3 files changed, 76 insertions, 39 deletions

diff --git a/perllib/FixMyStreet/App/Controller/Auth.pm b/perllib/FixMyStreet/App/Controller/Auth.pm
index cf728806c..9e8fb29aa 100644
--- a/perllib/FixMyStreet/App/Controller/Auth.pm
+++ b/perllib/FixMyStreet/App/Controller/Auth.pm
@@ -125,18 +125,19 @@ sub email_sign_in : Private {
         if $c->get_param('password_register');
     my $user = $c->model('DB::User')->new( $user_params );
 
-    my $token_obj = $c->model('DB::Token')    #
-      ->create(
-        {
-            scope => 'email_sign_in',
-            data  => {
-                email => $good_email,
-                r => $c->get_param('r'),
-                name => $c->get_param('name'),
-                password => $user->password,
-            }
-        }
-      );
+    my $token_data = {
+        email => $good_email,
+        r => $c->get_param('r'),
+        name => $c->get_param('name'),
+        password => $user->password,
+    };
+    $token_data->{facebook_id} = $c->session->{oauth}{facebook_id}
+        if $c->get_param('oauth_need_email') && $c->session->{oauth}{facebook_id};
+
+    my $token_obj = $c->model('DB::Token')->create({
+        scope => 'email_sign_in',
+        data  => $token_data,
+    });
 
     $c->stash->{token} = $token_obj->token;
     $c->send_email( 'login.txt', { to => $good_email } );
@@ -178,6 +179,7 @@ sub token : Path('/M') : Args(1) {
     my $user = $c->model('DB::User')->find_or_create( { email => $data->{email} } );
     $user->name( $data->{name} ) if $data->{name};
     $user->password( $data->{password}, 1 ) if $data->{password};
+    $user->facebook_id( $data->{facebook_id} ) if $data->{facebook_id};
     $user->update;
     $c->authenticate( { email => $user->email }, 'no_password' );
 
@@ -285,6 +287,8 @@ sub facebook_callback: Path('/auth/Facebook') : Args(0) {
 
     if ($c->session->{oauth}{detach_to}) {
         $c->detach($c->session->{oauth}{detach_to}, $c->session->{oauth}{detach_args});
+    } elsif ($c->stash->{oauth_need_email}) {
+        $c->stash->{template} = 'auth/general.html';
     } else {
         $c->detach( 'redirect_on_signin', [ $c->session->{oauth}{return_url} ] );
     }
diff --git a/templates/web/base/auth/general.html b/templates/web/base/auth/general.html
index 6e1db86fe..d856dc19a 100644
--- a/templates/web/base/auth/general.html
+++ b/templates/web/base/auth/general.html
@@ -2,11 +2,28 @@
 
 <h1>[% loc('Sign in') %]</h1>
 
+[% IF oauth_need_email %]
+    <p class="form-error">[% loc('We need your email address, please give it below.') %]</p>
+[% END %]
+[% IF oauth_failure %]
+    <p class="form-error">[% loc('Sorry, we could not log you in. Please fill in the form below.') %]</p>
+[% END %]
+
 <form action="[% c.uri_for() %]" method="post" name="general_auth" class="validate">
     <fieldset>
 
         <input type="hidden" name="r" value="[% c.req.params.r | html %]">
 
+[% IF NOT oauth_need_email AND c.config.FACEBOOK_APP_ID %]
+      <div class="form-box">
+        <button name="facebook_sign_in" id="facebook_sign_in" value="facebook_sign_in" class="btn btn--block btn--social btn--facebook">
+            <img alt="" src="/i/facebook-icon-32.png" width="17" height="32">
+            Log in with Facebook
+        </button>
+      </div>
+      <div id="js-social-email-hide">
+[% END %]
+
             [% IF email_error;
 
                 # other keys include fqdn, mxcheck if you'd like to write a custom error message
@@ -29,43 +46,58 @@
 
         <div id="form_sign_in">
             <h3>[% tprintf(loc("Do you have a %s password?", "%s is the site name"), site_name)  %]</h3>
+          [% IF oauth_need_email %]
+            [% INCLUDE form_sign_in_no %]
+            [% INCLUDE form_sign_in_yes %]
+            <input type="hidden" name="oauth_need_email" value="1">
+          [% ELSE %]
+            [% INCLUDE form_sign_in_yes %]
+            [% INCLUDE form_sign_in_no %]
+          [% END %]
+        </div>
 
-            <div id="form_sign_in_yes" class="form-box">
-                <h5>[% loc('<strong>Yes</strong> I have a password') %]</h5>
+[% IF NOT oauth_need_email AND c.config.FACEBOOK_APP_ID %]
+      </div>
+[% END %]
 
-                <label class="hidden-js n" for="password_sign_in">[% loc('Password:') %]</label>
+    </fieldset>
+</form>
 
-                <div class="form-txt-submit-box">
-                    <input type="password" name="password_sign_in" id="password_sign_in" value="" placeholder="[% loc('Your password') %]">
-                    <input class="green-btn" type="submit" name="sign_in" value="[% loc('Sign in') %]">
-                </div>
+[% INCLUDE 'footer.html' %]
 
-                <input type="checkbox" id="remember_me" name="remember_me" value='1'[% ' checked' IF remember_me %]>
-                <label class="inline n" for="remember_me">[% loc('Keep me signed in on this computer') %]</label>
+[% BLOCK form_sign_in_yes %]
+    <div id="form_sign_in_yes" class="form-box">
+        <h5>[% loc('<strong>Yes</strong> I have a password') %]</h5>
 
-            </div>
-            <div id="form_sign_in_no" class="form-box">
-                <h5>[% loc('<strong>No</strong> let me sign in by email') %]</h5>
+        <label class="hidden-js n" for="password_sign_in">[% loc('Password:') %]</label>
 
-                <label for="name">[% loc('Name') %]</label>
-                <input type="text" name="name" value="" placeholder="[% loc('Your name') %]">
+        <div class="form-txt-submit-box">
+            <input type="password" name="password_sign_in" id="password_sign_in" value="" placeholder="[% loc('Your password') %]">
+            <input class="green-btn" type="submit" name="sign_in" value="[% loc('Sign in') %]">
+        </div>
 
-                <label for="password_register">[% loc('Password (optional)') %]</label>
+        <input type="checkbox" id="remember_me" name="remember_me" value='1'[% ' checked' IF remember_me %]>
+        <label class="inline n" for="remember_me">[% loc('Keep me signed in on this computer') %]</label>
 
-                <div class="general-notes">
-                    <p>[% loc('Providing a name and password is optional, but doing so will allow you to more easily report problems, leave updates and manage your reports.') %]</p>
-                </div>
+    </div>
+[% END %]
 
-                <div class="form-txt-submit-box">
-                    <input type="password" name="password_register" id="password_register" value="" placeholder="[% loc('Enter a password') %]">
-                    <input class="green-btn" type="submit" name="email_sign_in" value="[% loc('Sign in') %]">
-                </div>
-            </div>
+[% BLOCK form_sign_in_no %]
+    <div id="form_sign_in_no" class="form-box">
+        <h5>[% loc('<strong>No</strong> let me sign in by email') %]</h5>
 
-        </div>
+        <label for="name">[% loc('Name') %]</label>
+        <input type="text" name="name" value="" placeholder="[% loc('Your name') %]">
 
-    </fieldset>
-</form>
+        <label for="password_register">[% loc('Password (optional)') %]</label>
 
+        <div class="general-notes">
+            <p>[% loc('Providing a name and password is optional, but doing so will allow you to more easily report problems, leave updates and manage your reports.') %]</p>
+        </div>
 
-[% INCLUDE 'footer.html' %]
+        <div class="form-txt-submit-box">
+            <input type="password" name="password_register" id="password_register" value="" placeholder="[% loc('Enter a password') %]">
+            <input class="green-btn" type="submit" name="email_sign_in" value="[% loc('Sign in') %]">
+        </div>
+    </div>
+[% END %]
diff --git a/web/js/fixmystreet.js b/web/js/fixmystreet.js
index a1c6e6f73..312a3e294 100644
--- a/web/js/fixmystreet.js
+++ b/web/js/fixmystreet.js
@@ -131,6 +131,7 @@ $(function(){
     $('#facebook_sign_in').click(function(e){
         $('#form_email').removeClass();
         $('#form_rznvy').removeClass();
+        $('#email').removeClass();
     });
 
     // Geolocation