X-Git-Url: http://git.heureux-cyclage.org/?a=blobdiff_plain;f=includes%2Fspecialpage%2FLoginSignupSpecialPage.php;h=d3cd5777c6c879dcc22572e4b91b2bfed662fd8b;hb=f7cfed2a4a67264e5a76773246d155449ba5e186;hp=c3d43df266417cfc2f5b3688b4168d8708c9842d;hpb=5bc939c8880ca6d02373d850a559fd8a315ee125;p=lhc%2Fweb%2Fwiklou.git diff --git a/includes/specialpage/LoginSignupSpecialPage.php b/includes/specialpage/LoginSignupSpecialPage.php index c3d43df266..d3cd5777c6 100644 --- a/includes/specialpage/LoginSignupSpecialPage.php +++ b/includes/specialpage/LoginSignupSpecialPage.php @@ -223,11 +223,16 @@ abstract class LoginSignupSpecialPage extends AuthManagerSpecialPage { $this->setHeaders(); $this->checkPermissions(); - // Make sure it's possible to log in - if ( !$this->isSignup() && !$session->canSetUser() ) { - throw new ErrorPageError( 'cannotloginnow-title', 'cannotloginnow-text', [ + // Make sure the system configuration allows log in / sign up + if ( !$this->isSignup() && !$authManager->canAuthenticateNow() ) { + if ( !$session->canSetUser() ) { + throw new ErrorPageError( 'cannotloginnow-title', 'cannotloginnow-text', [ $session->getProvider()->describe( RequestContext::getMain()->getLanguage() ) ] ); + } + throw new ErrorPageError( 'cannotlogin-title', 'cannotlogin-text' ); + } elseif ( $this->isSignup() && !$authManager->canCreateAccounts() ) { + throw new ErrorPageError( 'cannotcreateaccount-title', 'cannotcreateaccount-text' ); } /* @@ -289,6 +294,14 @@ abstract class LoginSignupSpecialPage extends AuthManagerSpecialPage { return; } + if ( $this->canBypassForm( $button_name ) ) { + $this->setRequest( [], true ); + $this->getRequest()->setVal( $this->getTokenName(), $this->getToken() ); + if ( $button_name ) { + $this->getRequest()->setVal( $button_name, true ); + } + } + $status = $this->trySubmit(); if ( !$status || !$status->isGood() ) { @@ -354,13 +367,53 @@ abstract class LoginSignupSpecialPage extends AuthManagerSpecialPage { $this->authAction = $this->isSignup() ? AuthManager::ACTION_CREATE_CONTINUE : AuthManager::ACTION_LOGIN_CONTINUE; $this->authRequests = $response->neededRequests; - $this->mainLoginForm( $response->neededRequests, $response->message, 'warning' ); + $this->mainLoginForm( $response->neededRequests, $response->message, $response->messageType ); break; default: throw new LogicException( 'invalid AuthenticationResponse' ); } } + /** + * Determine if the login form can be bypassed. This will be the case when no more than one + * button is present and no other user input fields that are not marked as 'skippable' are + * present. If the login form were not bypassed, the user would be presented with a + * superfluous page on which they must press the single button to proceed with login. + * Not only does this cause an additional mouse click and page load, it confuses users, + * especially since there are a help link and forgotten password link that are + * provided on the login page that do not apply to this situation. + * + * @param string|null &$button_name if the form has a single button, returns + * the name of the button; otherwise, returns null + * @return bool + */ + private function canBypassForm( &$button_name ) { + $button_name = null; + if ( $this->isContinued() ) { + return false; + } + $fields = AuthenticationRequest::mergeFieldInfo( $this->authRequests ); + foreach ( $fields as $fieldname => $field ) { + if ( !isset( $field['type'] ) ) { + return false; + } + if ( !empty( $field['skippable'] ) ) { + continue; + } + if ( $field['type'] === 'button' ) { + if ( $button_name !== null ) { + $button_name = null; + return false; + } else { + $button_name = $fieldname; + } + } elseif ( $field['type'] !== 'null' ) { + return false; + } + } + return true; + } + /** * Show the success page. * @@ -494,7 +547,21 @@ abstract class LoginSignupSpecialPage extends AuthManagerSpecialPage { $form = $this->getAuthForm( $requests, $this->authAction, $msg, $msgtype ); $form->prepareForm(); - $formHtml = $form->getHTML( $msg ? Status::newFatal( $msg ) : false ); + + $submitStatus = Status::newGood(); + if ( $msg && $msgtype === 'warning' ) { + $submitStatus->warning( $msg ); + } elseif ( $msg && $msgtype === 'error' ) { + $submitStatus->fatal( $msg ); + } + + // warning header for non-standard workflows (e.g. security reauthentication) + if ( !$this->isSignup() && $this->getUser()->isLoggedIn() ) { + $reauthMessage = $this->securityLevel ? 'userlogin-reauth' : 'userlogin-loggedin'; + $submitStatus->warning( $reauthMessage, $this->getUser()->getName() ); + } + + $formHtml = $form->getHTML( $submitStatus ); $out->addHTML( $this->getPageHtml( $formHtml ) ); } @@ -616,13 +683,6 @@ abstract class LoginSignupSpecialPage extends AuthManagerSpecialPage { $form->setId( 'userlogin2' ); } - // warning header for non-standard workflows (e.g. security reauthentication) - if ( !$this->isSignup() && $this->getUser()->isLoggedIn() ) { - $reauthMessage = $this->securityLevel ? 'userlogin-reauth' : 'userlogin-loggedin'; - $form->addHeaderText( Html::rawElement( 'div', [ 'class' => 'warningbox' ], - $this->msg( $reauthMessage )->params( $this->getUser()->getName() )->parse() ) ); - } - $form->suppressDefaultSubmit(); $this->authForm = $form;