diff --git a/lib/WebGUI/Auth.pm b/lib/WebGUI/Auth.pm
index 7aa5a8927..304568a6e 100644
--- a/lib/WebGUI/Auth.pm
+++ b/lib/WebGUI/Auth.pm
@@ -22,6 +22,7 @@ use WebGUI::User;
use WebGUI::Workflow::Instance;
use WebGUI::Inbox;
use WebGUI::Friends;
+use WebGUI::Deprecate;
# Profile field name for the number of times the showMessageOnLogin has been
# seen.
@@ -178,262 +179,6 @@ sub authMethod {
#-------------------------------------------------------------------
-=head2 createAccount ( method [,vars] )
-
-Superclass method that performs general functionality for creating new accounts.
-
-=head3 method
-
-Auth method that the form for creating users should call
-
-=head3 vars
-
-Array ref of template vars from subclass
-
-=cut
-
-sub createAccount {
- my $self = shift;
- my $method = shift;
- my $vars = shift;
- my $i18n = WebGUI::International->new($self->session);
- $vars->{title} = $i18n->get(54);
-
- $vars->{'create.form.header'}
- = WebGUI::Form::formHeader($self->session)
- . WebGUI::Form::hidden($self->session,{"name"=>"op","value"=>"auth"})
- . WebGUI::Form::hidden($self->session,{"name"=>"method","value"=>$method})
- ;
-
- # User Defined Options
- my $userInvitation = $self->session->setting->get('inboxInviteUserEnabled');
- $vars->{'create.form.profile'} = [];
- foreach my $field (@{WebGUI::ProfileField->getRegistrationFields($self->session)}) {
- my $id = $field->getId;
- my $label = $field->getLabel;
- my $required = $field->isRequired;
-
- my $properties = {};
- if ($required) {
- my $fieldValue = $self->session->form->process($field->getId,$field->get("fieldType"));
- $properties->{extras} = $self->getExtrasStyle($fieldValue);
- }
-
- my $formField;
- # Get the default email from the invitation
- if ($field->get('fieldName') eq "email" && $userInvitation ) {
- my $code = $self->session->form->get('code')
- || $self->session->form->get('uniqueUserInvitationCode');
- my $defaultValue
- = $self->session->db->quickScalar(
- 'SELECT email FROM userInvitations WHERE inviteId=?',
- [$code]
- );
- $vars->{'create.form.header'} .= WebGUI::Form::hidden($self->session, {name=>"uniqueUserInvitationCode", value=>$code});
- $formField = $field->formField($properties, undef, undef, undef, $defaultValue);
- }
- else {
- $formField = $field->formField($properties);
- }
-
-
- # Old-style field loop.
- push @{$vars->{'create.form.profile'}}, {
- 'profile.formElement' => $formField,
- 'profile.formElement.label' => $label,
- 'profile.required' => $required,
- };
-
- # Individual field template vars.
- my $prefix = 'create.form.profile.'.$id.'.';
- $vars->{ $prefix . 'formElement' } = $formField;
- $vars->{ $prefix . 'formElement.label' } = $label;
- $vars->{ $prefix . 'required' } = $required;
- }
-
- $vars->{'create.form.submit'} = WebGUI::Form::submit($self->session,{});
- $vars->{'create.form.footer'} = WebGUI::Form::formFooter($self->session,);
-
- $vars->{'login.url'} = $self->session->url->page('op=auth;method=init');
- $vars->{'login.label'} = $i18n->get(58);
-
- return WebGUI::Asset::Template->newById($self->session,$self->getCreateAccountTemplateId)->process($vars);
-}
-
-#-------------------------------------------------------------------
-
-=head2 createAccountSave ( username,properties [,password,profile] )
-
-Superclass method that performs general functionality for saving new accounts. Based
-on various settings and user actions, it may return output that should be displayed
-to the user.
-
-=head3 username
-
-Username for the account being created
-
-=head3 properties
-
-Properties from the subclass that should be saved as authentication parameters
-
-=head3 password
-
-Password entered by the user. This is only used in for sending the user a notification by email of his/her username/password
-
-=head3 profile
-
-Hashref of profile values returned by the function WebGUI::User::validateProfileDataFromForm($fields);
-
-=cut
-
-sub createAccountSave {
- my $self = shift;
- my $username = $_[0];
- my $properties = $_[1];
- my $password = $_[2];
- my $profile = $_[3];
-
- my $i18n = WebGUI::International->new($self->session);
-
-
- my $u = WebGUI::User->new($self->session,"new");
- $self->user($u);
- my $userId = $u->userId;
- $u->username($username);
- $u->authMethod($self->authMethod);
- $u->karma($self->session->setting->get("karmaPerLogin"),"Login","Just for logging in.") if ($self->session->setting->get("useKarma"));
- $u->updateProfileFields($profile) if ($profile);
- $self->update($properties);
-
- if ($self->getSetting("sendWelcomeMessage")){
- my $var;
- $var->{welcomeMessage} = $self->getSetting("welcomeMessage");
- $var->{newUser_username} = $username;
- $var->{newUser_password} = $password;
- my $message = WebGUI::Asset::Template->newById($self->session,$self->getSetting('welcomeMessageTemplate'))->process($var);
- WebGUI::Macro::process($self->session,\$message);
- WebGUI::Inbox->new($self->session)->addMessage({
- message => $message,
- subject => $i18n->get(870),
- userId => $self->userId,
- status => 'completed',
- });
- }
-
- $self->session->user({user=>$u});
- $self->_logLogin($userId,"success");
-
- if ($self->session->setting->get("runOnRegistration")) {
- WebGUI::Workflow::Instance->create($self->session, {
- workflowId=>$self->session->setting->get("runOnRegistration"),
- methodName=>"new",
- className=>"WebGUI::User",
- parameters=>$self->session->user->userId,
- priority=>1
- })->start;
- }
-
- ##Finalize the record in the user invitation table.
- my $inviteId = $self->session->form->get('uniqueUserInvitationCode');
- if ($inviteId) {
- $self->session->db->setRow('userInvitations','inviteId',{
- inviteId => $inviteId,
- newUserId => $u->userId,
- dateCreated => WebGUI::DateTime->new($self->session, time)->toMysqlDate,
- });
- #Get the invite record
- my $inviteRecord = $self->session->db->getRow('userInvitations','inviteId',$inviteId);
- #Get the user
- my $inviteUser = WebGUI::User->new($self->session,$inviteRecord->{userId});
- #Automatically add the friend that invited the user and vice versa if the friend has friends enabled
- if($inviteUser->acceptsFriendsRequests($u)) {
- my $friends = WebGUI::Friends->new($self->session,$u);
- $friends->add([$inviteUser->userId]);
- }
- }
-
- # If we have something to do after login, do it
- if ( $self->session->setting->get( 'showMessageOnLogin' ) ) {
- return $self->showMessageOnLogin;
- }
- elsif ($self->session->form->get('returnUrl')) {
- $self->session->http->setRedirect( $self->session->form->get('returnUrl') );
- $self->session->scratch->delete("redirectAfterLogin");
- }
- elsif ($self->session->scratch->get("redirectAfterLogin")) {
- my $url = $self->session->scratch->delete("redirectAfterLogin");
- $self->session->http->setRedirect($url);
- return undef;
- }
- else {
- $self->session->http->setStatus(201);
- }
-
- return undef;
-}
-
-#-------------------------------------------------------------------
-
-=head2 deactivateAccount ( method )
-
-Superclass method that displays a confirm message for deactivating a user's account.
-
-=head3 method
-
-Auth method that the form for creating users should call
-
-=cut
-
-sub deactivateAccount {
- my $self = shift;
- my $method = $_[0];
- return $self->session->privilege->vitalComponent() if($self->isVisitor || $self->isAdmin);
- return $self->session->privilege->adminOnly() if(!$self->session->setting->get("selfDeactivation"));
- my $i18n = WebGUI::International->new($self->session);
- my %var;
- $var{title} = $i18n->get(42);
- $var{question} = $i18n->get(60);
- $var{'yes.url'} = $self->session->url->page('op=auth;method='.$method);
- $var{'yes.label'} = $i18n->get(44);
- $var{'no.url'} = $self->session->url->page();
- $var{'no.label'} = $i18n->get(45);
- return WebGUI::Asset::Template->new($self->session,$self->getDeactivateAccountTemplateId)->process(\%var);
-}
-
-#-------------------------------------------------------------------
-
-=head2 deactivateAccountConfirm ( )
-
-Superclass method that performs general functionality for deactivating accounts.
-
-=cut
-
-sub deactivateAccountConfirm {
- my $self = shift;
-
- # Cannot deactivate "Visitor" or "Admin" users this way
- return $self->session->privilege->vitalComponent
- if $self->isVisitor || $self->isAdmin;
-
- my $i18n = WebGUI::International->new($self->session);
-
- # Change user's status
- my $user = $self->user;
- $user->status("Selfdestructed");
-
- # TODO: Fix displayLogin in all subclasses to have the same prototype. THIS WILL BREAK API!
- # Show the login form
- #$self->logout;
- #return $self->displayLogin(undef, {
- #'login.message' => sprintf( $i18n->get("deactivateAccount success"), $user->username )
- #});
-
- $self->logout;
- return undef;
-}
-
-#-------------------------------------------------------------------
-
=head2 delete ( [param] )
Delete one or all parameters for this auth method. Deleting all parameters
@@ -498,109 +243,6 @@ sub deleteSingleParam {
#-------------------------------------------------------------------
-=head2 displayAccount ( method [,vars] )
-
-Superclass method that performs general functionality for viewing editable fields related to a user's account.
-
-=head3 method
-
-Auth method that the form for updating a user's account should call
-
-=head3 vars
-
-Array ref of template vars from subclass
-
-=cut
-
-sub displayAccount {
- my $self = shift;
- my $method = shift;
- my $vars = shift;
-
- my $i18n = WebGUI::International->new($self->session);
- $vars->{title} = $i18n->get(61);
-
- $vars->{'account.form.header'} = WebGUI::Form::formHeader($self->session,{});
- $vars->{'account.form.header'} .= WebGUI::Form::hidden($self->session,{"name"=>"op","value"=>"auth"});
- $vars->{'account.form.header'} .= WebGUI::Form::hidden($self->session,{"name"=>"method","value"=>$method});
- if ($self->session->setting->get("useKarma")) {
- $vars->{'account.form.karma'} = $self->session->user->karma;
- $vars->{'account.form.karma.label'} = $i18n->get(537);
- }
- $vars->{'account.form.submit'} = WebGUI::Form::submit($self->session,{});
- $vars->{'account.form.footer'} = WebGUI::Form::formFooter($self->session,);
-
- ########### ACCOUNT SHUNT
- #The following is a shunt which allows the displayAccount page to be displayed in the
- #Account system. This shunt will be replaced in WebGUI 8 when the API can be broken
- my $output = WebGUI::Asset::Template->newById($self->session,$self->getAccountTemplateId)->process($vars);
- #If the account system is calling this method, just return the template
- my $op = $self->session->form->get("op");
- if($op eq "account") {
- return $output;
- }
- #Otherwise wrap the template into the account layout
- my $instance = WebGUI::Content::Account->createInstance($self->session,"user");
- return $instance->displayContent($output,1);
-}
-
-#-------------------------------------------------------------------
-
-=head2 displayLogin ( [method,vars] )
-
-Superclass method that performs general functionality for creating new accounts.
-
-=head3 method
-
-Auth method that the form for performing the login routine should call
-
-=head3 vars
-
-Array ref of template vars from subclass
-
-=cut
-
-sub displayLogin {
- my $self = shift;
- my $method = $_[0] || "login";
- my $vars = $_[1];
- # Automatically set redirectAfterLogin unless we've linked here directly
- # or it's already been set to perform another operation
- unless (
- $self->session->form->process("op") eq "auth"
- || ($self->session->scratch->get("redirectAfterLogin") =~ /op=\w+/)
- ) {
- my $returnUrl
- = $self->session->form->get('returnUrl')
- || $self->session->url->page( $self->session->request->env->{'QUERY_STRING'} )
- ;
- $self->session->scratch->set("redirectAfterLogin", $returnUrl);
- }
- my $i18n = WebGUI::International->new($self->session);
- $vars->{title} = $i18n->get(66);
- my $action;
- if ($self->session->setting->get("encryptLogin")) {
- $action = $self->session->url->page(undef,1);
- $action =~ s/http:/https:/;
- }
- $vars->{'login.form.header'} = WebGUI::Form::formHeader($self->session,{action=>$action});
- $vars->{'login.form.hidden'} = WebGUI::Form::hidden($self->session,{"name"=>"op","value"=>"auth"});
- $vars->{'login.form.hidden'} .= WebGUI::Form::hidden($self->session,{"name"=>"method","value"=>$method});
- $vars->{'login.form.username'} = WebGUI::Form::text($self->session,{"name"=>"username"});
- $vars->{'login.form.username.label'} = $i18n->get(50);
- $vars->{'login.form.password'} = WebGUI::Form::password($self->session,{"name"=>"identifier"});
- $vars->{'login.form.password.label'} = $i18n->get(51);
- $vars->{'login.form.submit'} = WebGUI::Form::submit($self->session,{"value"=>$i18n->get(52)});
- $vars->{'login.form.footer'} = WebGUI::Form::formFooter($self->session,);
- $vars->{'anonymousRegistration.isAllowed'} = ($self->session->setting->get("anonymousRegistration"));
- $vars->{'createAccount.url'} = $self->session->url->page('op=auth;method=createAccount');
- $vars->{'createAccount.label'} = $i18n->get(67);
- my $template = $self->getLoginTemplate;
- return $template->process($vars);
-}
-
-#-------------------------------------------------------------------
-
=head2 editUserForm ( )
Creates user form elements specific to this Auth Method.
@@ -634,11 +276,7 @@ You need to override this method in your auth module. It needs to return a the r
sub editSettingsForm {
}
-# Backwards compatiblity for method renaming
-sub editUserSettingsForm {
- my $self = shift;
- return $self->editSettingsForm( @_ );
-}
+deprecate editUserSettingsForm => 'editSettingsForm';
#-------------------------------------------------------------------
@@ -652,10 +290,7 @@ sub editSettingsFormSave {
}
# Backwards compatiblity for method renaming
-sub editUserSettingsFormSave {
- my $self = shift;
- return $self->editSettingsFormSave( @_ );
-}
+deprecate editSettingsFormSave => 'editSettingsFormSave';
#-------------------------------------------------------------------
@@ -840,20 +475,6 @@ sub getSetting {
#-------------------------------------------------------------------
-=head2 init ( )
-
-Initialization function for these auth routines. Default is a superclass function called displayLogin.
-Override this method in your subclass to change the initialization for custom authentication methods
-
-=cut
-
-sub init {
- my $self = shift;
- return $self->displayLogin;
-}
-
-#-------------------------------------------------------------------
-
=head2 isAdmin ()
NOTE: This method is deprecated. Use user->isAdmin instead.
@@ -920,96 +541,6 @@ sub isVisitor {
#-------------------------------------------------------------------
-=head2 login ( )
-
-Superclass method that performs standard login routines. This is what should happen after a user has been authenticated.
-Authentication should always happen in the subclass routine.
-
-Open version tag is reclaimed if user is in site wide or singlePerUser mode.
-
-=cut
-
-sub login {
- my $self = shift;
- #Create a new user
- my $uid = $self->userId;
- my $u = WebGUI::User->new($self->session,$uid);
- $self->session->user({user=>$u});
- $u->karma($self->session->setting->get("karmaPerLogin"),"Login","Just for logging in.") if ($self->session->setting->get("useKarma"));
- $self->_logLogin($uid,"success");
-
- if ($self->session->setting->get('encryptLogin')) {
- my $currentUrl = $self->session->url->page(undef,1);
- $currentUrl =~ s/^https:/http:/;
- $self->session->http->setRedirect($currentUrl);
- }
-
- # Run on login
- my $command = $self->session->config->get("runOnLogin");
- if ($command ne "") {
- WebGUI::Macro::process($self->session,\$command);
- my $error = qx($command);
- $self->session->log->warn($error) if $error;
- }
-
-
- # Set the proper redirect
- if ( $self->session->setting->get( 'showMessageOnLogin' )
- && $self->user->profileField( $LOGIN_MESSAGE_SEEN )
- < $self->session->setting->get( 'showMessageOnLoginTimes' )
- ) {
- return $self->showMessageOnLogin;
- }
- elsif ( $self->session->form->get('returnUrl') ) {
- $self->session->http->setRedirect( $self->session->form->get('returnUrl') );
- $self->session->scratch->delete("redirectAfterLogin");
- }
- elsif ( my $url = $self->session->scratch->delete("redirectAfterLogin") ) {
- $self->session->http->setRedirect($url);
- }
- elsif ( $self->session->setting->get("redirectAfterLoginUrl") ) {
- $self->session->http->setRedirect($self->session->setting->get("redirectAfterLoginUrl"));
- $self->session->scratch->delete("redirectAfterLogin");
- }
-
- # Get open version tag. This is needed if we want
- # to reclaim a version right after login (singlePerUser and siteWide mode)
- # and to have the correct version displayed.
- WebGUI::VersionTag->getWorking($self->session(), q{noCreate});
-
- return undef;
-}
-
-#-------------------------------------------------------------------
-
-=head2 logout ( )
-
-Superclass method that performs standard logout routines.
-
-=cut
-
-sub logout {
- my $self = shift;
- $self->session->var->end($self->session->var->get("sessionId"));
- $self->session->user({userId=>'1'});
- my $u = WebGUI::User->new($self->session,1);
- $self->{user} = $u;
-
- my $command = $self->session->config->get("runOnLogout");
- if ($command ne "") {
- WebGUI::Macro::process($self->session,\$command);
- my $error = qx($command);
- $self->session->log->warn($error) if $error;
- }
-
- # Do not allow caching of the logout page (to ensure the page gets requested)
- $self->session->http->setCacheControl( "none" );
-
- return undef;
-}
-
-#-------------------------------------------------------------------
-
=head2 new ( session, [ user|userId ] )
Constructor.
@@ -1110,46 +641,6 @@ sub saveParams {
return $self->update( $data );
}
-#----------------------------------------------------------------------------
-
-=head2 showMessageOnLogin ( )
-
-Show the requested message after the user logs in. Add another tally to the
-number of times the message has been displayed. Show a link to the next
-stage for the user.
-
-=cut
-
-sub showMessageOnLogin {
- my $self = shift;
- my $i18n = WebGUI::International->new( $self->session, 'Auth' );
-
- # Increment the number of time seen.
- $self->user->profileField( $LOGIN_MESSAGE_SEEN,
- $self->user->profileField( $LOGIN_MESSAGE_SEEN ) + 1
- );
-
- # Show the message, processing for macros
- my $output = $self->session->setting->get( 'showMessageOnLoginBody' );
- WebGUI::Macro::process( $self->session, \$output );
-
- # Add the link to continue
- my $session = $self->session;
- my $redirectUrl = $self->session->form->get( 'returnUrl' )
- || $self->session->setting->get("redirectAfterLoginUrl")
- || $self->session->scratch->get( 'redirectAfterLogin' )
- || $self->session->url->getBackToSiteURL
- ;
-
- $output .= '' . $i18n->get( 'showMessageOnLogin return' )
- . '
'
- ;
-
- # No matter what, we won't be redirecting after this
- $self->session->scratch->delete( 'redirectAfterLogin' );
-
- return $output;
-}
#----------------------------------------------------------------------------
@@ -1277,4 +768,529 @@ sub validUsername {
return $error eq "";
}
+#-------------------------------------------------------------------
+
+=head2 www_createAccount ( method [,vars] )
+
+Superclass method that performs general functionality for creating new accounts.
+
+=head3 method
+
+Auth method that the form for creating users should call
+
+=head3 vars
+
+Array ref of template vars from subclass
+
+=cut
+
+sub www_createAccount {
+ my $self = shift;
+ my $method = shift;
+ my $vars = shift;
+ my $i18n = WebGUI::International->new($self->session);
+ $vars->{title} = $i18n->get(54);
+
+ $vars->{'create.form.header'}
+ = WebGUI::Form::formHeader($self->session)
+ . WebGUI::Form::hidden($self->session,{"name"=>"op","value"=>"auth"})
+ . WebGUI::Form::hidden($self->session,{"name"=>"method","value"=>$method})
+ ;
+
+ # User Defined Options
+ my $userInvitation = $self->session->setting->get('inboxInviteUserEnabled');
+ $vars->{'create.form.profile'} = [];
+ foreach my $field (@{WebGUI::ProfileField->getRegistrationFields($self->session)}) {
+ my $id = $field->getId;
+ my $label = $field->getLabel;
+ my $required = $field->isRequired;
+
+ my $properties = {};
+ if ($required) {
+ my $fieldValue = $self->session->form->process($field->getId,$field->get("fieldType"));
+ $properties->{extras} = $self->getExtrasStyle($fieldValue);
+ }
+
+ my $formField;
+ # Get the default email from the invitation
+ if ($field->get('fieldName') eq "email" && $userInvitation ) {
+ my $code = $self->session->form->get('code')
+ || $self->session->form->get('uniqueUserInvitationCode');
+ my $defaultValue
+ = $self->session->db->quickScalar(
+ 'SELECT email FROM userInvitations WHERE inviteId=?',
+ [$code]
+ );
+ $vars->{'create.form.header'} .= WebGUI::Form::hidden($self->session, {name=>"uniqueUserInvitationCode", value=>$code});
+ $formField = $field->formField($properties, undef, undef, undef, $defaultValue);
+ }
+ else {
+ $formField = $field->formField($properties);
+ }
+
+
+ # Old-style field loop.
+ push @{$vars->{'create.form.profile'}}, {
+ 'profile.formElement' => $formField,
+ 'profile.formElement.label' => $label,
+ 'profile.required' => $required,
+ };
+
+ # Individual field template vars.
+ my $prefix = 'create.form.profile.'.$id.'.';
+ $vars->{ $prefix . 'formElement' } = $formField;
+ $vars->{ $prefix . 'formElement.label' } = $label;
+ $vars->{ $prefix . 'required' } = $required;
+ }
+
+ $vars->{'create.form.submit'} = WebGUI::Form::submit($self->session,{});
+ $vars->{'create.form.footer'} = WebGUI::Form::formFooter($self->session,);
+
+ $vars->{'login.url'} = $self->session->url->page('op=auth;method=init');
+ $vars->{'login.label'} = $i18n->get(58);
+
+ return WebGUI::Asset::Template->newById($self->session,$self->getCreateAccountTemplateId)->process($vars);
+}
+
+deprecate createAccount => 'www_createAccount';
+
+#-------------------------------------------------------------------
+
+=head2 www_createAccountSave ( username,properties [,password,profile] )
+
+Superclass method that performs general functionality for saving new accounts. Based
+on various settings and user actions, it may return output that should be displayed
+to the user.
+
+=head3 username
+
+Username for the account being created
+
+=head3 properties
+
+Properties from the subclass that should be saved as authentication parameters
+
+=head3 password
+
+Password entered by the user. This is only used in for sending the user a notification by email of his/her username/password
+
+=head3 profile
+
+Hashref of profile values returned by the function WebGUI::User::validateProfileDataFromForm($fields);
+
+=cut
+
+sub www_createAccountSave {
+ my $self = shift;
+ my $username = $_[0];
+ my $properties = $_[1];
+ my $password = $_[2];
+ my $profile = $_[3];
+
+ my $i18n = WebGUI::International->new($self->session);
+
+
+ my $u = WebGUI::User->new($self->session,"new");
+ $self->user($u);
+ my $userId = $u->userId;
+ $u->username($username);
+ $u->authMethod($self->authMethod);
+ $u->karma($self->session->setting->get("karmaPerLogin"),"Login","Just for logging in.") if ($self->session->setting->get("useKarma"));
+ $u->updateProfileFields($profile) if ($profile);
+ $self->update($properties);
+
+ if ($self->getSetting("sendWelcomeMessage")){
+ my $var;
+ $var->{welcomeMessage} = $self->getSetting("welcomeMessage");
+ $var->{newUser_username} = $username;
+ $var->{newUser_password} = $password;
+ my $message = WebGUI::Asset::Template->newById($self->session,$self->getSetting('welcomeMessageTemplate'))->process($var);
+ WebGUI::Macro::process($self->session,\$message);
+ WebGUI::Inbox->new($self->session)->addMessage({
+ message => $message,
+ subject => $i18n->get(870),
+ userId => $self->userId,
+ status => 'completed',
+ });
+ }
+
+ $self->session->user({user=>$u});
+ $self->_logLogin($userId,"success");
+
+ if ($self->session->setting->get("runOnRegistration")) {
+ WebGUI::Workflow::Instance->create($self->session, {
+ workflowId=>$self->session->setting->get("runOnRegistration"),
+ methodName=>"new",
+ className=>"WebGUI::User",
+ parameters=>$self->session->user->userId,
+ priority=>1
+ })->start;
+ }
+
+ ##Finalize the record in the user invitation table.
+ my $inviteId = $self->session->form->get('uniqueUserInvitationCode');
+ if ($inviteId) {
+ $self->session->db->setRow('userInvitations','inviteId',{
+ inviteId => $inviteId,
+ newUserId => $u->userId,
+ dateCreated => WebGUI::DateTime->new($self->session, time)->toMysqlDate,
+ });
+ #Get the invite record
+ my $inviteRecord = $self->session->db->getRow('userInvitations','inviteId',$inviteId);
+ #Get the user
+ my $inviteUser = WebGUI::User->new($self->session,$inviteRecord->{userId});
+ #Automatically add the friend that invited the user and vice versa if the friend has friends enabled
+ if($inviteUser->acceptsFriendsRequests($u)) {
+ my $friends = WebGUI::Friends->new($self->session,$u);
+ $friends->add([$inviteUser->userId]);
+ }
+ }
+
+ # If we have something to do after login, do it
+ if ( $self->session->setting->get( 'showMessageOnLogin' ) ) {
+ return $self->showMessageOnLogin;
+ }
+ elsif ($self->session->form->get('returnUrl')) {
+ $self->session->http->setRedirect( $self->session->form->get('returnUrl') );
+ $self->session->scratch->delete("redirectAfterLogin");
+ }
+ elsif ($self->session->scratch->get("redirectAfterLogin")) {
+ my $url = $self->session->scratch->delete("redirectAfterLogin");
+ $self->session->http->setRedirect($url);
+ return undef;
+ }
+ else {
+ $self->session->http->setStatus(201);
+ }
+
+ return undef;
+}
+
+deprecate createAccountSave => 'www_createAccountSave';
+
+#-------------------------------------------------------------------
+
+=head2 www_deactivateAccount ( method )
+
+Superclass method that displays a confirm message for deactivating a user's account.
+
+=head3 method
+
+Auth method that the form for creating users should call
+
+=cut
+
+sub www_deactivateAccount {
+ my $self = shift;
+ my $method = $_[0];
+ return $self->session->privilege->vitalComponent() if($self->isVisitor || $self->isAdmin);
+ return $self->session->privilege->adminOnly() if(!$self->session->setting->get("selfDeactivation"));
+ my $i18n = WebGUI::International->new($self->session);
+ my %var;
+ $var{title} = $i18n->get(42);
+ $var{question} = $i18n->get(60);
+ $var{'yes.url'} = $self->session->url->page('op=auth;method='.$method);
+ $var{'yes.label'} = $i18n->get(44);
+ $var{'no.url'} = $self->session->url->page();
+ $var{'no.label'} = $i18n->get(45);
+ return WebGUI::Asset::Template->new($self->session,$self->getDeactivateAccountTemplateId)->process(\%var);
+}
+
+deprecate deactivateAccount => 'www_deactivateAccount';
+
+#-------------------------------------------------------------------
+
+=head2 www_deactivateAccountConfirm ( )
+
+Superclass method that performs general functionality for deactivating accounts.
+
+=cut
+
+sub www_deactivateAccountConfirm {
+ my $self = shift;
+
+ # Cannot deactivate "Visitor" or "Admin" users this way
+ return $self->session->privilege->vitalComponent
+ if $self->isVisitor || $self->isAdmin;
+
+ my $i18n = WebGUI::International->new($self->session);
+
+ # Change user's status
+ my $user = $self->user;
+ $user->status("Selfdestructed");
+
+ # TODO: Fix displayLogin in all subclasses to have the same prototype. THIS WILL BREAK API!
+ # Show the login form
+ #$self->logout;
+ #return $self->displayLogin(undef, {
+ #'login.message' => sprintf( $i18n->get("deactivateAccount success"), $user->username )
+ #});
+
+ $self->logout;
+ return undef;
+}
+
+deprecate deactivateAccountConfirm => 'www_deactivateAccountConfirm';
+
+#-------------------------------------------------------------------
+
+=head2 www_displayAccount ( method [,vars] )
+
+Superclass method that performs general functionality for viewing editable fields related to a user's account.
+
+=head3 method
+
+Auth method that the form for updating a user's account should call
+
+=head3 vars
+
+Array ref of template vars from subclass
+
+=cut
+
+sub www_displayAccount {
+ my $self = shift;
+ my $method = shift;
+ my $vars = shift;
+
+ my $i18n = WebGUI::International->new($self->session);
+ $vars->{title} = $i18n->get(61);
+
+ $vars->{'account.form.header'} = WebGUI::Form::formHeader($self->session,{});
+ $vars->{'account.form.header'} .= WebGUI::Form::hidden($self->session,{"name"=>"op","value"=>"auth"});
+ $vars->{'account.form.header'} .= WebGUI::Form::hidden($self->session,{"name"=>"method","value"=>$method});
+ if ($self->session->setting->get("useKarma")) {
+ $vars->{'account.form.karma'} = $self->session->user->karma;
+ $vars->{'account.form.karma.label'} = $i18n->get(537);
+ }
+ $vars->{'account.form.submit'} = WebGUI::Form::submit($self->session,{});
+ $vars->{'account.form.footer'} = WebGUI::Form::formFooter($self->session,);
+
+ ########### ACCOUNT SHUNT
+ #The following is a shunt which allows the displayAccount page to be displayed in the
+ #Account system. This shunt will be replaced in WebGUI 8 when the API can be broken
+ my $output = WebGUI::Asset::Template->newById($self->session,$self->getAccountTemplateId)->process($vars);
+ #If the account system is calling this method, just return the template
+ my $op = $self->session->form->get("op");
+ if($op eq "account") {
+ return $output;
+ }
+ #Otherwise wrap the template into the account layout
+ my $instance = WebGUI::Content::Account->createInstance($self->session,"user");
+ return $instance->displayContent($output,1);
+}
+
+deprecate displayAccount => 'www_displayAccount';
+
+#-------------------------------------------------------------------
+
+=head2 www_displayLogin ( [method,vars] )
+
+Superclass method that performs general functionality for creating new accounts.
+
+=head3 method
+
+Auth method that the form for performing the login routine should call
+
+=head3 vars
+
+Array ref of template vars from subclass
+
+=cut
+
+sub www_displayLogin {
+ my $self = shift;
+ my $method = $_[0] || "login";
+ my $vars = $_[1];
+ print "Auth->www_displayLogin\n";
+ # Automatically set redirectAfterLogin unless we've linked here directly
+ # or it's already been set to perform another operation
+ unless (
+ $self->session->form->process("op") eq "auth"
+ || ($self->session->scratch->get("redirectAfterLogin") =~ /op=\w+/)
+ ) {
+ my $returnUrl
+ = $self->session->form->get('returnUrl')
+ || $self->session->url->page( $self->session->request->env->{'QUERY_STRING'} )
+ ;
+ $self->session->scratch->set("redirectAfterLogin", $returnUrl);
+ }
+ my $i18n = WebGUI::International->new($self->session);
+ $vars->{title} = $i18n->get(66);
+ my $action;
+ if ($self->session->setting->get("encryptLogin")) {
+ $action = $self->session->url->page(undef,1);
+ $action =~ s/http:/https:/;
+ }
+ $vars->{'login.form.header'} = WebGUI::Form::formHeader($self->session,{action=>$action});
+ $vars->{'login.form.hidden'} = WebGUI::Form::hidden($self->session,{"name"=>"op","value"=>"auth"});
+ $vars->{'login.form.hidden'} .= WebGUI::Form::hidden($self->session,{"name"=>"method","value"=>$method});
+ $vars->{'login.form.username'} = WebGUI::Form::text($self->session,{"name"=>"username"});
+ $vars->{'login.form.username.label'} = $i18n->get(50);
+ $vars->{'login.form.password'} = WebGUI::Form::password($self->session,{"name"=>"identifier"});
+ $vars->{'login.form.password.label'} = $i18n->get(51);
+ $vars->{'login.form.submit'} = WebGUI::Form::submit($self->session,{"value"=>$i18n->get(52)});
+ $vars->{'login.form.footer'} = WebGUI::Form::formFooter($self->session,);
+ $vars->{'anonymousRegistration.isAllowed'} = ($self->session->setting->get("anonymousRegistration"));
+ $vars->{'createAccount.url'} = $self->session->url->page('op=auth;method=createAccount');
+ $vars->{'createAccount.label'} = $i18n->get(67);
+ my $template = $self->getLoginTemplate;
+ return $template->process($vars);
+}
+
+deprecate displayLogin => 'www_displayLogin';
+
+#-------------------------------------------------------------------
+
+=head2 www_login ( )
+
+Superclass method that performs standard login routines. This is what should happen after a user has been authenticated.
+Authentication should always happen in the subclass routine.
+
+Open version tag is reclaimed if user is in site wide or singlePerUser mode.
+
+=cut
+
+sub www_login {
+ my $self = shift;
+ #Create a new user
+ my $uid = $self->userId;
+ my $u = WebGUI::User->new($self->session,$uid);
+ $self->session->user({user=>$u});
+ $u->karma($self->session->setting->get("karmaPerLogin"),"Login","Just for logging in.") if ($self->session->setting->get("useKarma"));
+ $self->_logLogin($uid,"success");
+
+ if ($self->session->setting->get('encryptLogin')) {
+ my $currentUrl = $self->session->url->page(undef,1);
+ $currentUrl =~ s/^https:/http:/;
+ $self->session->http->setRedirect($currentUrl);
+ }
+
+ # Run on login
+ my $command = $self->session->config->get("runOnLogin");
+ if ($command ne "") {
+ WebGUI::Macro::process($self->session,\$command);
+ my $error = qx($command);
+ $self->session->log->warn($error) if $error;
+ }
+
+
+ # Set the proper redirect
+ if ( $self->session->setting->get( 'showMessageOnLogin' )
+ && $self->user->profileField( $LOGIN_MESSAGE_SEEN )
+ < $self->session->setting->get( 'showMessageOnLoginTimes' )
+ ) {
+ return $self->showMessageOnLogin;
+ }
+ elsif ( $self->session->form->get('returnUrl') ) {
+ $self->session->http->setRedirect( $self->session->form->get('returnUrl') );
+ $self->session->scratch->delete("redirectAfterLogin");
+ }
+ elsif ( my $url = $self->session->scratch->delete("redirectAfterLogin") ) {
+ $self->session->http->setRedirect($url);
+ }
+ elsif ( $self->session->setting->get("redirectAfterLoginUrl") ) {
+ $self->session->http->setRedirect($self->session->setting->get("redirectAfterLoginUrl"));
+ $self->session->scratch->delete("redirectAfterLogin");
+ }
+
+ # Get open version tag. This is needed if we want
+ # to reclaim a version right after login (singlePerUser and siteWide mode)
+ # and to have the correct version displayed.
+ WebGUI::VersionTag->getWorking($self->session(), q{noCreate});
+
+ return undef;
+}
+
+deprecate login => 'www_login';
+
+#-------------------------------------------------------------------
+
+=head2 www_logout ( )
+
+Superclass method that performs standard logout routines.
+
+=cut
+
+sub www_logout {
+ my $self = shift;
+ $self->session->var->end($self->session->var->get("sessionId"));
+ $self->session->user({userId=>'1'});
+ my $u = WebGUI::User->new($self->session,1);
+ $self->{user} = $u;
+
+ my $command = $self->session->config->get("runOnLogout");
+ if ($command ne "") {
+ WebGUI::Macro::process($self->session,\$command);
+ my $error = qx($command);
+ $self->session->log->warn($error) if $error;
+ }
+
+ # Do not allow caching of the logout page (to ensure the page gets requested)
+ $self->session->http->setCacheControl( "none" );
+
+ return undef;
+}
+
+deprecate logout => 'www_logout';
+
+#----------------------------------------------------------------------------
+
+=head2 www_showMessageOnLogin ( )
+
+Show the requested message after the user logs in. Add another tally to the
+number of times the message has been displayed. Show a link to the next
+stage for the user.
+
+=cut
+
+sub www_showMessageOnLogin {
+ my $self = shift;
+ my $i18n = WebGUI::International->new( $self->session, 'Auth' );
+
+ # Increment the number of time seen.
+ $self->user->profileField( $LOGIN_MESSAGE_SEEN,
+ $self->user->profileField( $LOGIN_MESSAGE_SEEN ) + 1
+ );
+
+ # Show the message, processing for macros
+ my $output = $self->session->setting->get( 'showMessageOnLoginBody' );
+ WebGUI::Macro::process( $self->session, \$output );
+
+ # Add the link to continue
+ my $session = $self->session;
+ my $redirectUrl = $self->session->form->get( 'returnUrl' )
+ || $self->session->setting->get("redirectAfterLoginUrl")
+ || $self->session->scratch->get( 'redirectAfterLogin' )
+ || $self->session->url->getBackToSiteURL
+ ;
+
+ $output .= '' . $i18n->get( 'showMessageOnLogin return' )
+ . '
'
+ ;
+
+ # No matter what, we won't be redirecting after this
+ $self->session->scratch->delete( 'redirectAfterLogin' );
+
+ return $output;
+}
+
+deprecate 'showMessageOnLogin' => 'www_showMessageOnLogin';
+
+#-------------------------------------------------------------------
+
+=head2 www_view ( )
+
+Initialization function for these auth routines. Default is a superclass function called displayLogin.
+Override this method in your subclass to change the initialization for custom authentication methods
+
+=cut
+
+sub www_view {
+ my $self = shift;
+ return $self->displayLogin;
+}
+
+deprecate init => 'www_view';
+
1;
diff --git a/lib/WebGUI/Auth/Facebook.pm b/lib/WebGUI/Auth/Facebook.pm
index 7b03bbb9f..2067053a2 100644
--- a/lib/WebGUI/Auth/Facebook.pm
+++ b/lib/WebGUI/Auth/Facebook.pm
@@ -223,13 +223,13 @@ sub www_callback {
if ( $userId ) {
my $user = WebGUI::User->new( $session, $userId );
$self->user( $user );
- return $self->login;
+ return $self->SUPER::www_login;
}
# Otherwise see if their screen name exists and create a user
elsif ( !WebGUI::User->newByUsername( $session, $fbuser->{name}) ) {
my $user = $self->createFacebookUser( $fbuser );
$self->user( $user );
- return $self->login;
+ return $self->SUPER::www_login;
}
# Otherwise ask them for a new username to use
@@ -267,7 +267,7 @@ sub www_setUsername {
if ( !WebGUI::User->newByUsername( $session, $fbuser->{name} ) ) {
my $user = $self->createFacebookUser( $fbuser );
$self->user( $user );
- return $self->login;
+ return $self->www_login;
}
# Username is again taken! Noooooo!
diff --git a/lib/WebGUI/Auth/LDAP.pm b/lib/WebGUI/Auth/LDAP.pm
index e8f508ffc..971ff768f 100644
--- a/lib/WebGUI/Auth/LDAP.pm
+++ b/lib/WebGUI/Auth/LDAP.pm
@@ -245,208 +245,6 @@ sub connectToLDAP {
#-------------------------------------------------------------------
-=head2 createAccount ( message, confirm )
-
-Show the form to create a new LDAP account relationship
-
-=cut
-
-sub createAccount {
- my $self = shift;
- my $message = shift;
- my $confirm = shift || $self->session->form->process("confirm");
- my $vars;
- if ($self->session->user->isRegistered) {
- return $self->displayAccount;
- }
- elsif (!$self->session->setting->get("anonymousRegistration") && !$self->session->setting->get('inboxInviteUserEnabled')) {
- return $self->displayLogin;
- }
-
-
- my $connection = $self->getLDAPConnection;
- if (! $connection) {
- $self->session->log->error('Unable to create LDAP account as there is no LDAP connection defined');
- return $self->displayLogin;
- }
- $vars->{'create.message'} = $message if ($message);
- my $i18n = WebGUI::International->new($self->session,"AuthLDAP");
- $vars->{'create.form.ldapConnection.label'} = $i18n->get("ldapConnection");
-
- my $url = $self->session->url->page("op=auth;method=createAccount;connection=");
- $vars->{'create.form.ldapConnection'} = WebGUI::Form::selectBox($self->session, {
- name=>"ldapConnection",
- options=>WebGUI::LDAPLink->getList($self->session,),
- value=>[$connection->{ldapLinkId}],
- extras=>qq|onchange="location.href='$url'+this.options[this.selectedIndex].value"|
- });
- my $ldapId = $self->session->form->process("authLDAP_ldapId");
- $vars->{'create.form.ldapId'} = WebGUI::Form::text($self->session,{
- name =>"authLDAP_ldapId",
- value =>$ldapId,
- extras => $self->getExtrasStyle($ldapId)
- });
- $vars->{'create.form.ldapId.label'} = $connection->{ldapIdentityName};
-
- my $ldapPwd = $self->session->form->process("authLDAP_identifier");
- $vars->{'create.form.password'} = WebGUI::Form::password($self->session,{
- "name"=>"authLDAP_identifier",
- "value"=> $ldapPwd,
- extras => $self->getExtrasStyle($ldapPwd)
- });
- $vars->{'create.form.password.label'} = $connection->{ldapPasswordName};
-
- $vars->{'create.form.hidden'} = WebGUI::Form::hidden($self->session,{"name"=>"confirm","value"=>$confirm});
- return $self->SUPER::createAccount("createAccountSave",$vars);
-}
-
-#-------------------------------------------------------------------
-
-=head2 createAccountSave ( )
-
-Process the form to create a new LDAP account relationship
-
-=cut
-
-sub createAccountSave {
- my $self = shift;
- my $username = $self->session->form->process('authLDAP_ldapId');
- my $password = $self->session->form->process('authLDAP_identifier');
- my $error = "";
- my $i18n = WebGUI::International->new($self->session);
-
- #Validate user in LDAP
- if(!$self->_isValidLDAPUser()){
- return $self->createAccount("".$i18n->get(70)."
".$self->error);
- }
-
- my $connection = $self->getLDAPConnection;
- if (! $connection) {
- return $self->createAccount("".$i18n->get('no ldap link for auth')."
".$self->error);
- }
- #Get connectDN from settings
- my $uri = URI->new($connection->{ldapUrl});
- my $ldap = Net::LDAP->new($uri->host, (port=>$uri->port,scheme=>$uri->scheme));
- my $auth;
- if($connection->{connectDn}) {
- $auth = $ldap->bind(dn=>$connection->{connectDn}, password=>$connection->{identifier});
- }
- else{
- $auth = $ldap->bind;
- }
- #$ldap->bind;
- my $search = $ldap->search (base => $uri->dn, filter=>$connection->{ldapIdentity}."=".$username);
- my $connectDN = "";
- if (defined $search->entry(0)) {
- if ($connection->{ldapUserRDN} eq 'dn') {
- $connectDN = $search->entry(0)->dn;
- }
- else {
- $connectDN = $search->entry(0)->get_value($connection->{ldapUserRDN});
- }
- }
- $ldap->unbind;
-
-
- #Check that username is valid and not a duplicate in the system.
- $error .= $self->error if(!$self->validUsername($username));
- #Validate profile data.
- my ($profile, $temp, $warning) = WebGUI::Operation::Profile::validateProfileData($self->session);
- $error .= $temp;
- return $self->createAccount("".$error."") unless ($error eq "");
- #If Email address is not unique, a warning is displayed
- if($warning ne "" && !$self->session->form->process("confirm")){
- return $self->createAccount(''.$i18n->get(1078).'', 1);
- }
-
- my $properties;
- $properties->{connectDN} = $connectDN;
- $properties->{ldapUrl} = $connection->{ldapUrl};
- $properties->{ldapConnection} = $connection->{ldapLinkId};
-
- return $self->SUPER::createAccountSave($username,$properties,$password,$profile);
-}
-
-#-------------------------------------------------------------------
-
-=head2 deactivateAccount ( )
-
-Show the confirmation form to deactivate the user's account
-
-=cut
-
-sub deactivateAccount {
- my $self = shift;
- return $self->displayLogin if($self->userId eq '1');
- return $self->SUPER::deactivateAccount("deactivateAccountConfirm");
-}
-
-#-------------------------------------------------------------------
-
-=head2 deactivateAccountConfirm ( )
-
-Confirm the user is deactivating their account.
-
-=cut
-
-sub deactivateAccountConfirm {
- my $self = shift;
- return $self->displayLogin unless ($self->session->setting->get("selfDeactivation"));
- return $self->SUPER::deactivateAccountConfirm;
-}
-
-#-------------------------------------------------------------------
-
-=head2 displayAccount ( message )
-
-Display the account details.
-
-=cut
-
-sub displayAccount {
- my $self = shift;
- my $vars;
- return $self->displayLogin($_[0]) if ($self->isVisitor);
- my $i18n = WebGUI::International->new($self->session);
- $vars->{displayTitle} = ''.$i18n->get(61).'
';
- $vars->{'account.message'} = $i18n->get(856);
- if($self->session->setting->get("useKarma")){
- $vars->{'account.form.karma'} = $self->session->user->profileField("karma");
- $vars->{'account.form.karma.label'} = $i18n->get(537);
- }
-
- ########### ACCOUNT SHUNT
- #The following is a shunt which allows the displayAccount page to be displayed in the
- #Account system. This shunt will be replaced in WebGUI 8 when the API can be broken
- my $output = WebGUI::Asset::Template->newById($self->session,$self->getAccountTemplateId)->process($vars);
- #If the account system is calling this method, just return the template
- my $op = $self->session->form->get("op");
- if($op eq "account") {
- return $output;
- }
- #Otherwise wrap the template into the account layout
- my $instance = WebGUI::Content::Account->createInstance($self->session,"user");
- return $instance->displayContent($output,1);
-}
-
-#-------------------------------------------------------------------
-
-=head2 displayLogin ( message )
-
-Web-facing method to display the login form.
-
-=cut
-
-sub displayLogin {
- my $self = shift;
- my $vars;
- return $self->displayAccount($_[0]) if ($self->isRegistered);
- $vars->{'login.message'} = $_[0] if ($_[0]);
- return $self->SUPER::displayLogin("login",$vars);
-}
-
-#-------------------------------------------------------------------
-
=head2 editUserForm ( )
Creates user form elements specific to this Auth Method.
@@ -677,60 +475,6 @@ sub getLoginTemplateId {
#-------------------------------------------------------------------
-=head2 login ( )
-
-Process the login form. Create a new account if auto registration is enabled.
-
-=cut
-
-sub login {
- my $self = shift;
- my $i18n = WebGUI::International->new($self->session);
- my $username = $self->session->form->process("username");
- my $identifier = $self->session->form->process("identifier");
- my $autoRegistration = $self->session->setting->get("automaticLDAPRegistration");
- my $hasAuthenticated = 0;
-
- $hasAuthenticated = 1 if ( $self->authenticate($username,$identifier) );
-
- my $connection = $self->getLDAPConnection;
- if (! $connection) {
- return $self->displayLogin("".$i18n->get('no ldap logins')."
".$self->error);
- }
-
- # Autoregistration is on and they didn't authenticate yet
- if ($autoRegistration && !$hasAuthenticated) {
- # See if they are in LDAP and if so that they can bind with the password given.
- if($self->_isValidLDAPUser()) {
-
- # Create a WebGUI Account
- if ($self->validUsername($username)) {
- $self->SUPER::createAccountSave($username, {
- connectDN => $self->getConnectDN,
- ldapUrl => $connection->{ldapUrl},
- ldapConnection => $connection->{ldapLinkId},
- },$identifier);
- $hasAuthenticated = 1;
-
- # Pull the users profile from LDAP to WebGUI
- WebGUI::Workflow::Instance->create($self->session, {
- workflowId=>'AuthLDAPworkflow000001',
- methodName=>"new",
- className=>"WebGUI::User",
- parameters=>$self->session->user->userId,
- priority=>3
- })->start;
- }
- }
- }
- return $self->SUPER::login() if $hasAuthenticated; #Standard login routine for login
-
- $self->session->log->security("login to account ".$self->session->form->process("username")." with invalid information.");
- return $self->displayLogin("".$i18n->get(70)."
".$self->error);
-}
-
-#-------------------------------------------------------------------
-
=head2 new ( session, userId )
Create a new Auth instance. C is the ID of the user to be authenticated.
@@ -742,14 +486,6 @@ sub new {
my $session = shift;
my $userId = shift;
my $self = $class->SUPER::new($session,$userId);
- $self->setCallable([
- 'createAccount','deactivateAccount','displayAccount','displayLogin',
- 'login','logout','createAccountSave','deactivateAccountConfirm',
- ]);
- #my $connection = $session->scratch->get("ldapConnection") || $session->setting->get("ldapConnection");
- #my $ldaplink = WebGUI::LDAPLink->new($session,$connection);
- #$self->{_connection} = $ldaplink->get if $ldaplink;
-
my $i18n = WebGUI::International->new($session, "AuthLDAP");
my %ldapStatusCode = map { $_ => $i18n->get("LDAPLink_".$_) }
(0..21, 32,33,34,36, 48..54, 64..71, 80);
@@ -783,5 +519,262 @@ sub setConnectDN {
$self->{_connectDN} = $_[0];
}
+#-------------------------------------------------------------------
+
+=head2 www_createAccount ( message, confirm )
+
+Show the form to create a new LDAP account relationship
+
+=cut
+
+sub www_createAccount {
+ my $self = shift;
+ my $message = shift;
+ my $confirm = shift || $self->session->form->process("confirm");
+ my $vars;
+ if ($self->session->user->isRegistered) {
+ return $self->www_displayAccount;
+ }
+ elsif (!$self->session->setting->get("anonymousRegistration") && !$self->session->setting->get('inboxInviteUserEnabled')) {
+ return $self->www_displayLogin;
+ }
+
+
+ my $connection = $self->getLDAPConnection;
+ if (! $connection) {
+ $self->session->log->error('Unable to create LDAP account as there is no LDAP connection defined');
+ return $self->www_displayLogin;
+ }
+ $vars->{'create.message'} = $message if ($message);
+ my $i18n = WebGUI::International->new($self->session,"AuthLDAP");
+ $vars->{'create.form.ldapConnection.label'} = $i18n->get("ldapConnection");
+
+ my $url = $self->session->url->page("op=auth;method=createAccount;connection=");
+ $vars->{'create.form.ldapConnection'} = WebGUI::Form::selectBox($self->session, {
+ name=>"ldapConnection",
+ options=>WebGUI::LDAPLink->getList($self->session,),
+ value=>[$connection->{ldapLinkId}],
+ extras=>qq|onchange="location.href='$url'+this.options[this.selectedIndex].value"|
+ });
+ my $ldapId = $self->session->form->process("authLDAP_ldapId");
+ $vars->{'create.form.ldapId'} = WebGUI::Form::text($self->session,{
+ name =>"authLDAP_ldapId",
+ value =>$ldapId,
+ extras => $self->getExtrasStyle($ldapId)
+ });
+ $vars->{'create.form.ldapId.label'} = $connection->{ldapIdentityName};
+
+ my $ldapPwd = $self->session->form->process("authLDAP_identifier");
+ $vars->{'create.form.password'} = WebGUI::Form::password($self->session,{
+ "name"=>"authLDAP_identifier",
+ "value"=> $ldapPwd,
+ extras => $self->getExtrasStyle($ldapPwd)
+ });
+ $vars->{'create.form.password.label'} = $connection->{ldapPasswordName};
+
+ $vars->{'create.form.hidden'} = WebGUI::Form::hidden($self->session,{"name"=>"confirm","value"=>$confirm});
+ return $self->SUPER::www_createAccount("createAccountSave",$vars);
+}
+
+#-------------------------------------------------------------------
+
+=head2 www_createAccountSave ( )
+
+Process the form to create a new LDAP account relationship
+
+=cut
+
+sub www_createAccountSave {
+ my $self = shift;
+ my $username = $self->session->form->process('authLDAP_ldapId');
+ my $password = $self->session->form->process('authLDAP_identifier');
+ my $error = "";
+ my $i18n = WebGUI::International->new($self->session);
+
+ #Validate user in LDAP
+ if(!$self->_isValidLDAPUser()){
+ return $self->www_createAccount("".$i18n->get(70)."
".$self->error);
+ }
+
+ my $connection = $self->getLDAPConnection;
+ if (! $connection) {
+ return $self->www_createAccount("".$i18n->get('no ldap link for auth')."
".$self->error);
+ }
+ #Get connectDN from settings
+ my $uri = URI->new($connection->{ldapUrl});
+ my $ldap = Net::LDAP->new($uri->host, (port=>$uri->port,scheme=>$uri->scheme));
+ my $auth;
+ if($connection->{connectDn}) {
+ $auth = $ldap->bind(dn=>$connection->{connectDn}, password=>$connection->{identifier});
+ }
+ else{
+ $auth = $ldap->bind;
+ }
+ #$ldap->bind;
+ my $search = $ldap->search (base => $uri->dn, filter=>$connection->{ldapIdentity}."=".$username);
+ my $connectDN = "";
+ if (defined $search->entry(0)) {
+ if ($connection->{ldapUserRDN} eq 'dn') {
+ $connectDN = $search->entry(0)->dn;
+ }
+ else {
+ $connectDN = $search->entry(0)->get_value($connection->{ldapUserRDN});
+ }
+ }
+ $ldap->unbind;
+
+
+ #Check that username is valid and not a duplicate in the system.
+ $error .= $self->error if(!$self->validUsername($username));
+ #Validate profile data.
+ my ($profile, $temp, $warning) = WebGUI::Operation::Profile::validateProfileData($self->session);
+ $error .= $temp;
+ return $self->www_createAccount("".$error."") unless ($error eq "");
+ #If Email address is not unique, a warning is displayed
+ if($warning ne "" && !$self->session->form->process("confirm")){
+ return $self->www_createAccount(''.$i18n->get(1078).'', 1);
+ }
+
+ my $properties;
+ $properties->{connectDN} = $connectDN;
+ $properties->{ldapUrl} = $connection->{ldapUrl};
+ $properties->{ldapConnection} = $connection->{ldapLinkId};
+
+ return $self->SUPER::www_createAccountSave($username,$properties,$password,$profile);
+}
+
+#-------------------------------------------------------------------
+
+=head2 www_deactivateAccount ( )
+
+Show the confirmation form to deactivate the user's account
+
+=cut
+
+sub www_deactivateAccount {
+ my $self = shift;
+ return $self->www_displayLogin if($self->userId eq '1');
+ return $self->SUPER::www_deactivateAccount("deactivateAccountConfirm");
+}
+
+#-------------------------------------------------------------------
+
+=head2 www_deactivateAccountConfirm ( )
+
+Confirm the user is deactivating their account.
+
+=cut
+
+sub www_deactivateAccountConfirm {
+ my $self = shift;
+ return $self->www_displayLogin unless ($self->session->setting->get("selfDeactivation"));
+ return $self->SUPER::www_deactivateAccountConfirm;
+}
+
+#-------------------------------------------------------------------
+
+=head2 www_displayAccount ( message )
+
+Display the account details.
+
+=cut
+
+sub www_displayAccount {
+ my $self = shift;
+ my $vars;
+ return $self->www_displayLogin($_[0]) if ($self->isVisitor);
+ my $i18n = WebGUI::International->new($self->session);
+ $vars->{displayTitle} = ''.$i18n->get(61).'
';
+ $vars->{'account.message'} = $i18n->get(856);
+ if($self->session->setting->get("useKarma")){
+ $vars->{'account.form.karma'} = $self->session->user->profileField("karma");
+ $vars->{'account.form.karma.label'} = $i18n->get(537);
+ }
+
+ ########### ACCOUNT SHUNT
+ #The following is a shunt which allows the displayAccount page to be displayed in the
+ #Account system. This shunt will be replaced in WebGUI 8 when the API can be broken
+ my $output = WebGUI::Asset::Template->newById($self->session,$self->getAccountTemplateId)->process($vars);
+ #If the account system is calling this method, just return the template
+ my $op = $self->session->form->get("op");
+ if($op eq "account") {
+ return $output;
+ }
+ #Otherwise wrap the template into the account layout
+ my $instance = WebGUI::Content::Account->createInstance($self->session,"user");
+ return $instance->www_displayContent($output,1);
+}
+
+#-------------------------------------------------------------------
+
+=head2 www_displayLogin ( message )
+
+Web-facing method to display the login form.
+
+=cut
+
+sub www_displayLogin {
+ my $self = shift;
+ my $vars;
+ return $self->www_displayAccount($_[0]) if ($self->isRegistered);
+ $vars->{'login.message'} = $_[0] if ($_[0]);
+ return $self->SUPER::www_displayLogin("login",$vars);
+}
+
+
+#-------------------------------------------------------------------
+
+=head2 www_login ( )
+
+Process the login form. Create a new account if auto registration is enabled.
+
+=cut
+
+sub www_login {
+ my $self = shift;
+ my $i18n = WebGUI::International->new($self->session);
+ my $username = $self->session->form->process("username");
+ my $identifier = $self->session->form->process("identifier");
+ my $autoRegistration = $self->session->setting->get("automaticLDAPRegistration");
+ my $hasAuthenticated = 0;
+
+ $hasAuthenticated = 1 if ( $self->authenticate($username,$identifier) );
+
+ my $connection = $self->getLDAPConnection;
+ if (! $connection) {
+ return $self->www_displayLogin("".$i18n->get('no ldap logins')."
".$self->error);
+ }
+
+ # Autoregistration is on and they didn't authenticate yet
+ if ($autoRegistration && !$hasAuthenticated) {
+ # See if they are in LDAP and if so that they can bind with the password given.
+ if($self->_isValidLDAPUser()) {
+
+ # Create a WebGUI Account
+ if ($self->validUsername($username)) {
+ $self->SUPER::www_createAccountSave($username, {
+ connectDN => $self->getConnectDN,
+ ldapUrl => $connection->{ldapUrl},
+ ldapConnection => $connection->{ldapLinkId},
+ },$identifier);
+ $hasAuthenticated = 1;
+
+ # Pull the users profile from LDAP to WebGUI
+ WebGUI::Workflow::Instance->create($self->session, {
+ workflowId=>'AuthLDAPworkflow000001',
+ methodName=>"new",
+ className=>"WebGUI::User",
+ parameters=>$self->session->user->userId,
+ priority=>3
+ })->start;
+ }
+ }
+ }
+ return $self->SUPER::www_login() if $hasAuthenticated; #Standard login routine for login
+
+ $self->session->log->security("login to account ".$self->session->form->process("username")." with invalid information.");
+ return $self->www_displayLogin("".$i18n->get(70)."
".$self->error);
+}
+
1;
diff --git a/lib/WebGUI/Auth/Twitter.pm b/lib/WebGUI/Auth/Twitter.pm
index 21c6d974c..d8df7e63f 100644
--- a/lib/WebGUI/Auth/Twitter.pm
+++ b/lib/WebGUI/Auth/Twitter.pm
@@ -227,13 +227,13 @@ sub www_callback {
if ( $userId ) {
my $user = WebGUI::User->new( $session, $userId );
$self->user( $user );
- return $self->login;
+ return $self->SUPER::www_login;
}
# Otherwise see if their screen name exists and create a user
elsif ( !WebGUI::User->newByUsername( $session, $twitterScreenName ) ) {
my $user = $self->createTwitterUser( $twitterUserId, $twitterScreenName );
$self->user( $user );
- return $self->login;
+ return $self->SUPER::www_login;
}
# Otherwise ask them for a new username to use
diff --git a/lib/WebGUI/Auth/WebGUI.pm b/lib/WebGUI/Auth/WebGUI.pm
index cb7c2db89..2cb3610a0 100644
--- a/lib/WebGUI/Auth/WebGUI.pm
+++ b/lib/WebGUI/Auth/WebGUI.pm
@@ -22,6 +22,7 @@ use WebGUI::Storage;
use WebGUI::User;
use WebGUI::Form::Captcha;
use WebGUI::Macro;
+use WebGUI::Deprecate;
use Encode ();
use Tie::IxHash;
@@ -130,203 +131,6 @@ sub authenticate {
return 0;
}
-#-------------------------------------------------------------------
-sub createAccount {
- my $self = shift;
- my $session = $self->session;
- my $form = $session->form;
- my $setting = $session->setting;
-
- my $message = shift;
- my $confirm = shift || $form->process("confirm");
- my $vars = shift || {};
- my $i18n = WebGUI::International->new($session);
-
- if ($self->session->user->isRegistered) {
- return $self->displayAccount;
- }
- elsif (!$setting->get("anonymousRegistration") && !$setting->get('inboxInviteUserEnabled')) {
- return $self->displayLogin;
- }
-
- $vars->{'create.message'} = '' if ($message);
- $vars->{'useCaptcha' } = $setting->get("webguiUseCaptcha");
-
- if ($vars->{useCaptcha}) {
- use WebGUI::Form::Captcha;
- my $captcha = WebGUI::Form::Captcha->new($session,{
- name => "authWebGUI.captcha",
- extras => $self->getExtrasStyle
- });
- $vars->{'create.form.captcha'}
- = $captcha->toHtml . '' . $captcha->get('subtext').'';
- $vars->{'create.form.captcha.label'} = $i18n->get("captcha label","AuthWebGUI");
- }
-
- unless($setting->get('webguiUseEmailAsUsername')){
- my $username = $form->process("authWebGUI.username");
- $vars->{'create.form.username'}
- = WebGUI::Form::username($self->session, {
- name => "authWebGUI.username",
- value => $username,
- extras => $self->getExtrasStyle($username)
- });
- $vars->{'create.form.username.label'} = $i18n->get(50);
- }
-
- my $password = $form->process("authWebGUI.identifier");
- $vars->{'create.form.password'}
- = WebGUI::Form::password($self->session, {
- name => "authWebGUI.identifier",
- value => $password,
- extras => $self->getExtrasStyle($password)
- });
- $vars->{'create.form.password.label'} = $i18n->get(51);
-
- my $passwordConfirm = $form->process("authWebGUI.identifierConfirm");
- $vars->{'create.form.passwordConfirm'}
- = WebGUI::Form::password($self->session, {
- name => "authWebGUI.identifierConfirm",
- value => $passwordConfirm,
- extras => $self->getExtrasStyle($passwordConfirm)
- });
- $vars->{'create.form.passwordConfirm.label'} = $i18n->get(2,'AuthWebGUI');
-
- $vars->{'create.form.hidden'}
- = WebGUI::Form::hidden($self->session, {
- "name" => "confirm",
- "value" => $confirm
- });
- $vars->{'recoverPassword.isAllowed' } = $self->getSetting("passwordRecovery");
- $vars->{'recoverPassword.url' } = $self->session->url->page('op=auth;method=recoverPassword');
- $vars->{'recoverPassword.label' } = $i18n->get(59);
- return $self->SUPER::createAccount("createAccountSave",$vars);
-}
-
-#-------------------------------------------------------------------
-sub createAccountSave {
- my $self = shift;
- my $session = $self->session;
- my $form = $self->session->form;
- my $setting = $self->session->setting;
- my $i18n = WebGUI::International->new($session);
-
- # Logged in users cannot see this page
- return $self->displayAccount if ($session->user->isRegistered);
-
- # Make sure anonymous registration is enabled
- if (!$setting->get("anonymousRegistration") && !$setting->get("inboxInviteUserEnabled")) {
- $session->log->security($i18n->get("no registration hack", "AuthWebGUI"));
- return $self->displayLogin;
- }
- my $username;
- if($setting->get('webguiUseEmailAsUsername')){
- $username = $form->process('email');
- }
- else{
- $username = $form->process('authWebGUI.username');
- }
- my $password = $form->process('authWebGUI.identifier');
- my $passConfirm = $form->process('authWebGUI.identifierConfirm');
-
- # Validate input
- my $error;
- $error = $self->error unless($self->validUsername($username));
- if ($setting->get("webguiUseCaptcha")) {
- my $form = WebGUI::Form::Captcha->new($session, {name => 'authWebGUI.captcha'});
- if (! $form->getValue) {
- $error .= '' . $form->getErrorMessage . '';
- }
- }
- $error .= $self->error unless($self->_isValidPassword($password,$passConfirm));
-
- my $fields = WebGUI::ProfileField->getRegistrationFields($session);
- my $retHash = $self->user->validateProfileDataFromForm($fields);
- my $profile = $retHash->{profile};
- my $temp = "";
- my $warning = "";
-
- my $format = "%s";
- map { $warning .= sprintf($format,$_) } @{$retHash->{warnings}};
- map { $temp .= sprintf($format,$_) } @{$retHash->{errors}};
-
- $error .= $temp;
-
- unless ($error eq "") {
- $self->error($error);
- return $self->createAccount($error);
- }
-
- # If Email address is not unique, a warning is displayed
- if ($warning ne "" && !$self->session->form->process("confirm")) {
- return $self->createAccount(''.$i18n->get(1078).'', 1);
- }
-
- # Create the new account
- my $properties;
- $properties->{ changeUsername } = $setting->get("webguiChangeUsername");
- $properties->{ changePassword } = $setting->get("webguiChangePassword");
- $properties->{ identifier } = $self->hashPassword($password);
- $properties->{ passwordLastUpdated } = time();
- $properties->{ passwordTimeout } = $setting->get("webguiPasswordTimeout");
- $properties->{ status } = 'Deactivated' if ($setting->get("webguiValidateEmail"));
-
- my $afterCreateMessage = $self->SUPER::createAccountSave($username,$properties,$password,$profile);
-
- # Send validation e-mail if required
- if ($setting->get("webguiValidateEmail")) {
- my $key = $session->id->generate;
- $self->update(emailValidationKey=>$key);
- my $mail = WebGUI::Mail::Send->create($self->session, {
- to => $profile->{email},
- subject => $i18n->get('email address validation email subject','AuthWebGUI')
- });
- my $var;
- $var->{newUser_username} = $username;
- $var->{activationUrl} = $session->url->page("op=auth;method=validateEmail;key=".$key, 'full');
- my $text =
-WebGUI::Asset::Template->newById($self->session,$self->getSetting('accountActivationTemplate'))->process($var);
- WebGUI::Macro::process($self->session,\$text);
- $mail->addText($text);
- $mail->addFooter;
- $mail->queue;
- $self->user->status("Deactivated");
- $session->var->end($session->var->get("sessionId"));
- $session->var->start(1,$session->getId);
- my $u = WebGUI::User->new($session,1);
- $self->{user} = $u;
- $self->logout;
- return $self->displayLogin($i18n->get('check email for validation','AuthWebGUI'));
- }
- return $afterCreateMessage;
-}
-
-#-------------------------------------------------------------------
-sub deactivateAccount {
- my $self = shift;
- return $self->displayLogin if($self->isVisitor);
- return $self->SUPER::deactivateAccount("deactivateAccountConfirm");
-}
-
-#-------------------------------------------------------------------
-sub deactivateAccountConfirm {
- my $self = shift;
- return $self->displayLogin unless ($self->session->setting->get("selfDeactivation"));
-
- # Keep the username for a nice message
- my $username = $self->user->username;
-
- # Deactivate the account
- my $response = $self->SUPER::deactivateAccountConfirm;
-
- # If there was a response, it's probably an error
- return $response if $response;
-
- # Otherwise show the login form with a friendly message
- my $i18n = WebGUI::International->new($self->session);
- return $self->displayLogin(sprintf( $i18n->get("deactivateAccount success"), $username ));
-}
-
#-------------------------------------------------------------------
=head2 checkField ( )
@@ -339,51 +143,6 @@ or an empty string if the check was successful.
=cut
-#-------------------------------------------------------------------
-sub displayAccount {
- my $self = shift;
- my $vars;
- return $self->displayLogin($_[0]) if ($self->isVisitor);
- my $i18n = WebGUI::International->new($self->session);
- my $userData = $self->get;
- $vars->{'account.message'} = $_[0] if ($_[0]);
- $vars->{'account.noform'} = 1;
- if($userData->{changeUsername} || (!defined $userData->{changeUsername} && $self->session->setting->get("webguiChangeUsername"))){
- $vars->{'account.form.username'} = WebGUI::Form::text($self->session,{"name"=>"authWebGUI.username","value"=>$self->username});
- $vars->{'account.form.username.label'} = $i18n->get(50);
- $vars->{'account.noform'} = 0;
- }
- if($userData->{changePassword} || (!defined $userData->{changePassword} && $self->session->setting->get("webguiChangePassword"))){
- $vars->{'account.form.password'} = WebGUI::Form::password($self->session,{"name"=>"authWebGUI.identifier","value"=>"password"});
- $vars->{'account.form.password.label'} = $i18n->get(51);
- $vars->{'account.form.passwordConfirm'} = WebGUI::Form::password($self->session,{"name"=>"authWebGUI.identifierConfirm","value"=>"password"});
- $vars->{'account.form.passwordConfirm.label'} = $i18n->get(2,'AuthWebGUI');
- $vars->{'account.noform'} = 0;
- }
- $vars->{'account.nofields'} = $i18n->get(22,'AuthWebGUI');
- return $self->SUPER::displayAccount("updateAccount",$vars);
-}
-
-#-------------------------------------------------------------------
-
-=head2 displayLogin ( )
-
-The initial login screen an unauthenticated user sees
-
-=cut
-
-sub displayLogin {
- my $self = shift;
- my $vars;
- return $self->displayAccount($_[0]) if ($self->isRegistered);
- my $i18n = WebGUI::International->new($self->session);
- $vars->{'login.message'} = '' if ($_[0]);
- $vars->{'recoverPassword.isAllowed'} = $self->getSetting("passwordRecovery");
- $vars->{'recoverPassword.url'} = $self->session->url->page('op=auth;method=recoverPassword');
- $vars->{'recoverPassword.label'} = $i18n->get(59);
- return $self->SUPER::displayLogin("login",$vars);
-}
-
#-------------------------------------------------------------------
=head2 editUserForm ( )
@@ -781,15 +540,257 @@ sub hashPassword {
return Digest::MD5::md5_base64(Encode::encode_utf8($password));
}
+#-------------------------------------------------------------------
+sub www_createAccount {
+ my $self = shift;
+ my $session = $self->session;
+ my $form = $session->form;
+ my $setting = $session->setting;
+
+ my $message = shift;
+ my $confirm = shift || $form->process("confirm");
+ my $vars = shift || {};
+ my $i18n = WebGUI::International->new($session);
+
+ if ($self->session->user->isRegistered) {
+ return $self->www_displayAccount;
+ }
+ elsif (!$setting->get("anonymousRegistration") && !$setting->get('inboxInviteUserEnabled')) {
+ return $self->www_displayLogin;
+ }
+
+ $vars->{'create.message'} = '' if ($message);
+ $vars->{'useCaptcha' } = $setting->get("webguiUseCaptcha");
+
+ if ($vars->{useCaptcha}) {
+ use WebGUI::Form::Captcha;
+ my $captcha = WebGUI::Form::Captcha->new($session,{
+ name => "authWebGUI.captcha",
+ extras => $self->getExtrasStyle
+ });
+ $vars->{'create.form.captcha'}
+ = $captcha->toHtml . '' . $captcha->get('subtext').'';
+ $vars->{'create.form.captcha.label'} = $i18n->get("captcha label","AuthWebGUI");
+ }
+
+ unless($setting->get('webguiUseEmailAsUsername')){
+ my $username = $form->process("authWebGUI.username");
+ $vars->{'create.form.username'}
+ = WebGUI::Form::username($self->session, {
+ name => "authWebGUI.username",
+ value => $username,
+ extras => $self->getExtrasStyle($username)
+ });
+ $vars->{'create.form.username.label'} = $i18n->get(50);
+ }
+
+ my $password = $form->process("authWebGUI.identifier");
+ $vars->{'create.form.password'}
+ = WebGUI::Form::password($self->session, {
+ name => "authWebGUI.identifier",
+ value => $password,
+ extras => $self->getExtrasStyle($password)
+ });
+ $vars->{'create.form.password.label'} = $i18n->get(51);
+
+ my $passwordConfirm = $form->process("authWebGUI.identifierConfirm");
+ $vars->{'create.form.passwordConfirm'}
+ = WebGUI::Form::password($self->session, {
+ name => "authWebGUI.identifierConfirm",
+ value => $passwordConfirm,
+ extras => $self->getExtrasStyle($passwordConfirm)
+ });
+ $vars->{'create.form.passwordConfirm.label'} = $i18n->get(2,'AuthWebGUI');
+
+ $vars->{'create.form.hidden'}
+ = WebGUI::Form::hidden($self->session, {
+ "name" => "confirm",
+ "value" => $confirm
+ });
+ $vars->{'recoverPassword.isAllowed' } = $self->getSetting("passwordRecovery");
+ $vars->{'recoverPassword.url' } = $self->session->url->page('op=auth;method=recoverPassword');
+ $vars->{'recoverPassword.label' } = $i18n->get(59);
+ return $self->SUPER::www_createAccount("createAccountSave",$vars);
+}
#-------------------------------------------------------------------
-sub login {
+sub www_createAccountSave {
+ my $self = shift;
+ my $session = $self->session;
+ my $form = $self->session->form;
+ my $setting = $self->session->setting;
+ my $i18n = WebGUI::International->new($session);
+
+ # Logged in users cannot see this page
+ return $self->www_displayAccount if ($session->user->isRegistered);
+
+ # Make sure anonymous registration is enabled
+ if (!$setting->get("anonymousRegistration") && !$setting->get("inboxInviteUserEnabled")) {
+ $session->log->security($i18n->get("no registration hack", "AuthWebGUI"));
+ return $self->www_displayLogin;
+ }
+ my $username;
+ if($setting->get('webguiUseEmailAsUsername')){
+ $username = $form->process('email');
+ }
+ else{
+ $username = $form->process('authWebGUI.username');
+ }
+ my $password = $form->process('authWebGUI.identifier');
+ my $passConfirm = $form->process('authWebGUI.identifierConfirm');
+
+ # Validate input
+ my $error;
+ $error = $self->error unless($self->validUsername($username));
+ if ($setting->get("webguiUseCaptcha")) {
+ my $form = WebGUI::Form::Captcha->new($session, {name => 'authWebGUI.captcha'});
+ if (! $form->getValue) {
+ $error .= '' . $form->getErrorMessage . '';
+ }
+ }
+ $error .= $self->error unless($self->_isValidPassword($password,$passConfirm));
+
+ my $fields = WebGUI::ProfileField->getRegistrationFields($session);
+ my $retHash = $self->user->validateProfileDataFromForm($fields);
+ my $profile = $retHash->{profile};
+ my $temp = "";
+ my $warning = "";
+
+ my $format = "%s";
+ map { $warning .= sprintf($format,$_) } @{$retHash->{warnings}};
+ map { $temp .= sprintf($format,$_) } @{$retHash->{errors}};
+
+ $error .= $temp;
+
+ unless ($error eq "") {
+ $self->error($error);
+ return $self->www_createAccount($error);
+ }
+
+ # If Email address is not unique, a warning is displayed
+ if ($warning ne "" && !$self->session->form->process("confirm")) {
+ return $self->www_createAccount(''.$i18n->get(1078).'', 1);
+ }
+
+ # Create the new account
+ my $properties;
+ $properties->{ changeUsername } = $setting->get("webguiChangeUsername");
+ $properties->{ changePassword } = $setting->get("webguiChangePassword");
+ $properties->{ identifier } = $self->hashPassword($password);
+ $properties->{ passwordLastUpdated } = time();
+ $properties->{ passwordTimeout } = $setting->get("webguiPasswordTimeout");
+ $properties->{ status } = 'Deactivated' if ($setting->get("webguiValidateEmail"));
+
+ my $afterCreateMessage = $self->SUPER::createAccountSave($username,$properties,$password,$profile);
+
+ # Send validation e-mail if required
+ if ($setting->get("webguiValidateEmail")) {
+ my $key = $session->id->generate;
+ $self->update(emailValidationKey=>$key);
+ my $mail = WebGUI::Mail::Send->create($self->session, {
+ to => $profile->{email},
+ subject => $i18n->get('email address validation email subject','AuthWebGUI')
+ });
+ my $var;
+ $var->{newUser_username} = $username;
+ $var->{activationUrl} = $session->url->page("op=auth;method=validateEmail;key=".$key, 'full');
+ my $text =
+WebGUI::Asset::Template->newById($self->session,$self->getSetting('accountActivationTemplate'))->process($var);
+ WebGUI::Macro::process($self->session,\$text);
+ $mail->addText($text);
+ $mail->addFooter;
+ $mail->queue;
+ $self->user->status("Deactivated");
+ $session->var->end($session->var->get("sessionId"));
+ $session->var->start(1,$session->getId);
+ my $u = WebGUI::User->new($session,1);
+ $self->{user} = $u;
+ $self->logout;
+ return $self->www_displayLogin($i18n->get('check email for validation','AuthWebGUI'));
+ }
+ return $afterCreateMessage;
+}
+
+#-------------------------------------------------------------------
+sub www_deactivateAccount {
+ my $self = shift;
+ return $self->www_displayLogin if($self->isVisitor);
+ return $self->SUPER::www_deactivateAccount("deactivateAccountConfirm");
+}
+
+#-------------------------------------------------------------------
+sub www_deactivateAccountConfirm {
+ my $self = shift;
+ return $self->www_displayLogin unless ($self->session->setting->get("selfDeactivation"));
+
+ # Keep the username for a nice message
+ my $username = $self->user->username;
+
+ # Deactivate the account
+ my $response = $self->SUPER::www_deactivateAccountConfirm;
+
+ # If there was a response, it's probably an error
+ return $response if $response;
+
+ # Otherwise show the login form with a friendly message
+ my $i18n = WebGUI::International->new($self->session);
+ return $self->www_displayLogin(sprintf( $i18n->get("deactivateAccount success"), $username ));
+}
+
+#-------------------------------------------------------------------
+sub www_displayAccount {
+ my $self = shift;
+ my $vars;
+ return $self->www_displayLogin($_[0]) if ($self->isVisitor);
+ my $i18n = WebGUI::International->new($self->session);
+ my $userData = $self->get;
+ $vars->{'account.message'} = $_[0] if ($_[0]);
+ $vars->{'account.noform'} = 1;
+ if($userData->{changeUsername} || (!defined $userData->{changeUsername} && $self->session->setting->get("webguiChangeUsername"))){
+ $vars->{'account.form.username'} = WebGUI::Form::text($self->session,{"name"=>"authWebGUI.username","value"=>$self->username});
+ $vars->{'account.form.username.label'} = $i18n->get(50);
+ $vars->{'account.noform'} = 0;
+ }
+ if($userData->{changePassword} || (!defined $userData->{changePassword} && $self->session->setting->get("webguiChangePassword"))){
+ $vars->{'account.form.password'} = WebGUI::Form::password($self->session,{"name"=>"authWebGUI.identifier","value"=>"password"});
+ $vars->{'account.form.password.label'} = $i18n->get(51);
+ $vars->{'account.form.passwordConfirm'} = WebGUI::Form::password($self->session,{"name"=>"authWebGUI.identifierConfirm","value"=>"password"});
+ $vars->{'account.form.passwordConfirm.label'} = $i18n->get(2,'AuthWebGUI');
+ $vars->{'account.noform'} = 0;
+ }
+ $vars->{'account.nofields'} = $i18n->get(22,'AuthWebGUI');
+ return $self->SUPER::www_displayAccount("updateAccount",$vars);
+}
+
+#-------------------------------------------------------------------
+
+=head2 www_displayLogin ( )
+
+The initial login screen an unauthenticated user sees
+
+=cut
+
+sub www_displayLogin {
+ my $self = shift;
+ my $vars;
+ print "WebGUI->www_displayLogin\n";
+ return $self->www_displayAccount($_[0]) if ($self->isRegistered);
+ my $i18n = WebGUI::International->new($self->session);
+ $vars->{'login.message'} = '' if ($_[0]);
+ $vars->{'recoverPassword.isAllowed'} = $self->getSetting("passwordRecovery");
+ $vars->{'recoverPassword.url'} = $self->session->url->page('op=auth;method=recoverPassword');
+ $vars->{'recoverPassword.label'} = $i18n->get(59);
+ return $self->SUPER::www_displayLogin("login",$vars);
+}
+
+#-------------------------------------------------------------------
+sub www_login {
my $self = shift;
if(!$self->authenticate($self->session->form->process("username"),$self->session->form->process("identifier"))){
$self->session->http->setStatus(401);
$self->session->log->security("login to account ".$self->session->form->process("username")." with invalid information.");
my $i18n = WebGUI::International->new($self->session);
- return $self->displayLogin("".$i18n->get(70)."
".$self->error);
+ return $self->www_displayLogin("".$i18n->get(70)."
".$self->error);
}
my $userData = $self->get;
@@ -798,32 +799,16 @@ sub login {
if (time() >= $expireTime){
my $userId = $self->userId;
$self->logout;
- return $self->resetExpiredPassword($userId);
+ return $self->www_resetExpiredPassword($userId);
}
}
- return $self->SUPER::login();
-}
-
-#-------------------------------------------------------------------
-sub new {
- my $class = shift;
- my $session = shift;
- my $userId = $_[0];
- my $self = $class->SUPER::new($session,$userId);
- $self->setCallable([
- 'validateEmail','createAccount','deactivateAccount','displayAccount',
- 'displayLogin','login','logout','recoverPassword','resetExpiredPassword',
- 'recoverPasswordFinish','createAccountSave','deactivateAccountConfirm',
- 'resetExpiredPasswordSave','updateAccount', 'emailResetPassword',
- 'emailResetPasswordFinish',
- ]);
- return $self;
+ return $self->SUPER::www_login();
}
#-------------------------------------------------------------------
-=head2 recoverPassword ( args )
+=head2 www_recoverPassword ( args )
Initiates the password recovery process. Checks for recovery type,
and then runs the appropriate method. Arguments to this sub are
@@ -831,24 +816,26 @@ passed directly to the approprate method.
=cut
-sub recoverPassword {
+sub www_recoverPassword {
my $self = shift;
- return $self->displayLogin unless ($self->session->setting->get('webguiPasswordRecovery') ne '') and $self->isVisitor;
+ return $self->www_displayLogin unless ($self->session->setting->get('webguiPasswordRecovery') ne '') and $self->isVisitor;
my $type = $self->getPasswordRecoveryType;
if ($type eq 'profile') {
- $self->profileRecoverPassword(@_);
+ $self->www_profileRecoverPassword(@_);
}
elsif ($type eq 'email') {
- $self->emailRecoverPassword(@_);
+ $self->www_emailRecoverPassword(@_);
}
}
-
+
+deprecate 'recoverPassword' => 'www_recoverPassword';
+
#-------------------------------------------------------------------
-=head2 emailRecoverPassword ( $error )
+=head2 www_emailRecoverPassword ( $error )
Templated email recovery form.
@@ -858,7 +845,7 @@ $error is any error from the system which needs to be reported to the user.
=cut
-sub emailRecoverPassword {
+sub www_emailRecoverPassword {
my $self = shift;
my $session = $self->session;
my $i18n = WebGUI::International->new($session);
@@ -902,14 +889,16 @@ sub emailRecoverPassword {
return WebGUI::Asset::Template->newById($self->session,$self->getPasswordRecoveryTemplateId)->process($vars);
}
-
+
+deprecate 'emailRecoverPassword' => 'www_emailRecoverPassword';
+
#-------------------------------------------------------------------
-sub profileRecoverPassword {
+sub www_profileRecoverPassword {
my $self = shift;
my @fields = @{WebGUI::ProfileField->getPasswordRecoveryFields($self->session)};
- return $self->displayLogin unless @fields;
+ return $self->www_displayLogin unless @fields;
my $vars = {};
my $i18n = WebGUI::International->new($self->session);
@@ -947,10 +936,12 @@ sub profileRecoverPassword {
return WebGUI::Asset::Template->newById($self->session,$self->getPasswordRecoveryTemplateId)->process($vars);
}
-
+
+deprecate 'profileRecoverPassword' => 'www_profileRecoverPassword';
+
#-------------------------------------------------------------------
-=head2 recoverPasswordFinish ( args )
+=head2 www_recoverPasswordFinish ( args )
Handles data for recovery of password. Gets password recovery type,
and then runs the appropriate method. Arguments are passed directly
@@ -958,35 +949,37 @@ to the appropriate method.
=cut
-sub recoverPasswordFinish {
+sub www_recoverPasswordFinish {
my $self = shift;
my $type = $self->getPasswordRecoveryType;
if ($type eq 'profile') {
- $self->profileRecoverPasswordFinish(@_);
+ $self->www_profileRecoverPasswordFinish(@_);
} elsif ($type eq 'email') {
- $self->emailRecoverPasswordFinish(@_);
+ $self->www_emailRecoverPasswordFinish(@_);
}
- }
-
+}
+
+deprecate 'recoverPasswordFinish' => 'www_recoverPasswordFinish';
+
#-------------------------------------------------------------------
-sub profileRecoverPasswordFinish {
+sub www_profileRecoverPasswordFinish {
my $self = shift;
my $session = $self->session;
my $i18n = WebGUI::International->new($self->session);
my $i18n2 = WebGUI::International->new($self->session, 'AuthWebGUI');
- return $self->displayLogin unless ($self->session->setting->get('webguiPasswordRecovery') ne '') and $self->isVisitor;
+ return $self->www_displayLogin unless ($self->session->setting->get('webguiPasswordRecovery') ne '') and $self->isVisitor;
my $username;
if ($self->getSetting('passwordRecoveryRequireUsername')) {
$username = $self->session->form->process('authWebGUI.username');
- return $self->recoverPassword($i18n->get('password recovery no username', 'AuthWebGUI')) unless defined $username;
+ return $self->www_recoverPassword($i18n->get('password recovery no username', 'AuthWebGUI')) unless defined $username;
}
my @fields = @{WebGUI::ProfileField->getPasswordRecoveryFields($self->session)};
- return $self->displayLogin unless @fields;
+ return $self->www_displayLogin unless @fields;
my %fieldValues;
my @failedRequiredFields;
@@ -1000,7 +993,7 @@ sub profileRecoverPasswordFinish {
my $errorMessage = '' . join("\n", map {
'- ' . $_->getLabel . ' ' . $i18n->get(451) . '
'
} @failedRequiredFields) . '
';
- return $self->recoverPassword($errorMessage);
+ return $self->www_recoverPassword($errorMessage);
}
my @fieldNames = keys %fieldValues;
@@ -1011,10 +1004,10 @@ sub profileRecoverPasswordFinish {
my @userIds = $self->session->db->buildArray($sql, [$self->authMethod, @fieldValues, (defined($username)? ($username) : ())]);
if (@userIds == 0) {
- return $self->recoverPassword($i18n2->get('password recovery no results'));
+ return $self->www_recoverPassword($i18n2->get('password recovery no results'));
}
elsif (@userIds > 1) {
- return $self->recoverPassword($i18n2->get('password recovery multiple results'));
+ return $self->www_recoverPassword($i18n2->get('password recovery multiple results'));
}
# Exactly one result.
@@ -1023,7 +1016,7 @@ sub profileRecoverPasswordFinish {
# Make sure the userId is not disabled
my $user = WebGUI::User->new($self->session, $userId);
if ( $user->status ne "Active" ) {
- return $self->recoverPassword( $i18n2->get( 'password recovery disabled' ) );
+ return $self->www_recoverPassword( $i18n2->get( 'password recovery disabled' ) );
}
my ($password, $passwordConfirm) = ($self->session->form->process('authWebGUI.identifier'), $self->session->form->process('authWebGUI.identifierConfirm'));
@@ -1080,17 +1073,19 @@ sub profileRecoverPasswordFinish {
identifier => $self->hashPassword($password),
passwordLastUpdated => time);
$self->_logSecurityMessage;
- return $self->SUPER::login;
+ return $self->SUPER::www_login;
} else {
- return $self->recoverPassword('');
+ return $self->www_recoverPassword('');
}
}
+deprecate 'profileRecoverPasswordFinish' => 'www_profileRecoverPasswordFinish';
+
#-------------------------------------------------------------------
-sub emailRecoverPasswordFinish {
+sub www_emailRecoverPasswordFinish {
my $self = shift;
- return $self->displayLogin unless ($self->session->setting->get('webguiPasswordRecovery') ne '') and $self->isVisitor;
+ return $self->www_displayLogin unless ($self->session->setting->get('webguiPasswordRecovery') ne '') and $self->isVisitor;
my $i18n = WebGUI::International->new($self->session);
my $session = $self->session;
@@ -1108,12 +1103,12 @@ sub emailRecoverPasswordFinish {
# return error unless we get a valid user.\
unless ($user) {
- return $self->recoverPassword( $i18n->get('recover password not found', 'AuthWebGUI') );
+ return $self->www_recoverPassword( $i18n->get('recover password not found', 'AuthWebGUI') );
}
# Make sure the user is Active
if ( $user->status ne "Active" ) {
- return $self->recoverPassword( $i18n->get( 'password recovery disabled', 'AuthWebGUI' ) );
+ return $self->www_recoverPassword( $i18n->get( 'password recovery disabled', 'AuthWebGUI' ) );
}
# generate information necessry to proceed
@@ -1122,7 +1117,7 @@ sub emailRecoverPasswordFinish {
$email = $user->profileField('email');
if ( ! $email ) {
- return $self->recoverPassword( $i18n->get( 'no email address', 'AuthWebGUI' ) );
+ return $self->www_recoverPassword( $i18n->get( 'no email address', 'AuthWebGUI' ) );
}
my $authsettings = $self->get;
@@ -1141,10 +1136,12 @@ sub emailRecoverPasswordFinish {
return "". $i18n->get('recover password banner', 'AuthWebGUI')."
". $i18n->get('email recover password finish message', 'AuthWebGUI') . "
";
}
+deprecate emailRecoverPasswordFinish => 'www_emailRecoverPasswordFinish';
+
#-------------------------------------------------------------------
# handler for the link generated and mailed by emailRecoverPasswordFinish
-sub emailResetPassword {
+sub www_emailResetPassword {
my $self = shift;
my $errormsg = shift;
@@ -1212,9 +1209,11 @@ sub emailResetPassword {
}
+deprecate 'emailResetPassword' => 'www_emailResetPassword';
+
#-------------------------------------------------------------------
-sub emailResetPasswordFinish {
+sub www_emailResetPasswordFinish {
my $self = shift;
my $session = $self->session;
my ($form) = $session->quick(qw/form/);
@@ -1238,15 +1237,17 @@ sub emailResetPasswordFinish {
# delete the emailRecoverPasswordVerificationNumber
$self->delete('emailRecoverPasswordVerificationNumber');
- return $self->SUPER::login;
+ return $self->SUPER::www_login;
} else {
- return $self->emailResetPassword($self->error);
+ return $self->www_emailResetPassword($self->error);
}
}
+deprecate emailResetPasswordFinish => 'www_emailResetPasswordFinish';
+
#-------------------------------------------------------------------
-sub resetExpiredPassword {
+sub www_resetExpiredPassword {
my $self = shift;
my $uid = shift || $self->session->form->process("uid");
my $vars;
@@ -1271,8 +1272,10 @@ sub resetExpiredPassword {
return WebGUI::Asset::Template->newById($self->session,$self->getExpiredPasswordTemplateId)->process($vars);
}
+deprecate resetExpiredPassword => 'www_resetExpiredPassword';
+
#-------------------------------------------------------------------
-sub resetExpiredPasswordSave {
+sub www_resetExpiredPasswordSave {
my $self = shift;
my ($error,$u,$properties,$msg);
@@ -1284,18 +1287,20 @@ sub resetExpiredPasswordSave {
$error .= ''.$i18n->get(12,'AuthWebGUI').'' if ($self->session->form->process("oldPassword") eq $self->session->form->process("identifier"));
$error .= $self->error if(!$self->_isValidPassword($self->session->form->process("identifier"),$self->session->form->process("identifierConfirm")));
- return $self->resetExpiredPassword($u->userId, "".$i18n->get(70)."
') if ($error);
+ return $self->www_resetExpiredPassword($u->userId, "".$i18n->get(70)."
') if ($error);
$properties->{identifier} = $self->hashPassword($self->session->form->process("identifier"));
$properties->{passwordLastUpdated} =time();
$self->update($properties);
$self->_logSecurityMessage();
- return $self->SUPER::login();
+ return $self->SUPER::www_login();
}
+deprecate resetExpiredPasswordSave => 'www_resetExpiredPasswordSave';
+
#-------------------------------------------------------------------
-sub validateEmail {
+sub www_validateEmail {
my $self = shift;
my $session = $self->session;
my ($userId) = $session->db->quickArray("select userId from authentication where fieldData=? and fieldName='emailValidationKey' and authMethod='WebGUI'", [$session->form->process("key")]);
@@ -1307,19 +1312,20 @@ sub validateEmail {
$self->session->db->write("DELETE FROM authentication WHERE userId = ? AND fieldName = 'emailValidationKey'", [$userId]);
$message = $i18n->get('email validation confirmed','AuthWebGUI');
}
- return $self->displayLogin($message);
+ return $self->www_displayLogin($message);
}
+deprecate validateEmail => 'www_validateEmail';
#-------------------------------------------------------------------
-=head2 updateAccount ( )
+=head2 www_updateAccount ( )
Sets properties to update and passes them to the superclass
=cut
-sub updateAccount {
+sub www_updateAccount {
my $self = shift;
my $i18n = WebGUI::International->new($self->session);
@@ -1330,7 +1336,7 @@ sub updateAccount {
my $error = "";
if($self->isVisitor){
- return $self->displayLogin;
+ return $self->www_displayLogin;
}
if($username){
@@ -1373,8 +1379,10 @@ sub updateAccount {
$self->update($properties);
$self->session->user(undef,undef,$u);
- return $self->displayAccount($display);
+ return $self->www_displayAccount($display);
}
+deprecate updateAccount => 'www_updateAccount';
+
1;
diff --git a/lib/WebGUI/Deprecate.pm b/lib/WebGUI/Deprecate.pm
new file mode 100644
index 000000000..7352418ff
--- /dev/null
+++ b/lib/WebGUI/Deprecate.pm
@@ -0,0 +1,52 @@
+package WebGUI::Deprecate;
+
+=head1 NAME
+
+WebGUI::Deprecate - Warn about subroutine deprecations
+
+=head1 SYNOPSIS
+
+ use WebGUI::Deprecate;
+
+ deprecate oldMethod => 'newMethod';
+ sub newMethod { # will get called either way }
+
+=head1 DESCRIPTION
+
+Deprecate a subroutine, spitting out a warning whenever it is used.
+
+=cut
+
+use strict;
+use warnings;
+
+use Sub::Exporter -setup => {
+ exports => [ 'deprecate' ],
+ groups => {
+ default => [ 'deprecate' ],
+ }
+};
+
+my %warned;
+sub deprecate ($$) {
+ my ($old_method, $new_method) = @_;
+ my $package = caller;
+ no strict 'refs';
+ no warnings 'redefine';
+ *{"$package\::$old_method"} = \&{"$package\::$new_method"};
+ my $proxy_method = sub {
+ my $self = $_[0];
+ my $sub = $self->can($old_method);
+ my $class = ref $self || $self;
+ if ($sub ne \&{"$package\::$old_method"}) {
+ my $message = "$class contains the method $old_method. This has been deprecated and replaced with $new_method.";
+ warn $message unless $warned{$message}++;
+ $self->$new_method( @_ );
+ }
+ goto $sub;
+ };
+ *{"$package\::$new_method"} = $proxy_method;
+}
+
+1;
+
diff --git a/t/Auth/LDAP.t b/t/Auth/LDAP.t
index eb3460d95..f07dc69ae 100644
--- a/t/Auth/LDAP.t
+++ b/t/Auth/LDAP.t
@@ -65,7 +65,7 @@ $session->request->setup_body({
username => 'Andy Dufresne',
identifier => 'AndyDufresne',
});
-my $out = $auth->login();
+my $out = $auth->www_login();
is( $session->user->getId, $user->getId, 'Andy is logged in' );
@@ -82,7 +82,7 @@ $session->request->setup_body({
});
$auth = WebGUI::Auth::LDAP->new( $session, 'LDAP' );
-$out = $auth->createAccountSave;
+$out = $auth->www_createAccountSave;
is( $session->user->get('username'), 'Ellis Redding', 'Ellis was created' );
WebGUI::Test->addToCleanup( $session->user );
@@ -98,7 +98,7 @@ $session->request->setup_body({
identifier => 'BogsDiamond',
});
$auth = WebGUI::Auth::LDAP->new( $session, 'LDAP' );
-$out = $auth->login;
+$out = $auth->www_login;
is( $session->user->get('username'), 'Bogs Diamond', 'Bogs was created' )
or diag( $auth->error );
@@ -131,7 +131,7 @@ $session->request->setup_body({
identifier => 'BrooksHatley',
});
$auth = WebGUI::Auth::LDAP->new( $session, 'LDAP' );
-$out = $auth->login;
+$out = $auth->www_login;
is $session->user->get('username'), 'Brooks Hatley', 'Brooks was created';
cmp_deeply(
$auth->get,
@@ -143,7 +143,7 @@ cmp_deeply(
'authentication information set after creating account'
);
WebGUI::Test->addToCleanup( $session->user, );
-$out = $auth->logout;
+$out = $auth->www_logout;
is $session->user->get('username'), 'Visitor', 'Brooks was logged out';
$ldap->moddn( 'uid=Brooks Hatley,o=shawshank',
@@ -164,7 +164,7 @@ $session->request->setup_body({
});
$auth = WebGUI::Auth::LDAP->new( $session, 'LDAP' );
-$out = $auth->login;
+$out = $auth->www_login;
is $session->user->get('username'), 'Brooks Hatley', 'Brooks was logged in after name change';
cmp_deeply(
$auth->get,