Some tweaks to the Open ID authentication support (which I've been using very happily, BTW). It now respects the "Keep me logged in" checkbox on the login page. It also cookies your openid url for less typing on future visits to the login page.

Also, we try to avoid calling store_location on expiry if the triggering url was an ajax request (like one of the periodically executing javascripts). Storing the location doesn't make sense in that case. git-svn-id: http://www.rousette.org.uk/svn/tracks-repos/trunk@457 a4c988fc-2ded-0310-b66e-134b36920a42
2026-01-23 09:16:10 +01:00 · 2007-02-24 08:04:23 +00:00 · 2007-02-24 08:04:23 +00:00 · 4f9cd61619
commit 4f9cd61619
parent dae9a4b1b4
5 changed files with 30 additions and 16 deletions
--- a/tracks/app/controllers/login_controller.rb
+++ b/tracks/app/controllers/login_controller.rb
@ -4,10 +4,11 @@ class LoginController < ApplicationController
  skip_before_filter :set_session_expiration
  skip_before_filter :login_required
  before_filter :get_current_user
-  open_id_consumer if Tracks::Config.auth_schemes.include?('open_id')
+  open_id_consumer if Tracks::Config.openid_enabled?
  
  def login
    @page_title = "TRACKS::Login"
+    @openid_url = cookies[:openid_url] if Tracks::Config.openid_enabled?
    case request.method
      when :post
        if @user = User.authenticate(params['user_login'], params['user_password'])
@ -37,12 +38,13 @@ class LoginController < ApplicationController
    # Let the user know that the URL is unusable.
    case open_id_response.status
      when OpenID::SUCCESS
-        openid_url = params[:openid_url]
+        session['openid_url'] = params[:openid_url]
+        session['user_noexpiry'] = params[:user_noexpiry]
        # The URL was a valid identity URL. Now we just need to send a redirect
        # to the server using the redirect_url the library created for us.

        # redirect to the server
-        redirect_to open_id_response.redirect_url((request.protocol + request.host_with_port + "/"), url_for(:action => 'complete', :openid_url => openid_url))
+        redirect_to open_id_response.redirect_url((request.protocol + request.host_with_port + "/"), url_for(:action => 'complete'))
      else
        notify :warning, "Unable to find openid server for <q>#{openid_url}</q>"
        redirect_to :action => 'login'
@ -50,7 +52,7 @@ class LoginController < ApplicationController
  end

  def complete
-    openid_url = params[:openid_url]
+    openid_url = session['openid_url']
    if openid_url.blank?
      notify :error, "expected an openid_url"
    end
@ -73,8 +75,12 @@ class LoginController < ApplicationController
        # the verification.
        @user = User.find_by_open_id_url(openid_url)
        unless (@user.nil?)
-          notify :notice, "You have successfully verified #{openid_url} as your identity."
          session['user_id'] = @user.id
+          session['noexpiry'] = session['user_noexpiry']
+          msg = (should_expire_sessions?) ? "will expire after 1 hour of inactivity." : "will not expire." 
+          notify :notice, "You have successfully verified #{openid_url} as your identity. Login successful: session #{msg}"
+          cookies[:tracks_login] = { :value => @user.login, :expires => Time.now + 1.year }
+          cookies[:openid_url] = { :value => openid_url, :expires => Time.now + 1.year }
          redirect_back_or_home
        else
          notify :warning, "You have successfully verified #{openid_url} as your identity, but you do not have a Tracks account. Please ask your administrator to sign you up."
@ -119,5 +125,5 @@ class LoginController < ApplicationController
  def should_expire_sessions?
    session['noexpiry'] != "on"
  end
-  
+    
 end
--- a/tracks/app/controllers/users_controller.rb
+++ b/tracks/app/controllers/users_controller.rb
@ -1,6 +1,6 @@
 class UsersController < ApplicationController

-  if Tracks::Config.auth_schemes.include?('open_id')
+  if Tracks::Config.openid_enabled?
     open_id_consumer
     before_filter  :begin_open_id_auth,    :only => :update_auth_type
  end
@ -151,15 +151,15 @@ class UsersController < ApplicationController
  end
  
  def update_auth_type
-    if (params[:user][:auth_type] == 'open_id')
+    if (params[:user][:auth_type] == 'open_id') && Tracks::Config.openid_enabled?
      case open_id_response.status
        when OpenID::SUCCESS
          # The URL was a valid identity URL. Now we just need to send a redirect
          # to the server using the redirect_url the library created for us.
-          openid_url = params[:openid_url]
+          session['openid_url'] = params[:openid_url]

          # redirect to the server
-          redirect_to open_id_response.redirect_url((request.protocol + request.host_with_port + "/"), url_for(:action => 'complete', :openid_url => openid_url))
+          redirect_to open_id_response.redirect_url((request.protocol + request.host_with_port + "/"), url_for(:action => 'complete'))
        else
          notify :warning, "Unable to find openid server for <q>#{openid_url}</q>"
          redirect_to :action => 'change_auth_type'
@ -177,7 +177,11 @@ class UsersController < ApplicationController
  end
  
  def complete
-    openid_url = params[:openid_url]
+    return unless Tracks::Config.openid_enabled?
+    openid_url = session['openid_url']
+    if openid_url.blank?
+      notify :error, "expected an openid_url"
+    end
    case open_id_response.status
      when OpenID::FAILURE
        # In the case of failure, if info is non-nil, it is the
--- a/tracks/app/views/login/login.rhtml
+++ b/tracks/app/views/login/login.rhtml
@ -33,7 +33,7 @@
 	    <table>
 	      <tr>
 	        <td width="100px"><label for="openid_url">Identity URL:</label></td>
-	        <td width="100px"><input type="text" name="openid_url" id="openid_url" value="" class="login_text open_id" /></td>
+	        <td width="100px"><input type="text" name="openid_url" id="openid_url" value="<%= @openid_url %>" class="login_text open_id" /></td>
 	      </tr>
 	     <tr> 
 	        <td width="100px"><label for="user_noexpiry">Stay logged in:</label></td>
--- a/tracks/lib/config.rb
+++ b/tracks/lib/config.rb
@ -10,6 +10,11 @@ module Tracks
      AUTHENTICATION_SCHEMES
    end
    
+    def self.openid_enabled?
+      auth_schemes.include?('open_id')
+    end
+    
+    
  end
  
 end
--- a/tracks/lib/login_system.rb
+++ b/tracks/lib/login_system.rb
@ -69,8 +69,8 @@ module LoginSystem

    # store current location so that we can 
    # come back after the user logged in
-    store_location
-  
+    store_location unless params[:format] == 'js'
+    
    # call overwriteable reaction to unauthorized access
    access_denied
    return false 
@ -163,7 +163,6 @@ module LoginSystem
      response.headers["Status"] = "Unauthorized"
      response.headers["WWW-Authenticate"] = "Basic realm=\"'Tracks Login Required'\""
      render :text => "401 Unauthorized: You are not authorized to interact with Tracks.", :status => 401
-  end
-  
+  end  

 end