diff options
Diffstat (limited to 'perllib')
| -rw-r--r-- | perllib/CrossSell.pm | 32 | ||||
| -rw-r--r-- | perllib/FixMyStreet/App/Controller/Auth.pm | 64 | ||||
| -rw-r--r-- | perllib/FixMyStreet/App/Controller/My.pm | 8 |
3 files changed, 47 insertions, 57 deletions
diff --git a/perllib/CrossSell.pm b/perllib/CrossSell.pm index 44f971462..46c34a43b 100644 --- a/perllib/CrossSell.pm +++ b/perllib/CrossSell.pm @@ -143,38 +143,6 @@ details. You can unsubscribe at any time.</p> EOF } -sub display_tms_form { - my (%input) = @_; - my %input_h = map { $_ => $input{$_} ? ent($input{$_}) : '' } qw(name email postcode mobile signed_email); - my $auth_signature = $input_h{signed_email}; - return <<EOF; -<h1 style="padding-top:0.5em">Coming Soon: TextMyStreet</h1> - -<p>Exclusive to FixMyStreet users: Sign up for a <strong>brand new</strong>, not-yet-launched -service which will make it easy to send short messages to other people on <strong>your -street</strong> and just round the corner.</p> - -<p>Use it to borrow a strimmer, discuss the weather or report a <strong>lost cat</strong>.</p> - -<form action="/tms-signup" method="post"> -<input type="hidden" name="signed_email" value="$auth_signature"> -<label for="name">Name:</label> -<input type="text" name="name" id="name" value="$input_h{name}" size="30"> -<br><label for="email">Email:</label> -<input type="text" name="email" id="email" value="$input_h{email}" size="30"> -<br><label for="postcode">Postcode:</label> -<input type="text" name="postcode" id="postcode" value="$input_h{postcode}" size="11"> -<br><label for="mobile">Mobile:</label> <input type="text" name="mobile" id="mobile" value="$input_h{mobile}" size="11"> - <input type="submit" class="submit" value="Sign up"> -</form> - -<p>mySociety respects your privacy, and we'll never sell or give away your private -details. Once we launch we'll send you some emails and perhaps some texts -explaining how it works, and it'll never cost you a penny unless we explicitly -say it will. You'll be able to <strong>unsubscribe</strong> at any time.</p> -EOF -} - # Not currently used, needs more explanation and testing; perhaps in future. sub display_gny_groups { my ($lon, $lat) = @_; diff --git a/perllib/FixMyStreet/App/Controller/Auth.pm b/perllib/FixMyStreet/App/Controller/Auth.pm index 7526c2c25..9ff415bf4 100644 --- a/perllib/FixMyStreet/App/Controller/Auth.pm +++ b/perllib/FixMyStreet/App/Controller/Auth.pm @@ -30,6 +30,9 @@ sub general : Path : Args(0) { my ( $self, $c ) = @_; my $req = $c->req; + $c->detach( 'redirect_on_signin', [ $req->param('r') ] ) + if $c->user && $req->param('r'); + # all done unless we have a form posted to us return unless $req->method eq 'POST'; @@ -64,8 +67,7 @@ sub login : Private { $c->set_session_cookie_expire(0) unless $remember_me; - $c->res->redirect( $c->uri_for('/my') ); - return; + $c->detach( 'redirect_on_signin', [ $c->req->param('r') ] ); } # could not authenticate - show an error @@ -104,14 +106,16 @@ sub email_login : Private { ->create( { scope => 'email_login', - data => { email => $good_email } + data => { + email => $good_email, + r => $c->req->param('r'), + } } ); - # log the user in, send them an email and redirect to the welcome page $c->stash->{token} = $token_obj->token; $c->send_email( 'login.txt', { to => $good_email } ); - $c->res->redirect( $c->uri_for('token') ); + $c->stash->{template} = 'auth/token.html'; } =head2 token @@ -121,16 +125,15 @@ Handle the 'email_login' tokens. Find the account for the email address =cut -sub token : Local { +sub token : Path('/M') : Args(1) { my ( $self, $c, $url_token ) = @_; - # check for a token - if none found then return - return unless $url_token; - # retrieve the token or return - my $token_obj = - $c->model('DB::Token') - ->find( { scope => 'email_login', token => $url_token, } ); + my $token_obj = $url_token + ? $c->model('DB::Token')->find( { + scope => 'email_login', token => $url_token + } ) + : undef; if ( !$token_obj ) { $c->stash->{token_not_found} = 1; @@ -142,6 +145,7 @@ sub token : Local { # get the email and scrap the token my $email = $token_obj->data->{email}; + my $redirect = $token_obj->data->{r}; $token_obj->delete; # find or create the user related to the token and delete the token @@ -149,7 +153,35 @@ sub token : Local { $c->authenticate( { email => $user->email }, 'no_password' ); # send the user to their page - $c->res->redirect( $c->uri_for('/my') ); + $c->detach( 'redirect_on_signin', [ $redirect ] ); +} + +=head2 redirect_on_signin + +Used after signing in to take the person back to where they were. + +=cut + + +sub redirect_on_signin : Private { + my ( $self, $c, $redirect ) = @_; + $redirect = 'my' unless $redirect; + $c->res->redirect( $c->uri_for( "/$redirect" ) ); +} + +=head2 redirect + +Used when trying to view a page that requires login when you're not. + +=cut + +sub redirect : Private { + my ( $self, $c ) = @_; + + my $uri = $c->uri_for( '/auth', { r => $c->req->path } ); + $c->res->redirect( $uri ); + $c->detach; + } =head2 change_password @@ -161,11 +193,7 @@ Let the user change their password. sub change_password : Local { my ( $self, $c ) = @_; - # FIXME - handle not being logged in more elegantly - unless ( $c->user ) { - $c->res->redirect( $c->uri_for('/auth') ); - $c->detach; - } + $c->detach( 'redirect' ) unless $c->user; # FIXME - CSRF check here # FIXME - minimum criteria for passwords (length, contain number, etc) diff --git a/perllib/FixMyStreet/App/Controller/My.pm b/perllib/FixMyStreet/App/Controller/My.pm index 1189fe901..79d5c5681 100644 --- a/perllib/FixMyStreet/App/Controller/My.pm +++ b/perllib/FixMyStreet/App/Controller/My.pm @@ -22,13 +22,7 @@ Catalyst Controller. sub my : Path : Args(0) { my ( $self, $c ) = @_; - - # FIXME - handle not being logged in more elegantly - unless ( $c->user ) { - $c->res->redirect( $c->uri_for('/auth') ); - $c->detach; - } - + $c->detach( '/auth/redirect' ) unless $c->user; } __PACKAGE__->meta->make_immutable; |