github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-06-05 23:44:48 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

REVERT: External auth when redeeming invites

Browse Source 
Reverting this commit:

87a0a6664e4bcde2ec3ac012308d9c7fb8e0d370

because I'm extracting all of this logic into a plugin instead.
This commit is contained in:
Blake Erickson
2019-08-15 17:19:12 -06:00
parent ab7038bfc2
commit 893d30fb92
8 changed files with 53 additions and 186 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
app/assets/javascripts/discourse/controllers/invites-show.js.es6
View File

@ -5,7 +5,6 @@ import { ajax } from "discourse/lib/ajax";
import PasswordValidation from "discourse/mixins/password-validation"; import PasswordValidation from "discourse/mixins/password-validation";
import UsernameValidation from "discourse/mixins/username-validation"; import UsernameValidation from "discourse/mixins/username-validation";
import NameValidation from "discourse/mixins/name-validation"; import NameValidation from "discourse/mixins/name-validation";
import InviteEmailAuthValidation from "discourse/mixins/invite-email-auth-validation";
import UserFieldsValidation from "discourse/mixins/user-fields-validation"; import UserFieldsValidation from "discourse/mixins/user-fields-validation";
import { findAll as findLoginMethods } from "discourse/models/login-method"; import { findAll as findLoginMethods } from "discourse/models/login-method";
@ -13,11 +12,8 @@ export default Ember.Controller.extend(
PasswordValidation, PasswordValidation,
UsernameValidation, UsernameValidation,
NameValidation, NameValidation,
InviteEmailAuthValidation,
UserFieldsValidation, UserFieldsValidation,
{ {
login: Ember.inject.controller(),
invitedBy: Ember.computed.alias("model.invited_by"), invitedBy: Ember.computed.alias("model.invited_by"),
email: Ember.computed.alias("model.email"), email: Ember.computed.alias("model.email"),
accountUsername: Ember.computed.alias("model.username"), accountUsername: Ember.computed.alias("model.username"),
@ -26,7 +22,6 @@ export default Ember.Controller.extend(
errorMessage: null, errorMessage: null,
userFields: null, userFields: null,
inviteImageUrl: getUrl("/images/envelope.svg"), inviteImageUrl: getUrl("/images/envelope.svg"),
hasAuthOptions: Ember.computed.notEmpty("authOptions"),
@computed @computed
welcomeTitle() { welcomeTitle() {
@ -40,45 +35,28 @@ export default Ember.Controller.extend(
return I18n.t("invites.your_email", { email: email }); return I18n.t("invites.your_email", { email: email });
}, },
authProviderDisplayName(providerName) {
const matchingProvider = findLoginMethods().find(provider => {
return provider.name === providerName;
});
return matchingProvider
? matchingProvider.get("prettyName")
: providerName;
},
@computed @computed
externalAuthsEnabled() { externalAuthsEnabled() {
return findLoginMethods().length > 0; return findLoginMethods().length > 0;
}, },
@computed
inviteOnlyOauthEnabled() {
return this.siteSettings.enable_invite_only_oauth;
},
@computed( @computed(
"usernameValidation.failed", "usernameValidation.failed",
"passwordValidation.failed", "passwordValidation.failed",
"nameValidation.failed", "nameValidation.failed",
"userFieldsValidation.failed", "userFieldsValidation.failed"
"inviteEmailAuthValidation.failed"
) )
submitDisabled( submitDisabled(
usernameFailed, usernameFailed,
passwordFailed, passwordFailed,
nameFailed, nameFailed,
userFieldsFailed, userFieldsFailed
inviteEmailAuthFailed
) { ) {
return ( return (
usernameFailed || usernameFailed ||
passwordFailed || passwordFailed ||
nameFailed || nameFailed ||
userFieldsFailed || userFieldsFailed
inviteEmailAuthFailed
); );
}, },
@ -90,10 +68,6 @@ export default Ember.Controller.extend(
}, },
actions: { actions: {
externalLogin(provider) {
this.login.send("externalLogin", provider);
},
submit() { submit() {
const userFields = this.userFields; const userFields = this.userFields;
let userCustomFields = {}; let userCustomFields = {};

28
app/assets/javascripts/discourse/controllers/login.js.es6
View File

@ -20,7 +20,6 @@ const AuthErrors = [
export default Ember.Controller.extend(ModalFunctionality, { export default Ember.Controller.extend(ModalFunctionality, {
createAccount: Ember.inject.controller(), createAccount: Ember.inject.controller(),
invitesShow: Ember.inject.controller(),
forgotPassword: Ember.inject.controller(), forgotPassword: Ember.inject.controller(),
application: Ember.inject.controller(), application: Ember.inject.controller(),
@ -354,23 +353,14 @@ export default Ember.Controller.extend(ModalFunctionality, {
return; return;
} }
if (this.siteSettings.enable_invite_only_oauth) { const createAccountController = this.createAccount;
const invitesShowController = this.invitesShow; createAccountController.setProperties({
invitesShowController.setProperties({ accountEmail: options.email,
accountEmail: options.email, accountUsername: options.username,
accountUsername: options.username, accountName: options.name,
accountName: options.name, authOptions: Ember.Object.create(options)
authOptions: Ember.Object.create(options) });
});
} else { showModal("createAccount");
const createAccountController = this.createAccount;
createAccountController.setProperties({
accountEmail: options.email,
accountUsername: options.username,
accountName: options.name,
authOptions: Ember.Object.create(options)
});
showModal("createAccount");
}
} }
}); });

43
app/assets/javascripts/discourse/mixins/invite-email-auth-validation.js.es6
View File

@ -1,43 +0,0 @@
import InputValidation from "discourse/models/input-validation";
import { default as computed } from "ember-addons/ember-computed-decorators";
export default Ember.Mixin.create({
@computed()
nameInstructions() {
"";
},
// Validate the name.
@computed(
"accountEmail",
"authOptions.email",
"authOptions.email_valid",
"authOptions.auth_provider"
)
inviteEmailAuthValidation() {
if (
!this.siteSettings.enable_invite_only_oauth ||
(this.siteSettings.enable_invite_only_oauth &&
this.get("authOptions.email") === this.email &&
this.get("authOptions.email_valid"))
) {
return InputValidation.create({
ok: true,
reason: I18n.t("user.email.authenticated", {
provider: this.authProviderDisplayName(
this.get("authOptions.auth_provider")
)
})
});
}
return InputValidation.create({
failed: true,
reason: I18n.t("user.email.invite_email_auth_invalid", {
provider: this.authProviderDisplayName(
this.get("authOptions.auth_provider")
)
})
});
}
});

121
app/assets/javascripts/discourse/templates/invites/show.hbs
View File

@ -14,98 +14,55 @@
{{else}} {{else}}
<p>{{i18n 'invites.invited_by'}}</p> <p>{{i18n 'invites.invited_by'}}</p>
<p>{{user-info user=invitedBy}}</p> <p>{{user-info user=invitedBy}}</p>
<p>
{{{yourEmailMessage}}} <p>{{{yourEmailMessage}}}
{{#if inviteOnlyOauthEnabled }}
{{login-buttons externalLogin=(action "externalLogin")}}
{{/if}}
{{#if externalAuthsEnabled}} {{#if externalAuthsEnabled}}
{{#unless inviteOnlyOauthEnabled}} {{i18n 'invites.social_login_available'}}
{{i18n 'invites.social_login_available'}}
{{/unless}}
{{/if}} {{/if}}
</p> </p>
{{#if hasAuthOptions}} <form>
{{#if inviteOnlyOauthEnabled }} <div class="input username-input">
{{input-tip validation=inviteEmailAuthValidation id="account-email-validation"}} <label>{{i18n 'user.username.title'}}</label>
{{input value=accountUsername id="new-account-username" name="username" maxlength=maxUsernameLength autocomplete="discourse"}}
&nbsp;{{input-tip validation=usernameValidation id="username-validation"}}
<div class="instructions">{{i18n 'user.username.instructions'}}</div>
</div>
{{#if fullnameRequired}}
<div class="input name-input">
<label>{{i18n 'invites.name_label'}}</label>
{{input value=accountName id="new-account-name" name="name"}}
<div class="instructions">{{nameInstructions}}</div>
</div>
{{/if}} {{/if}}
<form>
<div class="input username-input"> <div class="input password-input">
<label>{{i18n 'user.username.title'}}</label> <label>{{i18n 'invites.password_label'}}</label>
{{input value=accountUsername id="new-account-username" name="username" maxlength=maxUsernameLength autocomplete="discourse"}} {{password-field value=accountPassword type="password" id="new-account-password" capsLockOn=capsLockOn}}
&nbsp;{{input-tip validation=usernameValidation id="username-validation"}} &nbsp;{{input-tip validation=passwordValidation}}
<div class="instructions">{{i18n 'user.username.instructions'}}</div> <div class="instructions">
{{passwordInstructions}} {{i18n 'invites.optional_description'}}
<div class="caps-lock-warning {{unless capsLockOn 'invisible'}}">
{{d-icon "exclamation-triangle"}} {{i18n 'login.caps_lock_warning'}}</div>
</div> </div>
</div>
{{#if fullnameRequired}} {{#if userFields}}
<div class="input name-input"> <div class='user-fields'>
<label>{{i18n 'invites.name_label'}}</label> {{#each userFields as |f|}}
{{input value=accountName id="new-account-name" name="name"}} {{user-field field=f.field value=f.value}}
<div class="instructions">{{nameInstructions}}</div> {{/each}}
</div>
{{/if}}
{{#if userFields}}
<div class='user-fields'>
{{#each userFields as |f|}}
{{user-field field=f.field value=f.value}}
{{/each}}
</div>
{{/if}}
<button class='btn btn-primary' {{action "submit"}} disabled={{submitDisabled}}>{{i18n 'invites.accept_invite'}}</button>
{{#if errorMessage}}
<br/><br/>
<div class='alert alert-error'>{{errorMessage}}</div>
{{/if}}
</form>
{{/if}}
{{#unless inviteOnlyOauthEnabled}}
<form>
<div class="input username-input">
<label>{{i18n 'user.username.title'}}</label>
{{input value=accountUsername id="new-account-username" name="username" maxlength=maxUsernameLength autocomplete="discourse"}}
&nbsp;{{input-tip validation=usernameValidation id="username-validation"}}
<div class="instructions">{{i18n 'user.username.instructions'}}</div>
</div> </div>
{{/if}}
{{#if fullnameRequired}} <button class='btn btn-primary' {{action "submit"}} disabled={{submitDisabled}}>{{i18n 'invites.accept_invite'}}</button>
<div class="input name-input">
<label>{{i18n 'invites.name_label'}}</label>
{{input value=accountName id="new-account-name" name="name"}}
<div class="instructions">{{nameInstructions}}</div>
</div>
{{/if}}
<div class="input password-input"> {{#if errorMessage}}
<label>{{i18n 'invites.password_label'}}</label> <br/><br/>
{{password-field value=accountPassword type="password" id="new-account-password" capsLockOn=capsLockOn}} <div class='alert alert-error'>{{errorMessage}}</div>
&nbsp;{{input-tip validation=passwordValidation}} {{/if}}
<div class="instructions"> </form>
{{passwordInstructions}} {{i18n 'invites.optional_description'}}
<div class="caps-lock-warning {{unless capsLockOn 'invisible'}}">
{{d-icon "exclamation-triangle"}} {{i18n 'login.caps_lock_warning'}}</div>
</div>
</div>
{{#if userFields}}
<div class='user-fields'>
{{#each userFields as |f|}}
{{user-field field=f.field value=f.value}}
{{/each}}
</div>
{{/if}}
<button class='btn btn-primary' {{action "submit"}} disabled={{submitDisabled}}>{{i18n 'invites.accept_invite'}}</button>
{{#if errorMessage}}
<br/><br/>
<div class='alert alert-error'>{{errorMessage}}</div>
{{/if}}
</form>
{{/unless}}
{{/if}} {{/if}}
</div> </div>
</div> </div>

8
app/controllers/users/omniauth_callbacks_controller.rb
View File

@ -108,7 +108,7 @@ class Users::OmniauthCallbacksController < ApplicationController
def complete_response_data def complete_response_data
if @auth_result.user if @auth_result.user
user_found(@auth_result.user) user_found(@auth_result.user)
elsif invite_required? elsif SiteSetting.invite_only?
@auth_result.requires_invite = true @auth_result.requires_invite = true
else else
session[:authentication] = @auth_result.session_data session[:authentication] = @auth_result.session_data
@ -156,10 +156,4 @@ class Users::OmniauthCallbacksController < ApplicationController
end end
end end
# If invite_only and enable_invite_only_oauth allow the user to authenticate if coming from the invite page
def invite_required?
(SiteSetting.invite_only? && !SiteSetting.enable_invite_only_oauth) ||
(SiteSetting.invite_only? && (!@origin.include?('invites') && SiteSetting.enable_invite_only_oauth))
end
end end

1
config/locales/client.en.yml
View File

@ -1014,7 +1014,6 @@ en:
ok: "We will email you to confirm" ok: "We will email you to confirm"
invalid: "Please enter a valid email address" invalid: "Please enter a valid email address"
authenticated: "Your email has been authenticated by {{provider}}" authenticated: "Your email has been authenticated by {{provider}}"
invite_email_auth_invalid: "Your invitation email does not match the email from {{provider}}"
frequency_immediately: "We'll email you immediately if you haven't read the thing we're emailing you about." frequency_immediately: "We'll email you immediately if you haven't read the thing we're emailing you about."
frequency: frequency:
one: "We'll only email you if we haven't seen you in the last minute." one: "We'll only email you if we haven't seen you in the last minute."

4
config/site_settings.yml
View File

@ -327,10 +327,6 @@ login:
enable_local_logins: enable_local_logins:
client: true client: true
default: true default: true
enable_invite_only_oauth:
client: true
default: false
hidden: true
enable_local_logins_via_email: enable_local_logins_via_email:
client: true client: true
default: true default: true

2
lib/guardian.rb
View File

@ -334,7 +334,7 @@ class Guardian
authenticated? && authenticated? &&
(SiteSetting.max_invites_per_day.to_i > 0 || is_staff?) && (SiteSetting.max_invites_per_day.to_i > 0 || is_staff?) &&
!SiteSetting.enable_sso && !SiteSetting.enable_sso &&
(SiteSetting.enable_invite_only_oauth || SiteSetting.enable_local_logins) && SiteSetting.enable_local_logins &&
( (
(!SiteSetting.must_approve_users? && @user.has_trust_level?(TrustLevel[2])) || (!SiteSetting.must_approve_users? && @user.has_trust_level?(TrustLevel[2])) ||
is_staff? is_staff?