Business/AccountHub
2
0
Fork 2
Code Issues 3 Pull Requests Releases 3 Wiki Activity

Merge BusinessAppTemplate

Browse Source
This commit is contained in:
Skylar Ittner 2018-12-27 00:30:32 -07:00
commit 223a431e8b
6 changed files with 68 additions and 53 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

54
index.php
View File

@ -13,8 +13,20 @@ if (!empty($_SESSION['loggedin']) && $_SESSION['loggedin'] === true && !isset($_
die(); die();
} }
if (!empty($_GET['logout'])) {
// Show a logout message instead of immediately redirecting to login flow /**
* Show a simple HTML page with a line of text and a button. Matches the UI of
* the AccountHub login flow.
*
* @global type $SETTINGS
* @global type $SECURE_NONCE
* @global type $Strings
* @param string $title Text to show, passed through i18n
* @param string $button Button text, passed through i18n
* @param string $url URL for the button
*/
function showHTML(string $title, string $button, string $url) {
global $SETTINGS, $SECURE_NONCE, $Strings;
?> ?>
<!DOCTYPE html> <!DOCTYPE html>
<meta charset="UTF-8"> <meta charset="UTF-8">
@ -26,8 +38,20 @@ if (!empty($_GET['logout'])) {
<link rel="icon" href="static/img/logo.svg"> <link rel="icon" href="static/img/logo.svg">
<link href="static/css/bootstrap.min.css" rel="stylesheet"> <link href="static/css/bootstrap.min.css" rel="stylesheet">
<link href="static/css/svg-with-js.min.css" rel="stylesheet"> <style nonce="<?php echo $SECURE_NONCE; ?>">
<link href="static/css/login.css" rel="stylesheet"> .display-5 {
font-size: 2.5rem;
font-weight: 300;
line-height: 1.2;
}
.banner-image {
max-height: 100px;
margin: 2em auto;
border: 1px solid grey;
border-radius: 15%;
}
</style>
<div class="container mt-4"> <div class="container mt-4">
<div class="row justify-content-center"> <div class="row justify-content-center">
@ -36,24 +60,25 @@ if (!empty($_GET['logout'])) {
</div> </div>
<div class="col-12 text-center"> <div class="col-12 text-center">
<h1 class="display-5 mb-4"><?php $Strings->get("You have been logged out.") ?></h1> <h1 class="display-5 mb-4"><?php $Strings->get($title); ?></h1>
</div> </div>
<div class="col-12 col-sm-8 col-lg-6"> <div class="col-12 col-sm-8 col-lg-6">
<div class="card mt-4"> <div class="card mt-4">
<div class="card-body"> <div class="card-body">
<a href="./index.php" class="btn btn-primary btn-block"><?php $Strings->get("Log in again"); ?></a> <a href="<?php echo $url; ?>" class="btn btn-primary btn-block"><?php $Strings->get($button); ?></a>
</div> </div>
</div> </div>
</div> </div>
</div> </div>
</div> </div>
<script src="static/js/fontawesome-all.min.js"></script>
<?php <?php
die();
} }
if (!empty($_GET['logout'])) {
showHTML("You have been logged out.", "Log in again", "./index.php");
die();
}
if (empty($_SESSION["login_code"])) { if (empty($_SESSION["login_code"])) {
$redirecttologin = true; $redirecttologin = true;
} else { } else {
@ -64,7 +89,8 @@ if (empty($_SESSION["login_code"])) {
Session::start($user); Session::start($user);
$_SESSION["login_code"] = null; $_SESSION["login_code"] = null;
header('Location: app.php'); header('Location: app.php');
die("Logged in, go to app.php"); showHTML("Logged in", "Continue", "./app.php");
die();
} catch (Exception $ex) { } catch (Exception $ex) {
$redirecttologin = true; $redirecttologin = true;
} }
@ -76,8 +102,12 @@ if ($redirecttologin) {
$_SESSION["login_code"] = $code; $_SESSION["login_code"] = $code;
header("Location: ./login/?code=" . htmlentities($code) . "&redirect=" . htmlentities($_SERVER["REQUEST_URI"])); $loginurl = "./login/?code=" . htmlentities($code) . "&redirect=" . htmlentities($_SERVER["REQUEST_URI"]);
header("Location: $loginurl");
showHTML("Continue", "Continue", $loginurl);
die();
} catch (Exception $ex) { } catch (Exception $ex) {
sendError($ex->getMessage()); sendError($ex->getMessage());
} }
} }

21
langs/en/core.json
View File

@ -1,26 +1,7 @@
{ {
"sign in": "Sign In",
"username": "Username",
"password": "Password",
"continue": "Continue",
"authcode": "Authentication code",
"2fa prompt": "Enter the six-digit code from your mobile authenticator app.",
"2fa incorrect": "Authentication code incorrect.",
"login incorrect": "Login incorrect.",
"login server unavailable": "Login server unavailable. Try again later or contact technical support.",
"account locked": "This account has been disabled. Contact technical support.",
"password expired": "You must change your password before continuing.",
"account terminated": "Account terminated. Access denied.",
"account state error": "Your account state is not stable. Log out, restart your browser, and try again.",
"welcome user": "Welcome, {user}!",
"sign out": "Sign out", "sign out": "Sign out",
"404 error": "404 Error", "404 error": "404 Error",
"page not found": "Page not found.", "page not found": "Page not found.",
"invalid parameters": "Invalid request parameters.", "invalid parameters": "Invalid request parameters.",
"login server error": "The login server returned an error: {arg}", "login server error": "The login server returned an error: {arg}"
"login server user data error": "The login server refused to provide account information. Try again or contact technical support.",
"captcha error": "There was a problem with the CAPTCHA (robot test). Try again.",
"no access permission": "You do not have permission to access this system.",
"generic op error": "An unknown error occurred. Try again later.",
"home": "Home"
} }

7
langs/en/index.json Normal file
View File

@ -0,0 +1,7 @@
{
"You have been logged out.": "You have been logged out.",
"Log in again": "Log in again",
"login server unavailable": "Login server unavailable. Try again later or contact technical support.",
"no access permission": "You do not have permission to access this system.",
"Logged in": "Logged in"
}

15
langs/en/login.json
View File

@ -8,5 +8,18 @@
"Current password for {user}": "Current password for {user}", "Current password for {user}": "Current password for {user}",
"New password": "New password", "New password": "New password",
"New password (again)": "New password (again)", "New password (again)": "New password (again)",
"Fill in all three boxes.": "Fill in all three boxes." "Fill in all three boxes.": "Fill in all three boxes.",
"sign in": "Sign In",
"username": "Username",
"password": "Password",
"continue": "Continue",
"authcode": "Authentication code",
"2fa prompt": "Enter the six-digit code from your mobile authenticator app.",
"2fa incorrect": "Authentication code incorrect.",
"login incorrect": "Login incorrect.",
"login server unavailable": "Login server unavailable. Try again later or contact technical support.",
"account locked": "This account has been disabled. Contact technical support.",
"password expired": "You must change your password before continuing.",
"account terminated": "Account terminated. Access denied.",
"account state error": "Your account state is not stable. Log out, restart your browser, and try again."
} }

9
required.php
View File

@ -33,7 +33,6 @@ session_start(); // stick some cookies in it
// renew session cookie // renew session cookie
setcookie(session_name(), session_id(), time() + $session_length, "/", false, false); setcookie(session_name(), session_id(), time() + $session_length, "/", false, false);
$captcha_server = ($SETTINGS['captcha']['enabled'] === true ? preg_replace("/http(s)?:\/\//", "", $SETTINGS['captcha']['server']) : "");
if ($_SESSION['mobile'] === TRUE) { if ($_SESSION['mobile'] === TRUE) {
header("Content-Security-Policy: " header("Content-Security-Policy: "
. "default-src 'self';" . "default-src 'self';"
@ -43,8 +42,8 @@ if ($_SESSION['mobile'] === TRUE) {
. "frame-src 'none'; " . "frame-src 'none'; "
. "font-src 'self'; " . "font-src 'self'; "
. "connect-src *; " . "connect-src *; "
. "style-src 'self' 'unsafe-inline' $captcha_server; " . "style-src 'self' 'unsafe-inline'; "
. "script-src 'self' 'unsafe-inline' $captcha_server"); . "script-src 'self' 'unsafe-inline'");
} else { } else {
header("Content-Security-Policy: " header("Content-Security-Policy: "
. "default-src 'self';" . "default-src 'self';"
@ -54,8 +53,8 @@ if ($_SESSION['mobile'] === TRUE) {
. "frame-src 'none'; " . "frame-src 'none'; "
. "font-src 'self'; " . "font-src 'self'; "
. "connect-src *; " . "connect-src *; "
. "style-src 'self' 'nonce-$SECURE_NONCE' $captcha_server; " . "style-src 'self' 'nonce-$SECURE_NONCE'; "
. "script-src 'self' 'nonce-$SECURE_NONCE' $captcha_server"); . "script-src 'self' 'nonce-$SECURE_NONCE'");
} }
// //

15
static/css/index.css
View File

@ -1,15 +0,0 @@
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
.banner-image {
max-height: 100px;
margin: 2em auto;
border: 1px solid grey;
border-radius: 15%;
}
.footer {
margin-top: 10em;
text-align: center;
}