3 * StatusNet - the distributed open-source microblogging tool
4 * Copyright (C) 2008, 2009, StatusNet, Inc.
6 * This program is free software: you can redistribute it and/or modify
7 * it under the terms of the GNU Affero General Public License as published by
8 * the Free Software Foundation, either version 3 of the License, or
9 * (at your option) any later version.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU Affero General Public License for more details.
16 * You should have received a copy of the GNU Affero General Public License
17 * along with this program. If not, see <http://www.gnu.org/licenses/>.
20 if (!defined('STATUSNET') && !defined('LACONICA')) { exit(1); }
22 require_once(INSTALLDIR.'/lib/openid.php');
24 class OpenidloginAction extends Action
26 function handle($args)
28 parent::handle($args);
29 if (!common_config('openid', 'enabled')) {
30 common_redirect(common_local_url('login'));
31 } else if (common_is_real_login()) {
32 $this->clientError(_('Already logged in.'));
33 } else if ($_SERVER['REQUEST_METHOD'] == 'POST') {
34 $openid_url = $this->trimmed('openid_url');
37 $token = $this->trimmed('token');
38 if (!$token || $token != common_session_token()) {
39 $this->showForm(_('There was a problem with your session token. Try again, please.'), $openid_url);
43 $rememberme = $this->boolean('rememberme');
45 common_ensure_session();
47 $_SESSION['openid_rememberme'] = $rememberme;
49 $result = oid_authenticate($openid_url,
52 if (is_string($result)) { # error message
53 unset($_SESSION['openid_rememberme']);
54 $this->showForm($result, $openid_url);
57 $openid_url = oid_get_last();
58 $this->showForm(null, $openid_url);
62 function getInstructions()
64 if (common_logged_in() && !common_is_real_login() &&
65 common_get_returnto()) {
66 // rememberme logins have to reauthenticate before
67 // changing any profile settings (cookie-stealing protection)
68 return _('For security reasons, please re-login with your ' .
69 '[OpenID](%%doc.openid%%) ' .
70 'before changing your settings.');
72 return _('Login with an [OpenID](%%doc.openid%%) account.');
76 function showPageNotice()
79 $this->element('div', array('class' => 'error'), $this->error);
81 $instr = $this->getInstructions();
82 $output = common_markup_to_html($instr);
83 $this->elementStart('div', 'instructions');
85 $this->elementEnd('div');
89 function showScripts()
91 parent::showScripts();
92 $this->autofocus('openid_url');
97 return _('OpenID Login');
100 function showForm($error=null, $openid_url)
102 $this->error = $error;
103 $this->openid_url = $openid_url;
107 function showContent() {
108 $formaction = common_local_url('openidlogin');
109 $this->elementStart('form', array('method' => 'post',
110 'id' => 'form_openid_login',
111 'class' => 'form_settings',
112 'action' => $formaction));
113 $this->elementStart('fieldset');
114 $this->element('legend', null, _('OpenID login'));
115 $this->hidden('token', common_session_token());
117 $this->elementStart('ul', 'form_data');
118 $this->elementStart('li');
119 $this->input('openid_url', _('OpenID URL'),
121 _('Your OpenID URL'));
122 $this->elementEnd('li');
123 $this->elementStart('li', array('id' => 'settings_rememberme'));
124 $this->checkbox('rememberme', _('Remember me'), false,
125 _('Automatically login in the future; ' .
126 'not for shared computers!'));
127 $this->elementEnd('li');
128 $this->elementEnd('ul');
129 $this->submit('submit', _('Login'));
130 $this->elementEnd('fieldset');
131 $this->elementEnd('form');
134 function showLocalNav()
136 $nav = new LoginGroupNav($this);