/assets/javascripts/discourse/app/templates/modal/create-account.hbs
View File

@@ -15,7 +15,11 @@
<tr class="input create-account-email">
<td class="label"><label for="new-account-email">{{i18n "user.email.title"}}</label></td>
<td>
{{input type="email" value=accountEmail id="new-account-email" disabled=emailValidated name="email" autofocus="autofocus"}}
{{#if emailValidated}}
<span class="value">{{accountEmail}}</span>
{{else}}
{{input type="email" value=accountEmail id="new-account-email" name="email" autofocus="autofocus"}}
{{/if}}
</td>
</tr>
@@ -25,19 +29,21 @@
<td><label>{{i18n "user.email.instructions"}}</label></td>
</tr>
{{#if usernameRequired}}
<tr class="input">
<td class="label"><label for="new-account-username">{{i18n "user.username.title"}}</label></td>
<td>
<tr class="input">
<td class="label"><label for="new-account-username">{{i18n "user.username.title"}}</label></td>
<td>
{{#if usernameDisabled}}
<span class="value">{{accountUsername}}</span>
{{else}}
{{input value=accountUsername id="new-account-username" name="username" maxlength=maxUsernameLength autocomplete="discourse"}}
</td>
</tr>
<tr class="instructions">
<td></td>
{{input-tip validation=usernameValidation id="username-validation"}}
<td><label>{{i18n "user.username.instructions"}}</label></td>
</tr>
{{/if}}
{{/if}}
</td>
</tr>
<tr class="instructions">
<td></td>
{{input-tip validation=usernameValidation id="username-validation"}}
<td><label>{{i18n "user.username.instructions"}}</label></td>
</tr>
{{#if fullnameRequired}}
<tr class="input">
@@ -45,7 +51,11 @@
<label for="new-account-name">{{i18n "user.name.title"}}</label>
</td>
<td>
{{text-field value=accountName id="new-account-name"}}
{{#if nameDisabled}}
<span class="value">{{accountName}}</span>
{{else}}
{{text-field value=accountName id="new-account-name"}}
{{/if}}
</td>
</tr>
<tr class="instructions">

4
app/assets/stylesheets/common/base/login.scss
View File

@@ -69,6 +69,10 @@
margin-top: 0.5em;
}
tr.input span.value {
margin-left: 10px;
}
.user-field {
> label {
margin-top: 0.75em;

2
app/assets/stylesheets/desktop/login.scss
View File

@@ -97,7 +97,7 @@
.has-alt-auth {
.tip,
td label {
max-width: 250px;
max-width: 100%;
}
}

1
app/controllers/users/omniauth_callbacks_controller.rb
View File

@@ -137,6 +137,7 @@ class Users::OmniauthCallbacksController < ApplicationController
elsif ScreenedIpAddress.block_admin_login?(user, request.remote_ip)
@auth_result.admin_not_allowed_from_ip_address = true
elsif Guardian.new(user).can_access_forum? && user.active # log on any account that is active with forum access
user.save! if @auth_result.apply_user_attributes!
log_on_user(user)
Invite.invalidate_for_email(user.email) # invite link can't be used to log in anymore
session[:authentication] = nil # don't carry around old auth info, perhaps move elsewhere

8
app/services/user_authenticator.rb
View File

@@ -6,7 +6,7 @@ class UserAuthenticator
@user = user
@session = session
if session[:authentication] && session[:authentication].is_a?(Hash)
@auth_result = Auth::Result.from_session_data(session[:authentication])
@auth_result = Auth::Result.from_session_data(session[:authentication], user: user)
end
@authenticator_finder = authenticator_finder
end
@@ -14,6 +14,7 @@ class UserAuthenticator
def start
if authenticated?
@user.active = true
@auth_result.apply_user_attributes!
else
@user.password_required!
end
@@ -38,7 +39,10 @@ class UserAuthenticator
end
def authenticated?
@auth_result && @auth_result.email.downcase == @user.email.downcase && @auth_result.email_valid.to_s == "true"
return false if !@auth_result
return false if @auth_result.email.downcase != @user.email.downcase
return false if @auth_result.email_valid != true # strong check for truth, in case we have another object type
true
end
private