diff options
Diffstat (limited to 'templates/web/base/auth')
| -rw-r--r-- | templates/web/base/auth/2fa/form-add.html | 17 | ||||
| -rw-r--r-- | templates/web/base/auth/2fa/form.html (renamed from templates/web/base/auth/2faform.html) | 2 | ||||
| -rw-r--r-- | templates/web/base/auth/2fa/intro.html | 32 | ||||
| -rw-r--r-- | templates/web/base/auth/create.html | 31 | ||||
| -rw-r--r-- | templates/web/base/auth/general.html | 11 | ||||
| -rw-r--r-- | templates/web/base/auth/generate_token.html | 50 |
6 files changed, 119 insertions, 24 deletions
diff --git a/templates/web/base/auth/2fa/form-add.html b/templates/web/base/auth/2fa/form-add.html new file mode 100644 index 000000000..3603ec46c --- /dev/null +++ b/templates/web/base/auth/2fa/form-add.html @@ -0,0 +1,17 @@ +<p>[% loc('Please scan this image with your app, or enter the text code into your app, then generate a new one-time code and enter it below:') %]</p> + +<p align="center"><img src="[% qr_code %]" alt=""></p> +<p align="center">[% secret32.replace('(....)', '$1 ') %]</p> + +[% IF incorrect_code %] + <div class="form-error">[% loc('Sorry, that wasn’t the correct code') %]. + [% loc('Try again') %]:</div> +[% END %] + +<label for="2fa_code">[% loc('Code') %]</label> +<div class="form-txt-submit-box"> + <input autofocus class="form-control" type="number" id="2fa_code" name="2fa_code" value="" required> + <input type="submit" value="[% loc('Submit') %]" class="btn-primary"> +</div> +<input type="hidden" name="secret32" value="[% secret32 %]"> +<input type="hidden" name="2fa_action" value="confirm"> diff --git a/templates/web/base/auth/2faform.html b/templates/web/base/auth/2fa/form.html index bd6a7bd18..e093f6554 100644 --- a/templates/web/base/auth/2faform.html +++ b/templates/web/base/auth/2fa/form.html @@ -8,7 +8,7 @@ <h1>[% loc("Nearly done! Now check your phone…") %]</h1> <p>[% loc("Please generate a two-factor code and enter it below:") %]</p> [% END %] - <form action="/auth" method="post"> + <form action="/[% form_action OR 'auth' %]" method="post"> <input type="hidden" name="username" value="[% c.get_param('username') | html %]"> <input type="hidden" name="password_sign_in" value="[% c.get_param('password_sign_in') | html %]"> <input type="hidden" name="r" value="[% c.get_param('r') | html %]"> diff --git a/templates/web/base/auth/2fa/intro.html b/templates/web/base/auth/2fa/intro.html new file mode 100644 index 000000000..7813507a3 --- /dev/null +++ b/templates/web/base/auth/2fa/intro.html @@ -0,0 +1,32 @@ +[% +INCLUDE 'header.html', title = loc('Two-factor authentication'), bodyclass = 'fullwidthpage' +%] + +<div class="confirmation-header confirmation-header--phone"> + <h1>[% loc('Two-factor authentication') %]</h1> + + <form action="/[% form_action OR 'auth' %]" method="post"> + + [% IF stage == 'success' %] + <p>[% loc('Thanks, you have successfully enabled two-factor authentication on your account.') %]</p> + <p><a href="/my">[% loc('Your account') %]</a></p> + + [% ELSIF stage == 'activate' %] + [% PROCESS 'auth/2fa/form-add.html' %] + + [% ELSE # stage is intro %] + <p align="center">[% loc('Your account requires two-factor authentication to be set up.') %]</p> + <p align="center"> + <input class="btn-primary" type="submit" value="[% loc('Activate two-factor authentication') %]"> + </p> + <input type="hidden" name="2fa_action" value="activate"> + [% END %] + + <input type="hidden" name="username" value="[% c.get_param('username') | html %]"> + <input type="hidden" name="password_sign_in" value="[% c.get_param('password_sign_in') | html %]"> + <input type="hidden" name="r" value="[% c.get_param('r') | html %]"> + <input type="hidden" name="token" value="[% token | html %]"> + </form> +</div> + +[% INCLUDE 'footer.html' %] diff --git a/templates/web/base/auth/create.html b/templates/web/base/auth/create.html index 1886da95b..b8830e385 100644 --- a/templates/web/base/auth/create.html +++ b/templates/web/base/auth/create.html @@ -1,6 +1,8 @@ [% IF forgotten; title = loc('Forgot password'); +ELSIF expired_password; + title = loc('Password expired'); ELSE; title = loc('Create an account'); END; @@ -9,9 +11,11 @@ INCLUDE 'header.html', bodyclass='authpage' %] <h1> [% title %] + [% IF NOT expired_password %] <small> [% tprintf(loc('or <a href="%s">sign in</a>'), '/auth') %] </small> + [% END %] </h1> [% IF forgotten %] @@ -19,23 +23,32 @@ INCLUDE 'header.html', bodyclass='authpage' %] [% IF c.config.SMS_AUTHENTICATION %] [% loc('Sign in by email or text, providing a new password. When you click the link in your email or enter the SMS authentication code, your password will be updated.') %]</p> [% ELSE %] - [% loc('Sign in by email instead, providing a new password. When you click the link in your email, your password will be updated.') %]</p> + [% loc('Sign in by email instead, providing a new password. When you click the link in your email, your password will be updated.') %] [% END %] </p> +[% ELSIF expired_password %] +<p> + <a href="/auth/sign_out">[% loc('Sign out') %]</a> +</p> +<p> + [% loc('Your password has expired, please create a new one below. When you click the link in your email, your password will be updated.') %] +</p> [% END %] -<form action="/auth/[% forgotten ? 'forgot' : 'create' %]" method="post" name="general_auth" class="validate"> +<form action="/auth/[% expired_password ? 'expired' : forgotten ? 'forgot' : 'create' %]" method="post" name="general_auth" class="validate"> <fieldset> <input type="hidden" name="r" value="[% c.req.params.r | html %]"> + [% IF NOT expired_password %] + [% loc_username_error = INCLUDE 'auth/_username_error.html' default='email' %] -[% IF c.config.SMS_AUTHENTICATION %] - [% SET username_label = loc('Your email or mobile') %] -[% ELSE %] - [% SET username_label = loc('Your email') %] -[% END %] + [% IF c.config.SMS_AUTHENTICATION %] + [% SET username_label = loc('Your email or mobile') %] + [% ELSE %] + [% SET username_label = loc('Your email') %] + [% END %] <label class="n" for="username">[% username_label %]</label> [% IF loc_username_error %] @@ -43,6 +56,8 @@ INCLUDE 'header.html', bodyclass='authpage' %] [% END %] <input type="text" class="form-control required" id="username" name="username" value="[% username | html %]" autofocus autocomplete="username"> + [% END %] + [% IF field_errors.password_register %] <p class='form-error'>[% field_errors.password_register %]</p> [% END %] @@ -54,7 +69,7 @@ INCLUDE 'header.html', bodyclass='authpage' %] <div class="form-txt-submit-box"> <input class="required form-control js-password-validate" type="password" name="password_register" id="password_register" value="" autocomplete="new-password"> - <input class="green-btn" type="submit" name="sign_in_by_code" value="[% loc('Sign in') %]"> + <input class="green-btn" type="submit" name="sign_in_by_code" value="[% expired_password ? loc('Reset') : loc('Sign in') %]"> </div> </fieldset> diff --git a/templates/web/base/auth/general.html b/templates/web/base/auth/general.html index e2e880871..30b1bf63f 100644 --- a/templates/web/base/auth/general.html +++ b/templates/web/base/auth/general.html @@ -24,15 +24,22 @@ [% IF NOT oauth_need_email AND c.cobrand.social_auth_enabled %] [% IF c.config.FACEBOOK_APP_ID %] <div class="form-box"> - <button name="facebook_sign_in" id="facebook_sign_in" value="facebook_sign_in" class="btn btn--block btn--social btn--facebook"> + <button name="social_sign_in" id="facebook_sign_in" value="facebook" class="btn btn--block btn--social btn--facebook"> <img alt="" src="/i/facebook-icon-32.png" width="17" height="32"> [% loc('Log in with Facebook') %] </button> </div> [% END %] + [% IF c.cobrand.feature('oidc_login') %] + <div class="form-box"> + <button name="social_sign_in" id="oidc_sign_in" value="oidc" class="btn btn--block btn--social btn--oidc"> + [% tprintf(loc('Login with %s'), c.cobrand.feature('oidc_login').display_name) %] + </button> + </div> + [% END %] [% IF c.config.TWITTER_KEY %] <div class="form-box"> - <button name="twitter_sign_in" id="twitter_sign_in" value="twitter_sign_in" class="btn btn--block btn--social btn--twitter"> + <button name="social_sign_in" id="twitter_sign_in" value="twitter" class="btn btn--block btn--social btn--twitter"> <img alt="" src="/i/twitter-icon-32.png" width="17" height="32"> [% loc('Log in with Twitter') %] </button> diff --git a/templates/web/base/auth/generate_token.html b/templates/web/base/auth/generate_token.html index f7061be45..9152d0cb3 100644 --- a/templates/web/base/auth/generate_token.html +++ b/templates/web/base/auth/generate_token.html @@ -8,37 +8,63 @@ INCLUDE 'header.html', title = loc('Security'), bodyclass = 'fullwidthpage' <h1>[% loc('Your token has been generated') %]</h1> <p> - <strong>[% loc('Token:') %]</strong> + <strong>[% loc('Token') %]:</strong> <span>[% existing_token | html %]</span> </p> <p><a href="/my">[% loc('Your account') %]</a></p> </div> -[% ELSIF toggle_2fa_on %] +[% ELSIF toggle_2fa_off %] <div class="confirmation-header"> - <h1>[% loc('Two-factor authentication has been activated') %]</h1> - - <p align="center"><img src="[% qr_code %]"></p> - <p align="center">[% secret32.replace('(....)', '$1 ') %]</p> + <h1>[% loc('Two-factor authentication has been deactivated') %]</h1> <p><a href="/my">[% loc('Your account') %]</a></p> </div> -[% ELSIF toggle_2fa_off %] +[% ELSIF stage == 'success' %] <div class="confirmation-header"> - <h1>[% loc('Two-factor authentication has been deactivated') %]</h1> - + <h1>[% loc('Two-factor authentication has been activated') %]</h1> + <p>[% loc('Thanks, you have successfully enabled two-factor authentication on your account.') %]</p> <p><a href="/my">[% loc('Your account') %]</a></p> </div> +[% ELSIF stage == 'activate' %] + <div class="confirmation-header confirmation-header--phone"> + <h1>[% loc('Two-factor authentication') %]</h1> + + <form action="[% c.uri_for_action('/auth/profile/generate_token') %]" method="post" name="generate_token"> + <input type="hidden" name="token" value="[% csrf_token %]"> + [% PROCESS 'auth/2fa/form-add.html' %] + </form> + [% ELSE %] <h1>[% loc('Security') %]</h1> <form action="[% c.uri_for_action('/auth/profile/generate_token') %]" method="post" name="generate_token"> + +<h2>[% loc('Two-factor authentication') %]</h2> + + <input type="hidden" name="token" value="[% csrf_token %]"> + + <p> + [% IF c.user.is_superuser || c.user.from_body %] + [% IF has_2fa %] + <input name="2fa_activate" type="submit" class="btn" value="[% loc('Change two-factor authentication') %]"> + [% IF !c.cobrand.call_hook('must_have_2fa', c.user) %] + <input name="2fa_deactivate" type="submit" class="btn" value="[% loc('Deactivate two-factor authentication') %]"> + [% END %] + [% ELSE %] + <input name="2fa_activate" type="submit" class="btn" value="[% loc('Activate two-factor authentication') %]"> + [% END %] + [% END %] + </p> + +<h2>[% loc('Token') %]</h2> + <input type="hidden" name="token" value="[% csrf_token %]"> [% IF existing_token %] @@ -50,17 +76,15 @@ INCLUDE 'header.html', title = loc('Security'), bodyclass = 'fullwidthpage' <p> <input name="generate_token" type="submit" class="btn" value="[% existing_token ? loc('Replace token') : loc('Generate token') %]"> - [% IF c.user.is_superuser %] - <input name="toggle_2fa" type="submit" class="btn" value="[% has_2fa ? loc('Deactivate two-factor authentication') : loc('Activate two-factor authentication') %]"> - [% END %] </p> -</form> [% IF existing_token %] <p> [% loc('If you generate a new token the existing token will no longer work.') %] </p> [% END %] + +</form> [% END %] [% INCLUDE 'footer.html' %] |