Author: david
Date: 2008-10-28 14:51:44 -0700 (Tue, 28 Oct 2008)
New Revision: 1509
Added:
trunk/qubit/lib/form/UserLoginForm.class.php
Removed:
trunk/qubit/apps/qubit/lib/myLoginValidator.class.php
trunk/qubit/apps/qubit/modules/user/validate/
Modified:
trunk/qubit/apps/qubit/lib/myUser.class.php
trunk/qubit/apps/qubit/modules/user/actions/loginAction.class.php
trunk/qubit/apps/qubit/modules/user/templates/loginSuccess.php
trunk/qubit/lib/model/QubitUser.php
trunk/qubit/web/css/form.css
trunk/qubit/web/css/graphic.css
Log:
- switch login form to symfony form 1.1 api
- implement validation on login form
- remove old form validation classes
- move user authentication logic into myUser.class.php
- move login credential check logic into QubitUser model
- tweak validation_error and form_error css
Deleted: trunk/qubit/apps/qubit/lib/myLoginValidator.class.php
===================================================================
--- trunk/qubit/apps/qubit/lib/myLoginValidator.class.php 2008-10-27
22:37:27 UTC (rev 1508)
+++ trunk/qubit/apps/qubit/lib/myLoginValidator.class.php 2008-10-28
21:51:44 UTC (rev 1509)
@@ -1,74 +0,0 @@
-<?php
-
-/*
- * This file is part of the Qubit Toolkit.
- * Copyright (C) 2006-2008 Peter Van Garderen <[EMAIL PROTECTED]>
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the Free
- * Software Foundation; either version 2 of the License, or (at your option)
- * any later version.
- *
- * This program is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License
- * for more details.
- *
- * You should have received a copy of the GNU General Public License along with
- * this program; if not, write to the Free Software Foundation, Inc., 51
- * Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
- */
-
-class myLoginValidator extends sfValidator
-{
- public function initialize($context, $parameters = null)
- {
- // initialize parent
- parent::initialize($context);
-
- // set defaults
- $this->setParameter('login_error', 'email address not found');
-
- $this->getParameterHolder()->add($parameters);
-
- return true;
- }
-
- public function execute(&$value, &$error)
- {
- $password_param = $this->getParameter('password');
- $password =
$this->getContext()->getRequest()->getParameter($password_param);
-
- $login = $value;
-
- // anonymous is not a real user
- if ($login == 'anonymous')
- {
- $error = $this->getParameter('login_error');
- return false;
- }
-
- $criteria = new Criteria;
- $criteria->add(QubitUser::EMAIL, $login);
- $user = QubitUser::getOne($criteria);
-
- // user account exists?
- if ($user)
- {
- // password is OK?
- if (sha1($user->getSalt().$password) == $user->getSha1Password())
- {
- $this->getContext()->getUser()->signIn($user);
- return true;
- }
- else
- {
- $error = 'invalid password';
- return false;
- }
- }
-
- $error = $this->getParameter('login_error');
- return false;
- }
-}
Modified: trunk/qubit/apps/qubit/lib/myUser.class.php
===================================================================
--- trunk/qubit/apps/qubit/lib/myUser.class.php 2008-10-27 22:37:27 UTC (rev
1508)
+++ trunk/qubit/apps/qubit/lib/myUser.class.php 2008-10-28 21:51:44 UTC (rev
1509)
@@ -26,9 +26,9 @@
$this->setAuthenticated(true);
foreach ($user->getRoles() as $role)
- {
+ {
$this->addCredential((string) $role);
- }
+ }
$this->setAttribute('user_id', $user->getId());
$this->setAttribute('user_name', $user->getUserName());
@@ -49,13 +49,36 @@
$this->getAttributeHolder()->remove('nav_context_module');
}
-public function getUserID()
-{
- return $this->getAttribute('user_id');
-}
+ public function getUserID()
+ {
+ return $this->getAttribute('user_id');
+ }
-public function getUserName()
-{
- return $this->getAttribute('user_name');
+ public function getUserName()
+ {
+ return $this->getAttribute('user_name');
+ }
+
+ public function authenticate($username, $password, &$error)
+ {
+ $authenticated = false;
+ $error = null;
+
+ // anonymous is not a real user
+ if ($username == 'anonymous')
+ {
+ $error = 'invalid username';
+ }
+
+ $user = QubitUser::checkCredentials($username, $password, &$error);
+
+ // user account exists?
+ if ($user !== null)
+ {
+ $authenticated = true;
+ $this->signIn($user);
+ }
+
+ return $authenticated;
+ }
}
-}
Modified: trunk/qubit/apps/qubit/modules/user/actions/loginAction.class.php
===================================================================
--- trunk/qubit/apps/qubit/modules/user/actions/loginAction.class.php
2008-10-27 22:37:27 UTC (rev 1508)
+++ trunk/qubit/apps/qubit/modules/user/actions/loginAction.class.php
2008-10-28 21:51:44 UTC (rev 1509)
@@ -24,50 +24,67 @@
public function execute($request)
{
- $this->login_message = '';
-
- if ($this->getRequest()->getMethod() != sfRequest::POST)
+ sfLoader::loadHelpers(array('Url'));
+
+ $this->loginMessage = '';
+ $this->loginError = '';
+ $this->loginForm = new UserLoginForm;
+
+ // handle the form submission
+ if ($request->isMethod('post'))
{
- // set the login_route to user after the user is logged-in
- // if the user selected the log-in page explicitely, send them back to
their referring page
- // if the user is stopped by the login page on their way to another
page, send them on
- // their way to that page after logging on successfully
-
- if ($this->getRequest()->getPathInfo() == '/login')
- {
- $this->getUser()->setAttribute('login_route',
$this->getRequest()->getReferer());
- $this->login_message = $this->getContext()->getI18N()->__('log in');
+ $this->loginForm->bind($request->getParameter('login'));
+ if ($this->loginForm->isValid())
+ {
+ if
($this->getUser()->authenticate($this->loginForm->getValue('email'),
$this->loginForm->getValue('password'), $loginError))
+ {
+ // redirect to login_route, otherwise redirect to homepage
+ if ($nextPage = $this->getUser()->getAttribute('login_route'))
+ {
+ $this->getUser()->getAttributeHolder()->remove('login_route');
+ $this->getController()->redirect(url_for($nextPage), true);
+ }
+ else
+ {
+ $this->redirect('@homepage');
+ }
}
else
{
- $this->getUser()->setAttribute('login_route',
$this->getRequest()->getPathInfo());
- $this->login_message = $this->getContext()->getI18N()->__('please
log-in to access that page');
+ $this->loginError = $loginError;
}
+ }
+ }
+
+ // Set the 'login_route' attribute for redirecting user after
authentication
+ $this->setLoginRoute($this->getUser());
+ }
- // display the form
- return sfView::SUCCESS;
- }
- else
+ /**
+ * Get referring page so we can redirect the user back there after
+ * successfully authenticating them
+ *
+ * @param sfUser $user
+ */
+ public function setLoginRoute($user)
+ {
+ if (!$user->hasAttribute('login_route'))
{
- // handle the form submission
-
- // redirect to login_route, otherwise redirect to homepage
- if ($this->getUser()->getAttribute('login_route'))
+
+ // if the user selected the log-in page explicitely, send them back to
their referring page
+ if ($this->getRequest()->getPathInfo() == '/login')
{
- $this->redirect($this->getUser()->getAttribute('login_route'));
+ $user->setAttribute('login_route', $this->getRequest()->getReferer());
+ $this->loginMessage = $this->getContext()->getI18N()->__('log in');
}
+
+ // if the user is stopped by the login page on their way to another
page, send them on
+ // their way to that page after logging on successfully
else
{
- $this->redirect('@homepage');
+ $user->setAttribute('login_route', $this->getRequest()->getUri());
+ $this->loginMessage = $this->getContext()->getI18N()->__('please
log-in to access that page');
}
-
}
}
-
- public function handleError()
- {
- $this->login_message = $this->getContext()->getI18N()->__('log in');
-
- return sfView::SUCCESS;
- }
}
Modified: trunk/qubit/apps/qubit/modules/user/templates/loginSuccess.php
===================================================================
--- trunk/qubit/apps/qubit/modules/user/templates/loginSuccess.php
2008-10-27 22:37:27 UTC (rev 1508)
+++ trunk/qubit/apps/qubit/modules/user/templates/loginSuccess.php
2008-10-28 21:51:44 UTC (rev 1509)
@@ -4,32 +4,40 @@
<div class="login-form">
<fieldset>
-<?php if ($login_message): ?>
- <legend><?php echo $login_message ?></legend>
+<?php if ($loginMessage): ?>
+ <legend><?php echo $loginMessage ?></legend>
<?php endif; ?>
-<?php echo form_tag('user/login') ?>
-<div class="form-item">
-<label for="email"><?php echo __('email'); ?></label>
-<?php echo input_tag('email', $sf_params->get('email')) ?>
-</div>
+<?php if ($loginForm->hasGlobalErrors()): ?>
+ <div class="validation_error"><?php echo $loginForm->renderGlobalErrors()
?></div>
+<?php endif; ?>
+ <form action="<?php echo url_for('user/login') ?>" method="POST">
+ <?php if($loginError): ?>
+ <div class="form_error">
+ <?php if($loginError == 'invalid username') echo __('your email
address was not found') ?>
+ <?php if($loginError == 'invalid password') echo __('your email and
password do not match') ?>
+ </div>
+ <?php endif; ?>
-<div class="form-item">
-<label for="password"><?php echo __('password'); ?></label>
+ <div class="form-item">
+ <label for="email"><?php echo __('email'); ?></label>
+ <?php if (strlen($error = $loginForm['email']->renderError())): ?><?php
echo $error ?><?php endif; ?>
+ <?php echo $loginForm['email'] ?>
+ </div>
+
+ <div class="form-item">
+ <label for="password"><?php echo __('password'); ?></label>
+ <?php if (strlen($error = $loginForm['password']->renderError())):
?><?php echo $error ?><?php endif; ?>
+ <?php echo $loginForm['password'] ?>
+ </div>
+
+ <div class="menu-action">
+ <?php echo input_hidden_tag('referer',
$sf_request->getAttribute('referer')) ?>
+ <?php echo my_submit_tag(__('log in'), array('style' => 'width: auto;'))
?>
+ </div>
+ </form>
+</fieldset>
-<?php echo input_password_tag('password') ?>
-</div>
-
<!--set initial focus to email input control -->
-<?php echo javascript_tag(<<<EOF
-$('[name=email]').focus();
-EOF
-) ?>
-
-<div class="menu-action">
-<?php echo input_hidden_tag('referer', $sf_request->getAttribute('referer')) ?>
-<?php echo my_submit_tag(__('log in'), array('style' => 'width: auto;')) ?>
+<?php echo javascript_tag("$('[name=email]').focus()"); ?>
</div>
-</fieldset>
-</form>
-</div>
Added: trunk/qubit/lib/form/UserLoginForm.class.php
===================================================================
--- trunk/qubit/lib/form/UserLoginForm.class.php
(rev 0)
+++ trunk/qubit/lib/form/UserLoginForm.class.php 2008-10-28 21:51:44 UTC
(rev 1509)
@@ -0,0 +1,63 @@
+<?php
+
+/*
+ * This file is part of the Qubit Toolkit.
+ * Copyright (C) 2006-2008 Peter Van Garderen <[EMAIL PROTECTED]>
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the Free
+ * Software Foundation; either version 2 of the License, or (at your option)
+ * any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License
+ * for more details.
+ *
+ * You should have received a copy of the GNU General Public License along with
+ * this program; if not, write to the Free Software Foundation, Inc., 51
+ * Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+
+/**
+ * Global form & validation definition for user login
+ *
+ * @package qubit
+ * @subpackage settings
+ * @version svn: $Id$
+ * @author David Juhasz <[EMAIL PROTECTED]>
+ */
+class UserLoginForm extends sfForm
+{
+ public function configure()
+ {
+ // Build widgets
+ $this->setWidgets(array(
+ 'email' => new sfWidgetFormInput,
+ 'password' => new sfWidgetFormInputPassword
+ ));
+
+ // Email validator
+ $this->validatorSchema['email'] = new sfValidatorEmail(
+ array('required' => true),
+ array(
+ 'required' => 'you must provide an email address',
+ 'invalid' => 'your email address is not a valid format'
+ )
+ );
+
+ // Password validator
+ $this->validatorSchema['password'] = new sfValidatorString(
+ array('required' => true),
+ array('required' => 'you must provide a password')
+ );
+
+ // Set decorator
+ $decorator = new QubitWidgetFormSchemaFormatterList($this->widgetSchema);
+ $this->widgetSchema->addFormFormatter('list', $decorator);
+ $this->widgetSchema->setFormFormatterName('list');
+
+ // Set wrapper text for global form settings
+ $this->widgetSchema->setNameFormat('login[%s]');
+ }
+}
\ No newline at end of file
Property changes on: trunk/qubit/lib/form/UserLoginForm.class.php
___________________________________________________________________
Added: svn:keywords
+ Author Id Revision
Added: svn:eol-style
+ native
Modified: trunk/qubit/lib/model/QubitUser.php
===================================================================
--- trunk/qubit/lib/model/QubitUser.php 2008-10-27 22:37:27 UTC (rev 1508)
+++ trunk/qubit/lib/model/QubitUser.php 2008-10-28 21:51:44 UTC (rev 1509)
@@ -19,6 +19,9 @@
* Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
*/
+/**
+ * QubitUser model
+ */
class QubitUser extends BaseUser
{
public function __toString()
@@ -27,26 +30,26 @@
}
public function setPassword($password)
- {
- $salt = md5(rand(100000, 999999).$this->getEmail());
- $this->setSalt($salt);
- $this->setSha1Password(sha1($salt.$password));
- }
+ {
+ $salt = md5(rand(100000, 999999).$this->getEmail());
+ $this->setSalt($salt);
+ $this->setSha1Password(sha1($salt.$password));
+ }
public function getRoles()
- {
- $roles = array();
- foreach ($this->getUserRoleRelations() as $relation)
- {
- $roles[] = $relation->getRole();
- }
+ {
+ $roles = array();
+ foreach ($this->getUserRoleRelations() as $relation)
+ {
+ $roles[] = $relation->getRole();
+ }
- return $roles;
- }
+ return $roles;
+ }
public function getUserCredentials()
{
- return $this->getRoles();
+ return $this->getRoles();
}
public static function getList($culture, $options=array())
@@ -62,4 +65,42 @@
return $pager;
}
+
+ public static function checkCredentials($username, $password, &$error)
+ {
+ $validCreds = false;
+ $error = null;
+
+ // anonymous is not a real user
+ if ($username == 'anonymous')
+ {
+ $error = 'invalid username';
+
+ return null;
+ }
+
+ $criteria = new Criteria;
+ $criteria->add(QubitUser::EMAIL, $username);
+ $user = QubitUser::getOne($criteria);
+
+ // user account exists?
+ if ($user !== null)
+ {
+ // password is OK?
+ if (sha1($user->getSalt().$password) == $user->getSha1Password())
+ {
+ $validCreds = true;
+ }
+ else
+ {
+ $error = 'invalid password';
+ }
+ }
+ else
+ {
+ $error = 'invalid username';
+ }
+
+ return ($validCreds) ? $user : null;
+ }
} // User
Modified: trunk/qubit/web/css/form.css
===================================================================
--- trunk/qubit/web/css/form.css 2008-10-27 22:37:27 UTC (rev 1508)
+++ trunk/qubit/web/css/form.css 2008-10-28 21:51:44 UTC (rev 1509)
@@ -309,97 +309,104 @@
.login-form
{
-border: 0;
-width: 450px;
-margin: 0 0 0 20px;
-font: bold 18px/19px georgia, serif;
+ border: 0;
+ width: 450px;
+ margin: 0 0 0 20px;
+ font: bold 18px/19px georgia, serif;
}
.login-form legend
{
-font: bold 18px/20px georgia, serif;
-color: #000000;
-margin: 0;
+ font: bold 18px/20px georgia, serif;
+ color: #000000;
+ margin: 0;
}
.login-form input
{
-width: 400px;
-font: bold 27px/27px georgia, serif;
-border: 1px solid #999999;
+ width: 400px;
+ font: bold 27px/27px georgia, serif;
+ border: 1px solid #999999;
}
.login-form input.submit
{
-text-decoration: none;
-padding: 0 6px 1px 6px;
-margin: 16px 15px 0 5px;
-font: normal 15px/15px georgia, serif;
-width: 60px;
-height: 25px;
-float: right;
-color: #ffffff;
-background-color: #000000;
-border-right: 3px solid #999999;
-border-bottom: 3px solid #999999;
+ text-decoration: none;
+ padding: 0 6px 1px 6px;
+ margin: 16px 15px 0 5px;
+ font: normal 15px/15px georgia, serif;
+ width: 60px;
+ height: 25px;
+ float: right;
+ color: #ffffff;
+ background-color: #000000;
+ border-right: 3px solid #999999;
+ border-bottom: 3px solid #999999;
}
.login-form input.submithover
{
-text-decoration: none;
-padding: 0 6px 1px 6px;
-margin: 16px 15px 0 5px;
-font: normal 15px/15px georgia, serif;
-width: 60px;
-height: 25px;
-float: right;
-color: #000000;
-background-color: #ffffff;
-border-right: 3px solid #999999;
-border-bottom: 3px solid #999999;
+ text-decoration: none;
+ padding: 0 6px 1px 6px;
+ margin: 16px 15px 0 5px;
+ font: normal 15px/15px georgia, serif;
+ width: 60px;
+ height: 25px;
+ float: right;
+ color: #000000;
+ background-color: #ffffff;
+ border-right: 3px solid #999999;
+ border-bottom: 3px solid #999999;
}
.login-form table
{
-margin-top: 15px;
+ margin-top: 15px;
}
.login-form table th
{
-border: 0;
-vertical-align: center;
-text-align: right;
+ border: 0;
+ vertical-align: center;
+ text-align: right;
}
.login-form table tr
{
-margin-top: 20px;
+ margin-top: 20px;
}
+
/*********************************************************
FORM ERROR
**********************************************************/
.form_error
{
- padding: 1px 1px 1px 20px;
+ padding: 0.1em 0.1em 0.1em 20px;
margin: 2px;
- color: #ff0000;
- border: 1px solid #ff0000;
- background-color: #FF9797;
- background-image: url(../images/exclamation.png);
- background-repeat: no-repeat;
+ color: #a30000;
+ border: 1px solid #c52020;
+ background: #FFCCCC url(../images/exclamation.png) no-repeat 1px;
}
-.validation_error
+ul.validation_error
{
- padding: 1px 1px 1px 20px;
- margin: 2px;
- color: #ff0000;
- background-image: url(../images/exclamation.png);
- background-repeat: no-repeat;
+ padding: 1px;
+ margin: 2px 6px 0.1em 0;
+ background: none;
+ color: #a30000;
+ background-color: #FFCCCC;
+ border: 1px solid #c52020;
}
+ul.validation_error li
+{
+ background: url(../images/exclamation.png) no-repeat 1px;
+ padding: 0.1em 0.1em 0.1em 20px;
+ margin: 0;
+}
+
/* see also app/config/settings.yml
validation_error_prefix: '! '
validation_error_suffix: ' !'
Modified: trunk/qubit/web/css/graphic.css
===================================================================
--- trunk/qubit/web/css/graphic.css 2008-10-27 22:37:27 UTC (rev 1508)
+++ trunk/qubit/web/css/graphic.css 2008-10-28 21:51:44 UTC (rev 1509)
@@ -580,8 +580,6 @@
table.list ul
{
-padding: 0;
-margin: 0;
}
table.list tr
@@ -591,11 +589,11 @@
table.list td
{
padding: 4px 4px 4px 10px;
- text-align: left;
- border-spacing: 20px;
- border: 0;
- border-bottom: 1px solid #cccccc;
- vertical-align: top;
+ text-align: left;
+ border-spacing: 20px;
+ border: 0;
+ border-bottom: 1px solid #cccccc;
+ vertical-align: top;
}
table.list ul.nobullet li
@@ -610,8 +608,8 @@
border: 1px solid #999999;
background-color: #ff9933;
color: #000000;
- padding: 4px 4px 4px 10px;
- font-weight: bold;
+ padding: 4px 4px 4px 10px;
+ font-weight: bold;
vertical-align: top;
text-align: left;
}
@@ -630,14 +628,13 @@
.tableHeader
{
-
-width: 99%;
-background: #6992AF;
-font-weight: bold;
-font-size: 110%;
-padding: 5px 0 5px 10px;
-border: 1px solid #999999;
-margin-top: 10px;
+ width: 99%;
+ background: #6992AF;
+ font-weight: bold;
+ font-size: 110%;
+ padding: 5px 0 5px 10px;
+ border: 1px solid #999999;
+ margin-top: 10px;
}
.translationTableHeader
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Qubit Toolkit Commits" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.ca/group/qubit-commits?hl=en
-~----------~----~----~----~------~----~------~--~---
