This patch adds separate reset password page. It is a complement to separate login page. It differentiate from reset password capabilities in Web UI's anauthorized dialog by not performing login. This is useful for users who wants only to reset the password and not to use Web UI. And also for users who are using the separate login page.

https://fedorahosted.org/freeipa/ticket/2755
--
Petr Vobornik
From 597c567114d9913acb3cad0924b1eeba6d367573 Mon Sep 17 00:00:00 2001
From: Petr Vobornik <pvobo...@redhat.com>
Date: Fri, 8 Jun 2012 16:38:17 +0200
Subject: [PATCH] Separate reset password page

This patch adds separate reset password page. It is a complement to separate login page. It differentiate from reset password capabilities in Web UI's anauthorized dialog by not performing login. This is useful for users who wants only to reset the password and not to use Web UI. And also for users who are using the separate login page.

https://fedorahosted.org/freeipa/ticket/2755
---
 freeipa.spec.in                                |    4 +
 install/ui/Makefile.am                         |    2 +
 install/ui/ipa.css                             |   11 ++-
 install/ui/jsl.conf                            |    1 +
 install/ui/login.html                          |    3 +-
 install/ui/{login.html => reset_password.html} |   27 +++--
 install/ui/reset_password.js                   |  136 ++++++++++++++++++++++++
 7 files changed, 170 insertions(+), 14 deletions(-)
 copy install/ui/{login.html => reset_password.html} (56%)
 create mode 100644 install/ui/reset_password.js

diff --git a/freeipa.spec.in b/freeipa.spec.in
index de93aecb6142f73528e6aefe89d6bfcb48fc036f..ac61ce8464ddaae84ced189d5e6802a8d500fbb6 100644
--- a/freeipa.spec.in
+++ b/freeipa.spec.in
@@ -564,6 +564,7 @@ fi
 %{_usr}/share/ipa/ui/index.html
 %{_usr}/share/ipa/ui/login.html
 %{_usr}/share/ipa/ui/logout.html
+%{_usr}/share/ipa/ui/reset_password.html
 %{_usr}/share/ipa/ui/*.ico
 %{_usr}/share/ipa/ui/*.css
 %{_usr}/share/ipa/ui/*.js
@@ -684,6 +685,9 @@ fi
 %ghost %attr(0644,root,apache) %config(noreplace) %{_sysconfdir}/ipa/ca.crt
 
 %changelog
+* Fri Jun 8 2012 Petr Vobornik <pvobo...@redhat.com> - 2.99.0-30
+- Add Web UI reset password page
+
 * Fri May 11 2012 Martin Kosek <mko...@redhat.com> - 2.99.0-29
 - Replace used DNS client library (acutil) with python-dns
 
diff --git a/install/ui/Makefile.am b/install/ui/Makefile.am
index e4256de913b7d178c529390732075c183a14f247..ea3a2029535c4ca73318779de2579ee6034bca95 100644
--- a/install/ui/Makefile.am
+++ b/install/ui/Makefile.am
@@ -53,6 +53,8 @@ app_DATA =				\
 	overpass_regular-web.ttf	\
 	overpass_regular-web.woff	\
 	policy.js			\
+	reset_password.js			\
+	reset_password.html			\
 	rule.js 			\
 	search.js 			\
 	selinux.js 			\
diff --git a/install/ui/ipa.css b/install/ui/ipa.css
index 5371070a1c875c0bab4d058eebc5a353df29a79f..1793e7f75616332417a0c4b1822b9dc75b51e862 100644
--- a/install/ui/ipa.css
+++ b/install/ui/ipa.css
@@ -1578,6 +1578,15 @@ span.sshkey-status, a.sshkey-set {
     padding: 1em 2em;
 }
 
+#success-box, .success-box {
+    -moz-border-radius: 0.3em 0.3em 0.3em 0.3em;
+    -webkit-border-radius: 0.3em 0.3em 0.3em 0.3em;
+    background-color: #FFEB80;
+    border: 1px solid #FFDE2E;
+    margin: 0 2em 1em 2em;
+    padding: 1em 2em;
+}
+
 #formwindow h2 {
     background-color: #F0F0F0;
     font-size: 1.6em;
@@ -1619,7 +1628,7 @@ span.sshkey-status, a.sshkey-set {
     box-shadow: inset 0 1px 1px rgba(0, 0, 0, 0.2);
     margin-left: 15px;
     padding: 2px 10px;
-    width: 248px;
+    width: 210px;
 }
 
 #login li label, #modal li label {
diff --git a/install/ui/jsl.conf b/install/ui/jsl.conf
index 3eebda4e8f6f6cb9ed9b3b502feec3558d723bc4..97789b2f08e96b06f94c4d212df7122fb7dff49d 100644
--- a/install/ui/jsl.conf
+++ b/install/ui/jsl.conf
@@ -159,3 +159,4 @@
 +process automember.js
 +process webui.js
 +process login.js
++process reset_password.js
diff --git a/install/ui/login.html b/install/ui/login.html
index 9902466a70b3deb7e4c7ec5168abc803935d0c32..69e3dea7f0f09906a7586c745e5df8c326803580 100644
--- a/install/ui/login.html
+++ b/install/ui/login.html
@@ -30,7 +30,7 @@
 
             <div id="expired" class="error-box" style="display:none">
                 <p><strong>Password expired</strong></p>
-                <p>Please run kinit to reset the password and then try to login again.</p>
+                <p>Please <a href="reset_password.html">reset the password</a> and then try to login again.</p>
                 <p>If the problem persists, contact your administrator.</p>
             </div>
 
@@ -52,7 +52,6 @@
             </form>
         </div>
     </div>
-
 </body>
 
 </html>
diff --git a/install/ui/login.html b/install/ui/reset_password.html
similarity index 56%
copy from install/ui/login.html
copy to install/ui/reset_password.html
index 9902466a70b3deb7e4c7ec5168abc803935d0c32..af191cc0780fec6ee023b8dd16626b5196bf1c5d 100644
--- a/install/ui/login.html
+++ b/install/ui/reset_password.html
@@ -8,7 +8,7 @@
 
     <script type="text/javascript" src="json2.js"></script>
     <script type="text/javascript" src="jquery.js"></script>
-    <script type="text/javascript" src="login.js"></script>
+    <script type="text/javascript" src="reset_password.js"></script>
 </head>
 
 <body class="info-page login-page">
@@ -20,18 +20,15 @@
         </div>
 
         <div id="formwindow">
-            <h2>Login</h2>
+            <h2>Reset password</h2>
 
             <div id="invalid" class="error-box" style="display:none">
-                <p><strong>Please re-enter your username or password</strong></p>
-                <p>The password or username you entered is incorrect. Please try again (make sure your caps lock is off).</p>
-                <p>If the problem persists, contact your administrator.</p>
+                <p id="error-msg"></p>
             </div>
 
-            <div id="expired" class="error-box" style="display:none">
-                <p><strong>Password expired</strong></p>
-                <p>Please run kinit to reset the password and then try to login again.</p>
-                <p>If the problem persists, contact your administrator.</p>
+            <div id="success" class="success-box" style="display:none">
+                <p>Password reset was successful.
+                <a id="login-link" href="login.html">Return to login page.</a></p>
             </div>
 
             <form id="login">
@@ -41,13 +38,21 @@
                         <input type="text" name="username" value="" accesskey="u" />
                     </li>
                     <li>
-                        <label for="password">Password:</label>
+                        <label for="password">Current Password:</label>
                         <input type="password" name="password" value="" accesskey="p" />
                     </li>
+                    <li>
+                        <label for="password">New Password:</label>
+                        <input type="password" name="new_password" value="" accesskey="n" />
+                    </li>
+                    <li>
+                        <label for="password">Verify Password:</label>
+                        <input type="password" name="verify_password" value="" accesskey="v" />
+                    </li>
                 <ul>
 
                 <div class="formbutton">
-                    <input name="submit" value="Login" type="submit" />
+                    <input name="submit" value="Reset" type="submit" />
                 </div>
             </form>
         </div>
diff --git a/install/ui/reset_password.js b/install/ui/reset_password.js
new file mode 100644
index 0000000000000000000000000000000000000000..78fbb76a253370b058a81393707a6d4d76b9bd1c
--- /dev/null
+++ b/install/ui/reset_password.js
@@ -0,0 +1,136 @@
+/*  Authors:
+ *    Petr Vobornik <pvobo...@redhat.com>
+ *
+ * Copyright (C) 2010 Red Hat
+ * see file 'COPYING' for use and warranty information
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+var RP = {}; //Reset Password Page
+
+RP.reset_password = function(username, old_password, new_password) {
+
+    //possible results: 'ok', 'invalid-password', 'policy-error'
+
+    var status, result, reason, invalid, failure, data, request;
+
+    status = 'invalid';
+    result = {
+        status: status,
+        message: "Password reset was not successful."
+    };
+
+    function success_handler(data, text_status, xhr) {
+
+        result.status = xhr.getResponseHeader("X-IPA-Pwchange-Result") || status;
+
+        if (result.status === 'policy-error') {
+            result.message = xhr.getResponseHeader("X-IPA-Pwchange-Policy-Error");
+        } else if (result.status === 'invalid-password') {
+            result.message = "The password or username you entered is incorrect.";
+        }
+
+        return result;
+    }
+
+    function error_handler(xhr, text_status, error_thrown) {
+        return result;
+    }
+
+    data = {
+        user: username,
+        old_password: old_password,
+        new_password: new_password
+    };
+
+    request = {
+        url: '/ipa/session/change_password',
+        data: data,
+        contentType: 'application/x-www-form-urlencoded',
+        processData: true,
+        dataType: 'html',
+        async: false,
+        type: 'POST',
+        success: success_handler,
+        error: error_handler
+    };
+
+    $.ajax(request);
+
+    return result;
+};
+
+RP.verify_required = function(field, value) {
+
+    var valid = true;
+
+    if (!value || value === '') {
+        valid = false;
+        $('#error-msg').text(field +" is required");
+        $('#invalid').css('display', 'block');
+    }
+
+    return valid;
+};
+
+
+RP.on_submit = function() {
+
+    var username = $('input[name=username]', RP.form).val();
+    var current_password = $('input[name=password]', RP.form).val();
+    var new_password = $('input[name=new_password]', RP.form).val();
+    var verify_password = $('input[name=verify_password]', RP.form).val();
+
+    if (!RP.verify_required('Username', username)) return;
+    if (!RP.verify_required('Current Password', current_password)) return;
+    if (!RP.verify_required('New Password', new_password)) return;
+    if (!RP.verify_required('Verify Password', verify_password)) return;
+
+    if (new_password !== verify_password) {
+        $('#error-msg').text("Passwords must match");
+        $('#invalid').css('display', 'block');
+        return;
+    }
+
+    var result = RP.reset_password(username, current_password, new_password);
+
+    if (result.status !== 'ok') {
+        $('#error-msg').text(result.message);
+        $('#invalid').css('display', 'block');
+        $('#success').css('display', 'none');
+    } else {
+        $('#invalid').css('display', 'none');
+        $('#success').css('display', 'block');
+        $('#login-link').focus();
+        $('input[name=password]', RP.form).val('');
+        $('input[name=new_password]', RP.form).val('');
+        $('input[name=verify_password]', RP.form).val('');
+    }
+};
+
+RP.init = function() {
+
+    RP.form = $('#login');
+
+    $('input[name=submit]', RP.form).click(function() {
+        RP.on_submit();
+        return false;
+    });
+};
+
+/* main (document onready event handler) */
+$(function() {
+    RP.init();
+});
-- 
1.7.7.6

_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Reply via email to