cst1/openstreetmap-website
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add preferred provider social signup

Browse source 
- Add preferred provider for authorization to login and signup pages.
  To use, the 3rd party application would have to add `preferred_provider=...`
  parameter to OAuth2 authorization request.
- Resize 3rd party provider icons
- Add "login to authorize" heading to login and signup screens
This commit is contained in:
Milan Cvetkovic 2023-12-06 10:31:52 +00:00
parent d0e8f72311
commit 9649b192c0
11 changed files with 135 additions and 59 deletions
Download patch file Download diff file Expand all files Collapse all files

2
app/assets/javascripts/auth_providers.js
View file

@ -12,7 +12,7 @@ $(document).ready(function () {
$("#openid_open_url").click(function (e) {
e.preventDefault();
$("#openid_url").val("http://");
$("#login_auth_buttons").hide();
$("#login_auth_buttons").hide().removeClass("d-flex");
$("#login_openid_url").show();
$("#openid_login_button").show();
});

12
app/controllers/concerns/session_methods.rb
View file

@ -3,6 +3,18 @@ module SessionMethods
private
##
# Read @preferred_auth_provider and @client_app_name from oauth2 authorization request's referer
def parse_oauth_referer(referer)
referer_query = URI(referer).query if referer
return unless referer_query
ref_params = CGI.parse referer_query
preferred = ref_params["preferred_auth_provider"].first
@preferred_auth_provider = preferred if preferred && Settings.key?(:"#{preferred}_auth_id")
@client_app_name = Oauth2Application.where(:uid => ref_params["client_id"].first).pick(:name)
end
##
# return the URL to use for authentication
def auth_url(provider, uid, referer = nil)

2
app/controllers/sessions_controller.rb
View file

@ -15,6 +15,8 @@ class SessionsController < ApplicationController
override_content_security_policy_directives(:form_action => []) if Settings.csp_enforce || Settings.key?(:csp_report_url)
session[:referer] = safe_referer(params[:referer]) if params[:referer]
parse_oauth_referer session[:referer]
end
def create

2
app/controllers/users_controller.rb
View file

@ -60,6 +60,8 @@ class UsersController < ApplicationController
session[:referer]
end
parse_oauth_referer @referer
append_content_security_policy_directives(
:form_action => %w[accounts.google.com *.facebook.com login.live.com github.com meta.wikimedia.org]
)

20
app/helpers/user_helper.rb
View file

@ -60,11 +60,25 @@ module UserHelper
link_to(
image_tag("#{name}.svg",
:alt => t("application.auth_providers.#{name}.alt"),
:class => "rounded-3",
:size => "36"),
:class => "rounded-1",
:size => "24"),
auth_path(options.merge(:provider => provider)),
:method => :post,
:class => "auth_button",
:class => "auth_button p-2 d-block",
:title => t("application.auth_providers.#{name}.title")
)
end
def auth_button_preferred(name, provider, options = {})
link_to(
image_tag("#{name}.svg",
:alt => t("application.auth_providers.#{name}.alt"),
:class => "rounded-1 me-3",
:width => "24px",
:height => "24px") + t("application.auth_providers.#{name}.title"),
auth_path(options.merge(:provider => provider)),
:method => :post,
:class => "auth_button fs-6 border rounded text-muted text-decoration-none py-2 px-4 d-flex justify-content-center align-items-center",
:title => t("application.auth_providers.#{name}.title")
)
end

49
app/views/application/_auth_providers.html.erb
View file

@ -1,33 +1,44 @@
<div>
<div class="mb-3">
<label class="form-label"><%= t ".with external" %></label>
<ul class='list-inline' id="login_auth_buttons">
<li class="list-inline-item me-3">
<%= link_to image_tag("openid.png",
:alt => t("application.auth_providers.openid.title"),
:size => "36"),
"#",
:id => "openid_open_url",
:title => t("application.auth_providers.openid.title") %>
</li>
<div class="list-inline justify-content-center d-flex align-items-center flex-wrap mb-3 gap-3" id="login_auth_buttons">
<% %w[google facebook microsoft github wikipedia].each do |provider| %>
<% if Settings.key?("#{provider}_auth_id".to_sym) -%>
<li class="list-inline-item me-3"><%= auth_button provider, provider %></li>
<% if @preferred_auth_provider == provider %>
<div class="mx-2"><%= auth_button_preferred provider, provider %></div>
<% end %>
<% end -%>
<% end -%>
</ul>
<div class="justify-content-center d-flex gap-1">
<div>
<%= link_to image_tag("openid.png",
:alt => t("application.auth_providers.openid.title"),
:size => "24"),
"#",
:id => "openid_open_url",
:title => t("application.auth_providers.openid.title"),
:class => "p-2 d-block" %>
</div>
<% %w[google facebook microsoft github wikipedia].each do |provider| %>
<% unless @preferred_auth_provider == provider %>
<% if Settings.key?("#{provider}_auth_id".to_sym) -%>
<div><%= auth_button provider, provider %></div>
<% end -%>
<% end %>
<% end -%>
</div>
</div>
<%# :tabindex starts high to allow rendering at the bottom of the template %>
<%= form_tag(auth_path(:provider => "openid"), :id => "openid_login_form") do %>
<div id='login_openid_url' class="mb-3">
<label for='openid_url' class="form-label"><%= t ".openid_html", :logo => openid_logo %></label>
<div id="login_openid_url" class="mb-3">
<label for="openid_url" class="form-label"><%= t ".openid_html", :logo => openid_logo %></label>
<%= hidden_field_tag("referer", params[:referer], :autocomplete => "off") %>
<%= text_field_tag("openid_url", "", :tabindex => 5, :autocomplete => "on", :class => "openid_url form-control") %>
<%= text_field_tag("openid_url", "", :tabindex => 20, :autocomplete => "on", :class => "openid_url form-control") %>
<span class="form-text text-muted">(<a href="<%= t "accounts.edit.openid.link" %>" target="_new"><%= t "accounts.edit.openid.link text" %></a>)</span>
</div>
<%= submit_tag t(".openid_login_button"), :tabindex => 6, :id => "openid_login_button", :class => "btn btn-primary" %>
<%= submit_tag t(".openid_login_button"), :tabindex => 21, :id => "openid_login_button", :class => "btn btn-primary" %>
<% end %>
</div>
</div>

24
app/views/sessions/new.html.erb
View file

@ -6,6 +6,10 @@
<% content_for :heading_class, "p-0 mw-100" %>
<% content_for :heading do %>
<% if @client_app_name %>
<p class="text-center text-muted fs-6 py-2 mb-0 bg-white"><%= t(".login_to_authorize_html", :client_app_name => @client_app_name) %></p>
<% end %>
<div class="header-illustration new-user-main auth-container mx-auto">
<ul class="nav nav-tabs position-absolute bottom-0 px-3 fs-6 w-100">
<li class="nav-item">
@ -19,7 +23,14 @@
<% end %>
<div id="login_login" class="auth-container mx-auto my-0">
<p class='text-muted'><%= t ".no account" %> <%= link_to t(".register now"), user_new_path(:referer => params[:referer]) %></p>
<% if @preferred_auth_provider %>
<%= render :partial => "auth_providers" %>
<div class="d-flex justify-content-center align-items-center">
<div class="border-bottom border-1 flex-grow-1"></div>
<div class="text-secondary mx-3"><%= t ".or" %></div>
<div class="border-bottom border-1 flex-grow-1"></div>
</div>
<% end %>
<%= bootstrap_form_tag(:action => "login", :html => { :id => "login_form" }) do |f| %>
<%= hidden_field_tag("referer", h(params[:referer]), :autocomplete => "off") %>
@ -40,10 +51,17 @@
<%= f.check_box :remember_me, { :label => t(".remember"), :tabindex => 3, :checked => (params[:remember_me] == "yes") }, "yes" %>
<% end %>
<div class="mb-3">
<%= f.primary t(".login_button"), :tabindex => 4 %>
</div>
<% end %>
<hr>
<% unless @preferred_auth_provider %>
<div class="d-flex justify-content-center align-items-center">
<div class="border-bottom border-1 flex-grow-1"></div>
<div class="text-secondary mx-3"><%= t ".with external" %></div>
<div class="border-bottom border-1 flex-grow-1"></div>
</div>
<%= render :partial => "auth_providers" %>
<% end %>
</div>

26
app/views/users/new.html.erb
View file

@ -6,6 +6,10 @@
<% content_for :heading_class, "p-0 mw-100" %>
<% content_for :heading do %>
<% if @client_app_name %>
<p class="text-center text-muted fs-6 py-2 mb-0 bg-white"><%= t(".signup_to_authorize_html", :client_app_name => @client_app_name) %></p>
<% end %>
<div class="header-illustration new-user-main auth-container mx-auto">
<ul class="nav nav-tabs position-absolute bottom-0 px-3 fs-6 w-100">
<li class="nav-item">
@ -24,6 +28,15 @@
<p><strong><%= t ".about.header" %></strong> <%= t ".about.paragraph_1" %></p>
<p><%= t ".about.paragraph_2" %></p>
</div>
<% unless @preferred_auth_provider.nil? %>
<%= render :partial => "auth_providers" %>
<div class="d-flex justify-content-center align-items-center">
<div class="border-bottom border-1 flex-grow-1"></div>
<div class="text-secondary mx-3"><%= t ".or" %></div>
<div class="border-bottom border-1 flex-grow-1"></div>
</div>
<% end %>
<% else %>
<h4><%= t ".about.welcome" %></h4>
<% end %>
@ -34,7 +47,7 @@
<%= f.hidden_field :auth_provider unless current_user.auth_provider.nil? %>
<%= f.hidden_field :auth_uid unless current_user.auth_uid.nil? %>
<% if current_user.auth_uid.nil? or not current_user.errors[:email].empty? %>
<% if current_user.auth_uid.nil? or @verified_email.nil? or not current_user.errors[:email].empty? %>
<%= f.email_field :email, :help => t(".email_help_html",
:privacy_policy_link => link_to(t(".privacy_policy"),
t(".privacy_policy_url"),
@ -58,7 +71,7 @@
</div>
<% end %>
<p class="mb-3 text-muted"><%= t(".by_signing_up_html",
<p class="mb-3 text-muted fs-6"><%= t(".by_signing_up_html",
:tou_link => link_to(t("layouts.tou"),
"https://wiki.osmfoundation.org/wiki/Terms_of_Use",
:target => :new),
@ -69,7 +82,6 @@
:contributor_terms_link => link_to(t(".contributor_terms"),
t(".contributor_terms_url"),
:target => :new)) %></p>
<%= f.form_group do %>
<%= f.check_box :consider_pd,
:tabindex => 5,
@ -84,8 +96,12 @@
</div>
<% end %>
<% if current_user.auth_uid.nil? %>
<hr>
<% if current_user.auth_uid.nil? and @preferred_auth_provider.nil? %>
<div class="d-flex justify-content-center align-items-center">
<div class="border-bottom border-1 flex-grow-1"></div>
<div class="text-secondary mx-3"><%= t ".use external auth" %></div>
<div class="border-bottom border-1 flex-grow-1"></div>
</div>
<%= render :partial => "auth_providers" %>
<% end %>
</div>

19
config/locales/en.yml
View file

@ -1848,15 +1848,15 @@ en:
new:
title: "Log in"
tab_title: "Log in"
heading: "Log in"
login_to_authorize_html: "Log in to OpenStreetMap to access %{client_app_name}."
email or username: "Email Address or Username"
password: "Password"
remember: "Remember me"
lost password link: "Lost your password?"
login_button: "Log in"
register now: Register now
with external: "Alternatively, use a third party to log in:"
no account: Don't have an account?
with external: "or log in with a third party"
or: "or"
auth failure: "Sorry, could not log in with those details."
destroy:
title: "Logout"
@ -2576,7 +2576,6 @@ en:
openid_logo_alt: "Log in with an OpenID"
openid_html: "%{logo} OpenID"
openid_login_button: "Continue"
with external: "Alternatively, use a third party to login:"
openid:
title: Log in with OpenID
alt: Log in with an OpenID URL
@ -2730,22 +2729,22 @@ en:
new:
title: "Sign Up"
tab_title: "Sign up"
signup_to_authorize_html: "Sign up with OpenStreetMap to access %{client_app_name}."
no_auto_account_create: "Unfortunately we are not currently able to create an account for you automatically."
please_contact_support_html: 'Please contact %{support_link} to arrange for an account to be created - we will try and deal with the request as quickly as possible.'
support: support
about:
header: Free and editable.
paragraph_1: Unlike other maps, OpenStreetMap is completely created by people like you, and it's free for anyone to fix, update, download and use.
paragraph_2: Sign up to get started contributing. We'll send an email to confirm your account.
paragraph_2: Sign up to get started contributing.
welcome: "Welcome to OpenStreetMap"
duplicate_social_email: "If you already have an OpenStreetMap account and wish to use a 3rd party identity provider, please log in using your password and modify the settings of your account."
display name description: "Your publicly displayed username. You can change this later in the preferences."
by_signing_up_html: "By signing up, you agree to our %{contributor_terms_link} and %{tou_link}."
by_signing_up_html: "By signing up, you agree to our %{tou_link}, %{privacy_policy_link} and %{contributor_terms_link}."
tou: "terms of use"
contributor_terms_url: "https://wiki.osmfoundation.org/wiki/Licence/Contributor_Terms"
contributor_terms: "Contributor terms"
contributor_terms: "contributor terms"
external auth: "Third Party Authentication:"
use external auth: "Alternatively, use a third party to log in"
auth no password: "With third party authentication a password is not required, but some extra tools or server may still need one."
continue: Sign Up
terms accepted: "Thanks for accepting the new contributor terms!"
email_help_html: 'Your address is not displayed publicly, see our %{privacy_policy_link} for more information.'
@ -2755,6 +2754,8 @@ en:
consider_pd_html: "I consider my contributions to be in the %{consider_pd_link}."
consider_pd: "public domain"
consider_pd_url: https://wiki.osmfoundation.org/wiki/Licence_and_Legal_FAQ/Why_would_I_want_my_contributions_to_be_public_domain
or: "or"
use external auth: "or sign up with a third party"
terms:
title: "Terms"
heading: "Terms"

4
test/helpers/user_helper_test.rb
View file

@ -116,8 +116,8 @@ class UserHelperTest < ActionView::TestCase
def test_auth_button
button = auth_button("google", "google")
img_tag = "<img alt=\"Log in with a Google OpenID\" class=\"rounded-3\" src=\"/images/google.svg\" width=\"36\" height=\"36\" />"
assert_equal("<a class=\"auth_button\" title=\"Log in with Google\" rel=\"nofollow\" data-method=\"post\" href=\"/auth/google\">#{img_tag}</a>", button)
img_tag = "<img alt=\"Log in with a Google OpenID\" class=\"rounded-1\" src=\"/images/google.svg\" width=\"24\" height=\"24\" />"
assert_equal("<a class=\"auth_button p-2 d-block\" title=\"Log in with Google\" rel=\"nofollow\" data-method=\"post\" href=\"/auth/google\">#{img_tag}</a>", button)
end
private

2
test/system/user_signup_test.rb
View file

@ -4,7 +4,7 @@ class UserSignupTest < ApplicationSystemTestCase
test "Sign up from login page" do
visit login_path
click_on "Register now"
click_on "Sign up"
assert_content "Confirm Password"
end