Benjamin Dauvergne
ba7609030e
[root] mail to simple users should be synchronous
2011-05-06 14:32:01 +00:00
Benjamin Dauvergne
5e731089ee
[lost_password] when a new password is generated state it in the lost password view
2011-02-01 12:58:34 +00:00
Benjamin Dauvergne
8c65f982d0
[root] redirect user to homepage when trying to access the login page
...
To see the login page, one of theses conditions must be met:
- no user logged
- a LoginToken is present in the URL and the corresponding object
exists
2011-01-28 13:46:36 +00:00
Benjamin Dauvergne
3f29e2430b
[root] expire session when logging in
...
This prevent session fixation attacks. To make it work we had to move
the call to the method init_session() from the identity store backend.
2011-01-27 13:40:57 +00:00
Benjamin Dauvergne
9385fd3d3d
[root] add service to the field passed to email templates
...
Now you can personnalize email notifications with respect to the
requesting service.
2011-01-27 13:40:51 +00:00
Benjamin Dauvergne
3b26ca2b0b
[ssl] fix error message in the login_ssl view
2011-01-14 21:46:28 +00:00
Benjamin Dauvergne
b52f66596f
Fix double password generation
2011-01-01 09:25:28 +00:00
Benjamin Dauvergne
32d7bb41fd
[root] verify that the password is not hashed before sending it
2010-12-17 09:18:41 +00:00
Benjamin Dauvergne
8b39224664
[authentic root] log email errors as errors not warnings
2010-12-06 10:35:32 +00:00
Benjamin Dauvergne
244cacd32e
[authentic root] change_password form does not need multipart/form-data encoding
2010-12-06 10:35:15 +00:00
Benjamin Dauvergne
97a639f2b2
Restore URL parameters in request.form for login,update_info and change_password pages
2010-12-01 17:02:41 +00:00
Benjamin Dauvergne
6bbb84bce4
Add the possibility to redirect to another URL when accessing the homepage
2010-12-01 15:45:20 +00:00
Benjamin Dauvergne
4dae7ad504
Add a setting to remove the federations management user page
2010-12-01 15:45:06 +00:00
Benjamin Dauvergne
2a09ef6694
[root] change the forgot-password default email text for also sending the login name for the targetted account
2010-11-30 15:29:22 +00:00
Benjamin Dauvergne
97eb3b4a6d
[root] update the password-email mail content text hint about accessible variables
2010-11-30 15:29:19 +00:00
Benjamin Dauvergne
d36caacff8
[root] add logging for use of the lost identifiers form, log the given email
2010-11-30 15:29:16 +00:00
Benjamin Dauvergne
7b8d83980e
[root] add the identity id to the logging message for the user profile update page
2010-11-30 15:29:13 +00:00
Benjamin Dauvergne
75ef0c6abd
[root] add logging when the lost password procedure fails
2010-11-30 15:29:10 +00:00
Benjamin Dauvergne
01e3632607
[root] remove logging of access to the lost password page
2010-11-30 15:29:07 +00:00
Benjamin Dauvergne
90887bccd3
[root&identitities] add regexp validation to username input box in the registration page
...
The validation regexp defaults to [a-zA-Z0-0]+, it can be overloaded by identity
store classes.
2010-11-30 15:28:59 +00:00
Benjamin Dauvergne
dda651e393
[identities&root] delegate to the store class the effective generation of the password
...
It allows subclasses to change the password generation algoritm.
This commit also add a new password configuration flag to force regeneration
of the password when reminding an user of its password even if it is stored
clear.
2010-11-30 15:28:56 +00:00
Benjamin Dauvergne
8328c8f489
Make change_password handle returnURL and referer
2010-11-26 23:08:50 +00:00
Benjamin Dauvergne
f1dbfa1b6c
[root] hash also passwords set by the user
2010-11-23 12:46:55 +00:00
Benjamin Dauvergne
a94506a4a0
[root] log new password when user asks for their password and a new one is generated
2010-11-23 12:46:52 +00:00
Benjamin Dauvergne
79763a3592
Report when an identifier match more thant one account in the forgot_password view
2010-11-19 11:52:24 +00:00
Benjamin Dauvergne
677d51eec8
add email to logging message for lost password mail
2010-11-18 16:45:53 +00:00
Benjamin Dauvergne
742640abab
remove debug print
2010-11-16 15:10:54 +00:00
Benjamin Dauvergne
53808b966c
[root] add a forgot_identifier page, to get back you identifiers from your email
2010-11-16 15:10:47 +00:00
Benjamin Dauvergne
c465f8a740
Preserve the query in the LoginToken to reduce length of URL
...
Also make the cancel button rework.
2010-11-09 14:59:41 +00:00
Benjamin Dauvergne
49603dc411
Add proper error message when unable to send a new password
2010-11-02 16:48:33 +00:00
Benjamin Dauvergne
21565f2797
[root] move call to pre_registration_callback before the call to add the new identity
2010-10-08 16:00:33 +00:00
Benjamin Dauvergne
81f9ed31a8
Support multivalued field for the LDAP backend
...
This commit contains simplification for:
- filling of assertions with attributes
- creating human readable string for value of attribute to show in IHM
- building form widget for multivalued fields
- saving and retrieving multivalued fields from LDAP directories
2010-09-16 15:11:24 +00:00
Benjamin Dauvergne
16485da333
[Root] in registration allows store.add() to fail
...
To permit add() to make uniqueness checking without breaking the
registration process, we moved it before sending the confirmation email,
it also try to use the AlreadExists() exception to put error message on
field names.
2010-08-26 17:46:05 +00:00
Benjamin Dauvergne
340301e076
[Root] when asking for a lost password, signal unknown identities
2010-07-29 11:25:23 +00:00
Benjamin Dauvergne
e284dcd35c
[Root] in login_ssl fix bad type for string argument
2010-07-28 15:27:52 +00:00
Benjamin Dauvergne
34b8fff9b7
[Root] restore required status for login and username field on login page
...
To work around problem of validtion of the login when URL parameters are
present, we reset the request.form field when current HTTP method is
GET.
2010-07-28 15:27:49 +00:00
Benjamin Dauvergne
529a9470d2
[Forms] remove copy/pasted form module code, use most of qommon instead
...
All the code of authentic.form is copy-pasted from qommon, so it is
better to use the qommon code. The major difference is the
implementation of _get_default_action which I prefer to keep from
quixote, as it helps with form URLs containing parameters.
2010-07-19 12:11:41 +00:00
Benjamin Dauvergne
53eaee2093
[Identities] move fields definition inside Identity store class
2010-06-18 12:44:48 +00:00
Benjamin Dauvergne
8fe398f125
Fix bad markup in UI strings
2010-06-07 11:41:29 +00:00
Benjamin Dauvergne
57c96ec176
Identities: add an administrators() method to the store class
2010-05-20 12:46:39 +00:00
Benjamin Dauvergne
841553a5f5
RootDirectory: add a password parameter to email_password
...
* When the password is hashed we must send the original unhashed password
so we pass it as a parameter to email_password.
2010-05-20 00:24:38 +00:00
Benjamin Dauvergne
3f5cd43763
Add support for hashed passwords
...
* We no support password stored as a hash following the RFC 2307
standard (as LDAP), i.e. like this:
{hash-scheme}hash
* When a user asks for his password and the password is hashed, we
regenerate it (there is no other way).
2010-05-20 00:24:15 +00:00
Benjamin Dauvergne
6486f91bef
RootDirectory: add a link to the admin section on the home page
2010-05-20 00:24:07 +00:00
Benjamin Dauvergne
14436bce4e
RootDirectory: in login_success() move redirect_to_after_url after redirect_to_return_url
2010-05-20 00:24:03 +00:00
Benjamin Dauvergne
c48c22b2b2
RootDirectory: add an admin flag to the text for the home page
2010-05-20 00:23:58 +00:00
Benjamin Dauvergne
4dda19d662
Add paragraph on simple email reminder, fix configuration tree about it
2010-05-20 00:23:40 +00:00
Benjamin Dauvergne
4e4a5a4f12
RootDirectory login: show proxying combo box when IdP is configured
...
* It's useless to show an empty combo box.
2010-05-20 00:23:29 +00:00
Benjamin Dauvergne
548c214673
RootDirectory associateCertifiate: do not explicitely save the session
2010-05-20 00:23:09 +00:00
Benjamin Dauvergne
5b00815d27
Remove commented code
2010-05-20 00:23:05 +00:00
Benjamin Dauvergne
c4f66109bd
RootDirectory login: add LoginToken initialization
...
* When a login success we add authentication method and user id to the
LoginToken.
When a login fails or is cancelled we mark the authentication flag as
False in the login token.
2010-05-20 00:23:01 +00:00