function handle($args)
{
parent::handle($args);
+
if (common_is_real_login()) {
$this->clientError(_('Already logged in.'));
} else if ($_SERVER['REQUEST_METHOD'] == 'POST') {
* @return void
*/
- function checkLogin()
+ function checkLogin($user_id=null)
{
- if(isset($token) && isset($user_id)){
- //Token based login (from the LoginCommand)
- $login_token = Login_token::staticGet('user_id',$user_id);
- if($login_token && $login_token->token == $token){
- if($login_token->modified > time()+2*60){
- //token has expired
- //delete the token as it is useless
- $login_token->delete();
- $this->showForm(_('Invalid or expired token.'));
- return;
- }else{
- //delete the token so it cannot be reused
- $login_token->delete();
- //it's a valid token - let them log in
- $user = User::staticGet('id', $user_id);
- //$user = User::staticGet('nickname', "candrews");
- }
- }else{
- $this->showForm(_('Invalid or expired token.'));
- return;
- }
- }else{
- // Regular form submission login
-
- // XXX: login throttle
-
- // CSRF protection - token set in NoticeForm
- $token = $this->trimmed('token');
- if (!$token || $token != common_session_token()) {
- $this->clientError(_('There was a problem with your session token. '.
- 'Try again, please.'));
- return;
- }
+ // XXX: login throttle
- $nickname = $this->trimmed('nickname');
- $password = $this->arg('password');
-
- $user = common_check_user($nickname, $password);
- }
-
- $nickname = common_canonical_nickname($this->trimmed('nickname'));
+ $nickname = $this->trimmed('nickname');
$password = $this->arg('password');
$user = common_check_user($nickname, $password);
if ($url) {
// We don't have to return to it again
common_set_returnto(null);
+ $url = common_inject_session($url);
} else {
$url = common_local_url('all',
array('nickname' =>
function showContent()
{
$this->elementStart('form', array('method' => 'post',
- 'id' => 'form_login',
- 'class' => 'form_settings',
- 'action' => common_local_url('login')));
+ 'id' => 'form_login',
+ 'class' => 'form_settings',
+ 'action' => common_local_url('login')));
$this->elementStart('fieldset');
$this->element('legend', null, _('Login to site'));
$this->elementStart('ul', 'form_data');
$this->elementStart('li');
$this->checkbox('rememberme', _('Remember me'), false,
_('Automatically login in the future; ' .
- 'not for shared computers!'));
+ 'not for shared computers!'));
$this->elementEnd('li');
$this->elementEnd('ul');
$this->submit('submit', _('Login'));
- $this->hidden('token', common_session_token());
$this->elementEnd('fieldset');
$this->elementEnd('form');
$this->elementStart('p');
'user name and password ' .
'before changing your settings.');
} else {
- return _('Login with your username and password. ' .
- 'Don\'t have a username yet? ' .
- '[Register](%%action.register%%) a new account.');
+ $prompt = _('Login with your username and password.');
+ if (!common_config('site', 'closed') && !common_config('site', 'inviteonly')) {
+ $prompt .= ' ';
+ $prompt .= _('Don\'t have a username yet? ' .
+ '[Register](%%action.register%%) a new account.');
+ }
+ return $prompt;
}
}