1:42 p.m.
From: Aline Manera <alinefm(a)linux.vnet.ibm.com>
The frontend should redirect user after logging so it can properly
store the user information returned by /login for authorization matters.
Signed-off-by: Aline Manera <alinefm(a)linux.vnet.ibm.com>
---
src/kimchi/auth.py | 10 ++------
src/kimchi/root.py | 19 +-------------
ui/js/src/kimchi.login.js | 64 +++++++++++++++++++++++++++++++++++++++++++++++
ui/pages/login.html.tmpl | 36 +++-----------------------
4 files changed, 71 insertions(+), 58 deletions(-)
create mode 100644 ui/js/src/kimchi.login.js
diff --git a/src/kimchi/auth.py b/src/kimchi/auth.py
index 6a4a610..f7ab6b0 100644
--- a/src/kimchi/auth.py
+++ b/src/kimchi/auth.py
@@ -45,8 +45,8 @@ def redirect_login():
url = "/login.html"
if cherrypy.request.path_info.endswith(".html"):
next_url = cherrypy.serving.request.request_line.split()[1]
- next_url = base64.urlsafe_b64encode(next_url)
- url = "/login.html?next=%s" % next_url
+ cherrypy.response.cookie["lastPage"] = next_url
+ cherrypy.response.cookie["lastPage"]["path"] = "/"
raise cherrypy.HTTPRedirect(url, 303)
@@ -203,12 +203,6 @@ def login(username, password, **kwargs):
debug("User cannot be verified with the supplied password")
return None
except PAM.error, (resp, code):
- if (cherrypy.request.path_info == "/login" and
- not template.can_accept('application/json')):
- next_url = kwargs.get("next")
- url = "/login.html?error=userPassWrong"
- url = url if next_url is None else url + "&next=%s" % next_url
- raise cherrypy.HTTPRedirect(url, 303)
msg_args = {'username': username, 'code': code}
raise OperationFailed("KCHAUTH0001E", msg_args)
diff --git a/src/kimchi/root.py b/src/kimchi/root.py
index 6d1bd19..dec5862 100644
--- a/src/kimchi/root.py
+++ b/src/kimchi/root.py
@@ -128,24 +128,7 @@ def __init__(self, model, dev_env):
self.messages = messages
@cherrypy.expose
- def login(self, *args, **kwargs):
- username = kwargs.get('username')
- password = kwargs.get('password')
- # traditional form base authentication
- kwa = {}
- if username is not None:
- # UI can parser the redirect url by "next" query parameter
- next_url = kwargs.get('next')
- next_url = next_url[0] if(type(next_url) is list) else next_url
- if next_url is None:
- lastPage = cherrypy.request.cookie.get("lastPage")
- next_url = lastPage.value if lastPage is not None else "/"
- else:
- kwa = {"next": next_url.encode("utf-8")}
- next_url = base64.urlsafe_b64decode(next_url.encode("utf-8"))
- auth.login(username, password, **kwa)
- raise cherrypy.HTTPRedirect(next_url, 303)
-
+ def login(self, *args):
try:
params = parse_request()
username = params['username']
diff --git a/ui/js/src/kimchi.login.js b/ui/js/src/kimchi.login.js
new file mode 100644
index 0000000..e9878c1
--- /dev/null
+++ b/ui/js/src/kimchi.login.js
@@ -0,0 +1,64 @@
+/*
+ * Project Kimchi
+ *
+ * Copyright IBM, Corp. 2014
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+kimchi.login_main = function() {
+
+ var selectedLanguage = kimchi.lang.get();
+ $('#userLang').val(selectedLanguage);
+
+ $('#userLang').on('change', function() {
+ kimchi.lang.set($(this).val());
+ location.reload();
+ });
+
+ var query = window.location.search;
+ var error = /.*error=(.*?)(&|$)/g.exec(query);
+ if (error && error[1] == "sessionTimeout") {
+ $("#messSession").show();
+ }
+
+ var userNameBox = $('#username');
+ var passwordBox = $('#password');
+ var loginButton = $('#btn-login');
+
+ var login = function(event) {
+ $("#login").hide()
+ $("#logging").show()
+
+ var userName = userNameBox.val();
+ userName && kimchi.user.setUserName(userName);
+ var settings = {
+ username: userName,
+ password: passwordBox.val()
+ };
+
+ kimchi.login(settings, function(data) {
+ var lastPage = kimchi.cookie.get('lastPage');
+ var next_url = lastPage ? lastPage.replace(/\"/g,'') :
"/"
+ window.location.replace(next_url)
+ }, function() {
+ $("#messUserPass").show()
+ $("#messSession").hide();
+ $("#logging").hide()
+ $("#login").show()
+ });
+
+ return false;
+ };
+
+ $('#form-login').on('submit', login);
+};
diff --git a/ui/pages/login.html.tmpl b/ui/pages/login.html.tmpl
index f8f683d..7d61a6a 100644
--- a/ui/pages/login.html.tmpl
+++ b/ui/pages/login.html.tmpl
@@ -32,6 +32,7 @@
<meta name="viewport" content="width=device-width, initial-scale=1.0,
user-scalable=yes" />
<link rel="shortcut icon" href="images/logo.ico">
<link rel="stylesheet"
href="$href('css/theme-default.min.css')">
+<script
src="$href('libs/modernizr.custom.76777.js')"></script>
<script src="$href('libs/jquery-1.10.0.min.js')"></script>
<script src="$href('libs/jquery-ui.min.js')"></script>
<script
src="$href('libs/jquery-ui-i18n.min.js')"></script>
@@ -56,40 +57,11 @@
color: #C85305;
}
</style>
-<script>
-function changeLang() {
- var lang = document.getElementById('userLang').value;
- kimchi.cookie.set('kimchiLang', lang, 365);
- window.location.reload();
-}
-function setLang() {
- var defaultLang = 'en_US';
- var clientLang =
document.getElementsByTagName("html")[0].getAttribute("lang");
- var persistLang = kimchi.cookie.get('kimchiLang');
- document.getElementById("userLang").value = persistLang || clientLang ||
defaultLang;
-}
-function updateBtnLabel() {
- document.getElementById("login").style.display = "none";
- document.getElementById("logging").style.display = "";
- kimchi.user.setUserName(document.getElementById("username").value);
-}
-function setMessage() {
- var err = "$getVar('data.error', '')";
- if(err=="userPassWrong")
- document.getElementById("messUserPass").style.display = "";
- if(err=="sessionTimeout")
- document.getElementById("messSession").style.display = "";
-}
-function init() {
- setLang();
- setMessage();
-}
-</script>
</head>
-<body onload="init()">
+<body onload="kimchi.login_main()">
<div class="container topbar">
<span id="logo"><img alt="Project Kimchi"
src="images/theme-default/logo-white.png"></span>
- <select id="userLang" onchange="changeLang()">
+ <select id="userLang">
<option value="en_US">English (US)</option>
<option value="zh_CN">中文(简体)</option>
<option value="pt_BR">Português (Brasil)</option>
@@ -100,7 +72,7 @@ function init() {
<div id="messUserPass" class="err-mess"
style="display: none;">$_("The username or password you entered is
incorrect. Please try again.")</div>
<div id="messSession" class="err-mess"
style="display: none;">$_("Session timeout, please
re-login.")</div>
</div>
- <form id="form-login" action="/login$next"
method="POST" class="login-panel"
onsubmit="updateBtnLabel();">
+ <form id="form-login" class="login-panel">
<div class="row">
<input type="text" id="username"
name="username" required="required" placeholder="$_("User
Name")" autofocus/>
<div id="username-msg"
class="msg-required"></div>
--
1.9.3