On 06/13/2012 07:22 PM, Endi Sukma Dewata wrote:
On 6/13/2012 8:32 AM, Petr Vobornik wrote:
On 06/13/2012 01:25 AM, Endi Sukma Dewata wrote:
On 6/8/2012 10:54 AM, Petr Vobornik wrote:
This patch adds separate reset password page. It is a complement to
separate login page. It differentiate from reset password capabilities
in Web UI's anauthorized dialog by not performing login. This is useful
for users who wants only to reset the password and not to use Web UI.
And also for users who are using the separate login page.

https://fedorahosted.org/freeipa/ticket/2755

It also works with mkosek 274-2 (but needs rebase).

If the password reset is successful, the page shows a link to the login
page, but it also still shows the password reset form. I think it's very
unlikely that the user will want to change the password again, so it
might be better not to show the form, but provide a link to the form
just in case the user needs to do it again.

So after successful reset user will remain on reset_password.html and
will see something like this:
http://pvoborni.fedorapeople.org/ux/resetpwd_success.png ?

Yes, I think it looks much cleaner. Also make sure the password fields
are cleaned too.

Updated patch attached. Sorry for late update, I was working on trust UI and didn't want to switch context.

--
Petr Vobornik
From 8518b770f9f44f4388403f063b16dd11f4b8fb0a Mon Sep 17 00:00:00 2001
From: Petr Vobornik <pvobo...@redhat.com>
Date: Fri, 8 Jun 2012 16:38:17 +0200
Subject: [PATCH] Separate reset password page

This patch adds separate reset password page. It is a complement to separate login page. It differentiate from reset password capabilities in Web UI's anauthorized dialog by not performing login. This is useful for users who wants only to reset the password and not to use Web UI. And also for users who are using the separate login page.

https://fedorahosted.org/freeipa/ticket/2755
---
 freeipa.spec.in                |    5 +
 install/ui/Makefile.am         |    2 +
 install/ui/ipa.css             |   15 ++++-
 install/ui/jsl.conf            |    1 +
 install/ui/login.html          |    3 +-
 install/ui/reset_password.html |   66 ++++++++++++++++
 install/ui/reset_password.js   |  163 ++++++++++++++++++++++++++++++++++++++++
 7 files changed, 252 insertions(+), 3 deletions(-)
 create mode 100644 install/ui/reset_password.html
 create mode 100644 install/ui/reset_password.js

diff --git a/freeipa.spec.in b/freeipa.spec.in
index ce8e1e69fa0953013f06736394800e8797883323..1d70a7c58cc1235d77c44400f265ec4c59f7b348 100644
--- a/freeipa.spec.in
+++ b/freeipa.spec.in
@@ -585,6 +585,7 @@ fi
 %{_usr}/share/ipa/ui/index.html
 %{_usr}/share/ipa/ui/login.html
 %{_usr}/share/ipa/ui/logout.html
+%{_usr}/share/ipa/ui/reset_password.html
 %{_usr}/share/ipa/ui/*.ico
 %{_usr}/share/ipa/ui/*.css
 %{_usr}/share/ipa/ui/*.js
@@ -712,6 +713,10 @@ fi
 %ghost %attr(0644,root,apache) %config(noreplace) %{_sysconfdir}/ipa/ca.crt
 
 %changelog
+
+* Fri Jun 18 2012 Petr Vobornik <pvobo...@redhat.com> - 2.99.0-33
+- Add Web UI reset password page
+
 * Fri Jun 8 2012 Martin Kosek <mko...@redhat.com> - 2.99.0-32
 - Add directory /var/lib/ipa/sysupgrade for package upgrade metadata
 - Set min for bind-dyndb-ldap to 1.1.0-0.12.rc1 to pick up persistent search
diff --git a/install/ui/Makefile.am b/install/ui/Makefile.am
index e4256de913b7d178c529390732075c183a14f247..ea3a2029535c4ca73318779de2579ee6034bca95 100644
--- a/install/ui/Makefile.am
+++ b/install/ui/Makefile.am
@@ -53,6 +53,8 @@ app_DATA =				\
 	overpass_regular-web.ttf	\
 	overpass_regular-web.woff	\
 	policy.js			\
+	reset_password.js			\
+	reset_password.html			\
 	rule.js 			\
 	search.js 			\
 	selinux.js 			\
diff --git a/install/ui/ipa.css b/install/ui/ipa.css
index c69fc80ded3dfef8a9fa645dbe74ac96d069f73a..2ce8494ab8e49154c6ab7b82e6e76bdb956b6d4d 100644
--- a/install/ui/ipa.css
+++ b/install/ui/ipa.css
@@ -1569,6 +1569,10 @@ span.sshkey-status, a.sshkey-set {
     width: 450px;
 }
 
+.form-box {
+    padding: 1em 2em;
+}
+
 #error-box, .error-box {
     -moz-border-radius: 0.3em 0.3em 0.3em 0.3em;
     -webkit-border-radius: 0.3em 0.3em 0.3em 0.3em;
@@ -1578,6 +1582,15 @@ span.sshkey-status, a.sshkey-set {
     padding: 1em 2em;
 }
 
+#success-box, .success-box {
+    -moz-border-radius: 0.3em 0.3em 0.3em 0.3em;
+    -webkit-border-radius: 0.3em 0.3em 0.3em 0.3em;
+    background-color: #FFEB80;
+    border: 1px solid #FFDE2E;
+    margin: 0 2em 1em 2em;
+    padding: 1em 2em;
+}
+
 #formwindow h2 {
     background-color: #F0F0F0;
     font-size: 1.6em;
@@ -1619,7 +1632,7 @@ span.sshkey-status, a.sshkey-set {
     box-shadow: inset 0 1px 1px rgba(0, 0, 0, 0.2);
     margin-left: 15px;
     padding: 2px 10px;
-    width: 248px;
+    width: 210px;
 }
 
 #login li label, #modal li label {
diff --git a/install/ui/jsl.conf b/install/ui/jsl.conf
index 3eebda4e8f6f6cb9ed9b3b502feec3558d723bc4..97789b2f08e96b06f94c4d212df7122fb7dff49d 100644
--- a/install/ui/jsl.conf
+++ b/install/ui/jsl.conf
@@ -159,3 +159,4 @@
 +process automember.js
 +process webui.js
 +process login.js
++process reset_password.js
diff --git a/install/ui/login.html b/install/ui/login.html
index 9902466a70b3deb7e4c7ec5168abc803935d0c32..69e3dea7f0f09906a7586c745e5df8c326803580 100644
--- a/install/ui/login.html
+++ b/install/ui/login.html
@@ -30,7 +30,7 @@
 
             <div id="expired" class="error-box" style="display:none">
                 <p><strong>Password expired</strong></p>
-                <p>Please run kinit to reset the password and then try to login again.</p>
+                <p>Please <a href="reset_password.html">reset the password</a> and then try to login again.</p>
                 <p>If the problem persists, contact your administrator.</p>
             </div>
 
@@ -52,7 +52,6 @@
             </form>
         </div>
     </div>
-
 </body>
 
 </html>
diff --git a/install/ui/reset_password.html b/install/ui/reset_password.html
new file mode 100644
index 0000000000000000000000000000000000000000..423d8e8b29cd0f243743da48666f36fb99ff7c95
--- /dev/null
+++ b/install/ui/reset_password.html
@@ -0,0 +1,66 @@
+<!DOCTYPE html>
+<html>
+<head>
+    <meta charset="utf-8">
+    <title>IPA: Identity Policy Audit</title>
+
+    <link rel="stylesheet" type="text/css" href="ipa.css" />
+
+    <script type="text/javascript" src="json2.js"></script>
+    <script type="text/javascript" src="jquery.js"></script>
+    <script type="text/javascript" src="reset_password.js"></script>
+</head>
+
+<body class="info-page login-page">
+
+    <div class="container_1">
+
+        <div class="header-logo">
+            <img src="images/ipa-logo.png" /><img src="images/ipa-banner.png" />
+        </div>
+
+        <div id="formwindow">
+            <h2>Reset password</h2>
+
+            <div id="invalid" class="error-box" style="display:none">
+                <p id="error-msg"></p>
+            </div>
+
+            <div id="success" class="success-box" style="display:none">
+                <p>Password reset was successful.
+                <a id="login-link" href="login.html">Return to login page.</a></p>
+            </div>
+
+            <form id="login">
+                <ul>
+                    <li>
+                        <label for="username">Username:</label>
+                        <input type="text" id="username" name="username" accesskey="u" />
+                    </li>
+                    <li>
+                        <label for="password">Current Password:</label>
+                        <input type="password" id="password" name="password" accesskey="p" />
+                    </li>
+                    <li>
+                        <label for="new_password">New Password:</label>
+                        <input type="password" id="new_password" name="new_password" accesskey="n" />
+                    </li>
+                    <li>
+                        <label for="verify_password">Verify Password:</label>
+                        <input type="password" id="verify_password" name="verify_password" accesskey="v" />
+                    </li>
+                </ul>
+
+                <div class="formbutton">
+                    <input name="submit" value="Reset" type="submit" />
+                </div>
+            </form>
+            <div style="display:none" class="form-box" id="reset_pwd_link">
+                <p><a href="#">Reset password again</a></p>
+            </div>
+        </div>
+    </div>
+
+</body>
+
+</html>
diff --git a/install/ui/reset_password.js b/install/ui/reset_password.js
new file mode 100644
index 0000000000000000000000000000000000000000..5d828afac812da8af4cf90d69a1494867e6bcc7e
--- /dev/null
+++ b/install/ui/reset_password.js
@@ -0,0 +1,163 @@
+/*  Authors:
+ *    Petr Vobornik <pvobo...@redhat.com>
+ *
+ * Copyright (C) 2010 Red Hat
+ * see file 'COPYING' for use and warranty information
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+var RP = {}; //Reset Password Page
+
+RP.reset_password = function(username, old_password, new_password) {
+
+    //possible results: 'ok', 'invalid-password', 'policy-error'
+
+    var status, result, reason, invalid, failure, data, request;
+
+    status = 'invalid';
+    result = {
+        status: status,
+        message: "Password reset was not successful."
+    };
+
+    function success_handler(data, text_status, xhr) {
+
+        result.status = xhr.getResponseHeader("X-IPA-Pwchange-Result") || status;
+
+        if (result.status === 'policy-error') {
+            result.message = xhr.getResponseHeader("X-IPA-Pwchange-Policy-Error");
+        } else if (result.status === 'invalid-password') {
+            result.message = "The password or username you entered is incorrect.";
+        }
+
+        return result;
+    }
+
+    function error_handler(xhr, text_status, error_thrown) {
+        return result;
+    }
+
+    data = {
+        user: username,
+        old_password: old_password,
+        new_password: new_password
+    };
+
+    request = {
+        url: '/ipa/session/change_password',
+        data: data,
+        contentType: 'application/x-www-form-urlencoded',
+        processData: true,
+        dataType: 'html',
+        async: false,
+        type: 'POST',
+        success: success_handler,
+        error: error_handler
+    };
+
+    $.ajax(request);
+
+    return result;
+};
+
+RP.verify_required = function(field, value) {
+
+    var valid = true;
+
+    if (!value || value === '') {
+        valid = false;
+        RP.show_error(field +" is required");
+    }
+
+    return valid;
+};
+
+
+RP.on_submit = function() {
+
+    var username = $('#username').val();
+    var current_password = $('#password').val();
+    var new_password = $('#new_password').val();
+    var verify_password = $('#verify_password').val();
+
+    if (!RP.verify_required('Username', username)) return;
+    if (!RP.verify_required('Current Password', current_password)) return;
+    if (!RP.verify_required('New Password', new_password)) return;
+    if (!RP.verify_required('Verify Password', verify_password)) return;
+
+    if (new_password !== verify_password) {
+        RP.show_error("Passwords must match");
+        return;
+    }
+
+    var result = RP.reset_password(username, current_password, new_password);
+
+    if (result.status !== 'ok') {
+        RP.show_error(result.message);
+    } else {
+        RP.reset_form();
+        $('#success').css('display', 'block');
+        $('#login-link').focus();
+        RP.hide_reset_form();
+    }
+};
+
+RP.reset_form = function() {
+    $('#invalid').css('display', 'none');
+    $('#success').css('display', 'none');
+    $('#password').val('');
+    $('#new_password').val('');
+    $('#verify_password').val('');
+};
+
+RP.show_error = function(message) {
+
+    $('#error-msg').text(message);
+    $('#invalid').css('display', 'block');
+    $('#success').css('display', 'none');
+};
+
+RP.hide_reset_form = function() {
+
+    RP.form.hide();
+    RP.reset_link.show();
+};
+
+RP.show_reset_form = function() {
+
+    RP.reset_form();
+    RP.form.show();
+    RP.reset_link.hide();
+};
+
+RP.init = function() {
+
+    RP.form = $('#login');
+    RP.reset_link = $('#reset_pwd_link');
+    RP.reset_link.click(function() {
+        RP.show_reset_form();
+        return false;
+    });
+
+    $('input[name=submit]', RP.form).click(function() {
+        RP.on_submit();
+        return false;
+    });
+};
+
+/* main (document onready event handler) */
+$(function() {
+    RP.init();
+});
-- 
1.7.7.6

_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Reply via email to