Enano CMS (1.1.x): comparison includes/clientside/static/login.js

Mercurial Mercurial > repos > enano-1.1 / comparison

summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help

includes/clientside/static/login.js

changeset 1132	05fe0039d952
parent 1125	367768040a61
child 1136	8c664c96fccd

equal deleted inserted replaced

-:adfbe522c95f
+:05fe0039d952
 logindata = {};
 var title = ( user_level > USER_LEVEL_MEMBER ) ? $lang.get('user_login_ajax_prompt_title_elev') : $lang.get('user_login_ajax_prompt_title');
 logindata.mb_object = new MessageBox(MB_OKCANCEL | MB_ICONLOCK, title, '');
+//
+// Cancel function: called when the "Cancel" button is clicked
+//
 logindata.mb_object.onclick['Cancel'] = function()
 {
-// Hide the error message and captcha
+// Hide the error message, if any
-if ( document.getElementById('ajax_login_error_box') )
+$('ajax_login_error_box').remove();
-{
+// Hide the captcha, if any
-document.getElementById('ajax_login_error_box').parentNode.removeChild(document.getElementById('ajax_login_error_box'));
-}
 if ( document.getElementById('autoCaptcha') )
 {
 var to = fly_out_top(document.getElementById('autoCaptcha'), false, true);
 setTimeout(function() {
 var d = document.getElementById('autoCaptcha');
 d.parentNode.removeChild(d);
 }, to);
 }
-// Ask the server to clean our key
+// Ask the server to delete the encryption key we're using
 ajaxLoginPerformRequest({
 mode: 'clean_key',
 key_aes: logindata.key_aes,
 key_dh: logindata.key_dh
 });
 };
+// Clicking OK will not cause the box to destroy, as this function returns true.
 logindata.mb_object.onbeforeclick['OK'] = function()
 {
+// Just call the submitter and let it take care of everything
 ajaxLoginSubmitForm();
 return true;
 }
 // Fetch the inner content area
 // Request the key
 ajaxLoginPerformRequest({ mode: 'getkey' });
 }
 /**
-* For compatibility only.
+* For compatibility only. Really, folks, it's ajaxLoginInit. If you need a
+* mnemonic device, use "two 'in's."
 */
 window.ajaxLogonInit = function(call_on_finish, user_level)
 {
 return ajaxLoginInit(call_on_finish, user_level);
 }
 /**
 * Sets the contents of the AJAX login window to the appropriate status message.
-* @param int One of AJAX_STATUS_*
+* @param int One of AJAX_STATUS_* constants
 */
 window.ajaxLoginSetStatus = function(status)
 {
 if ( !logindata.mb_inner )
 case AJAX_STATUS_DESTROY:
 case null:
 case undefined:
 logindata.showing_status = false;
-return null;
+return;
 break;
 }
 logindata.showing_status = true;
 }
 /**
 * Performs an AJAX logon request to the server and calls ajaxLoginProcessResponse() on the result.
 * @param object JSON packet to send
+* @param function Optional function to call on the response as well.
 */
 window.ajaxLoginPerformRequest = function(json, _hookfunc)
 {
 json = toJSONString(json);
 {
 alert(response.error);
 }
 return false;
 }
 // Main mode switch
 switch ( response.mode )
 {
-case 'build_box':
+case 'initial':
 // Rid ourselves of any loading windows
 ajaxLoginSetStatus(AJAX_STATUS_DESTROY);
+// show any errors
+ajaxLoginShowFriendlyError(response);
 // The server wants us to build the login form, all the information is there
 ajaxLoginBuildForm(response);
 break;
 case 'login_success':
 ajaxLoginSetStatus(AJAX_STATUS_SUCCESS);
 logindata.successfunc(response.key, response);
 break;
-case 'login_failure':
+case 'reset_pass_used':
+// We logged in with a temporary password. Prompt the user to go to the temp password page and
+// reset their real password. If they click no, treat it as a login failure, as no session key
+// is actually issued when this type of login is performed.
+var conf = confirm($lang.get('user_login_ajax_msg_used_temp_pass'));
+if ( conf )
+{
+var url = makeUrlNS('Special', 'PasswordReset/stage2/' + response.user_id + '/' + response.temp_password);
+window.location = url;
+break;
+}
+// else, treat as a failure
+default:
 // Rid ourselves of any loading windows
 ajaxLoginSetStatus(AJAX_STATUS_DESTROY);
 document.getElementById('messageBox').style.backgroundColor = '#C0C0C0';
 var mb_parent = document.getElementById('messageBox').parentNode;
-var do_respawn = ( typeof(response.respawn) == 'boolean' && response.respawn == true ) || typeof(response.respawn) != 'boolean';
+$(mb_parent).effect("shake", {}, 200);
-if ( do_respawn )
+setTimeout(function()
 {
-$(mb_parent).effect("shake", {}, 200);
+document.getElementById('messageBox').style.backgroundColor = '#FFF';
-setTimeout(function()
+console.debug(response);
-{
+ajaxLoginShowFriendlyError(response);
-document.getElementById('messageBox').style.backgroundColor = '#FFF';
+ajaxLoginBuildForm(response);
+}, 2500);
-ajaxLoginBuildForm(response.respawn_info);
-ajaxLoginShowFriendlyError(response);
-}, 2500);
-}
-else
-{
-ajaxLoginShowFriendlyError(response);
-}
-break;
-case 'login_success_reset':
-var conf = confirm($lang.get('user_login_ajax_msg_used_temp_pass'));
-if ( conf )
-{
-var url = makeUrlNS('Special', 'PasswordReset/stage2/' + response.user_id + '/' + response.temp_password);
-window.location = url;
-}
-else
-{
-// treat as a failure
-ajaxLoginSetStatus(AJAX_STATUS_DESTROY);
-document.getElementById('messageBox').style.backgroundColor = '#C0C0C0';
-var mb_parent = document.getElementById('messageBox').parentNode;
-$(mb_parent).effect("shake", {}, 1500);
-setTimeout(function()
-{
-document.getElementById('messageBox').style.backgroundColor = '#FFF';
-ajaxLoginBuildForm(response.respawn_info);
-// don't show an error here, just silently respawn
-}, 2500);
-}
 break;
 case 'logout_success':
 if ( ENANO_SID )
 {
 ajaxLoginReplaceSIDInline(false, ENANO_SID, USER_LEVEL_MEMBER);
 _2.src = ( ajax_login_lockimg_path ) ? ajax_login_lockimg_path : scriptPath + '/images/lock48.png';
 var div = document.createElement('div');
 div.id = 'ajax_login_form';
-var show_captcha = ( data.locked_out.locked_out && data.locked_out.lockout_policy == 'captcha' ) ? data.locked_out.captcha : false;
+var show_captcha = ( data.lockout.active && data.lockout.policy == 'captcha' ) ? data.lockout.captcha : false;
 // text displayed on re-auth
 if ( logindata.user_level > USER_LEVEL_MEMBER )
 {
 div.innerHTML += $lang.get('user_login_ajax_prompt_body_elev') + '<br /><br />';
 }
 td2_2.appendChild(f_password);
 tr2.appendChild(td2_2);
 table.appendChild(tr2);
-eval(setHook('login_build_form'));
 // Field - captcha
 if ( show_captcha )
 {
 var tr3 = document.createElement('tr');
 var td3_1 = document.createElement('td');
 td3_2.appendChild(f_captcha);
 tr3.appendChild(td3_2);
 table.appendChild(tr3);
 }
+// ok, this is a compatibility hack
+data.locked_out = { locked_out: data.lockout.active };
+// hook for the login form
+eval(setHook('login_build_form'));
+delete(data.locked_out);
 // Done building the main part of the form
 form.appendChild(table);
 // Checkbox container
 var boxen = document.createElement('div');
 lbl_dh.style.fontSize = 'smaller';
 lbl_dh.style.textAlign = 'center';
 lbl_dh.innerHTML = $lang.get('user_login_ajax_check_dh_ie');
 boxen.appendChild(lbl_dh);
 }
-else if ( !data.allow_diffiehellman )
+else if ( !data.crypto.dh_enable )
 {
 // create hidden control - server requested that DiffieHellman be disabled (usually means not supported)
 var check_dh = document.createElement('input');
 check_dh.type = 'hidden';
 check_dh.id = 'ajax_login_field_dh';
 document.getElementById('ajax_login_field_username').focus();
 }, 750);
 // Post operations: show captcha window
 if ( show_captcha )
+{
 ajaxShowCaptcha(show_captcha);
+}
 // Post operations: stash encryption keys and All That Jazz(TM)
-logindata.key_aes = data.aes_key;
+logindata.key_aes = data.crypto_aes_key;
-logindata.key_dh = data.dh_public_key;
+logindata.key_dh = data.crypto.dh_public_key;
 logindata.captcha_hash = show_captcha;
-logindata.loggedin_username = data.username
+logindata.loggedin_username = data.username;
-// Are we locked out? If so simulate an error and disable the controls
+// If policy is lockout, also disable controls
-if ( data.lockout_info.lockout_policy == 'lockout' && data.locked_out.locked_out )
+if ( data.lockout.policy == 'lockout' && data.lockout.active )
 {
 f_username.setAttribute('disabled', 'disabled');
 f_password.setAttribute('disabled', 'disabled');
-var fake_packet = {
-error_code: 'locked_out',
-respawn_info: data
-};
-ajaxLoginShowFriendlyError(fake_packet);
 }
 }
 window.ajaxLoginSubmitForm = function(real, username, password, captcha, remember)
 {
 ajaxLoginPerformRequest(json_packet);
 }
 window.ajaxLoginShowFriendlyError = function(response)
 {
-if ( !response.respawn_info )
-return false;
-if ( !response.error_code )
-return false;
 var text = ajaxLoginGetErrorText(response);
+if ( text == false )
+return true;
 if ( document.getElementById('ajax_login_error_box') )
 {
 // console.info('Reusing existing error-box');
 document.getElementById('ajax_login_error_box').innerHTML = text;
 return true;
 body.appendChild(errbox);
 }
 window.ajaxLoginGetErrorText = function(response)
 {
-if ( !response.error_code.match(/^[a-z0-9]+_[a-z0-9_]+$/) )
+if ( response.lockout )
 {
-return response.error_code;
+// set this pluralality thing
-}
+response.lockout.plural = response.lockout.time_rem == 1 ? '' : $lang.get('meta_plural');
-switch ( response.error_code )
+}
-{
-default:
+if ( response.mode == 'initial' )
-eval(setHook('ajax_login_process_error'));
+{
-if ( !ls )
+// Just showing the box for the first time. If there's an error now, it's based on a preexisting lockout.
-{
+if ( response.lockout.active )
-var ls = $lang.get('user_err_' + response.error_code);
+{
-if ( ls == 'user_err_' + response.error_code )
+return $lang.get('user_err_locked_out_initial_' + response.lockout.policy, response.lockout);
-// Adding response here allows language strings to utilize additional information passed from the error packet
+}
-ls = $lang.get(response.error_code, response);
+return false;
 }
+else
-return ls;
+{
-break;
+// An attempt was made.
-case 'locked_out':
+switch(response.mode)
-if ( response.respawn_info.lockout_info.lockout_policy == 'lockout' )
+{
-{
+case 'login_failure':
-return $lang.get('user_err_locked_out', {
+// Generic login user error.
-lockout_threshold: response.respawn_info.lockout_info.lockout_threshold,
+var error = '', x;
-lockout_duration: response.respawn_info.lockout_info.lockout_duration,
+if ( (x = $lang.get(response.error)) != response.error )
-time_rem: response.respawn_info.lockout_info.time_rem,
+error = x;
-plural: ( response.respawn_info.lockout_info.time_rem == 1 ) ? '' : $lang.get('meta_plural'),
+else
-captcha_blurb: ''
+error = $lang.get('user_err_' + response.error);
-});
+if ( response.lockout.active && response.lockout.policy == 'lockout' )
+{
+// Lockout enforcement was just activated.
+return $lang.get('user_err_locked_out_initial_' + response.lockout.policy, response.lockout);
+}
+else if ( response.lockout.policy != 'disable' && !response.lockout.active && response.lockout.fails > 0 )
+{
+// Lockout is in a warning state.
+error += ' ' + $lang.get('user_err_invalid_credentials_' + response.lockout.policy, response.lockout);
+}
+return error;
 break;
-}
+case 'api_error':
-case 'invalid_credentials':
+// Error in the API.
-var base = $lang.get('user_err_invalid_credentials');
+return $lang.get('user_err_login_generic_title') + ': ' + $lang.get('user_' + response.error.toLowerCase());
-if ( response.respawn_info.locked_out.locked_out )
+break;
-{
+}
-base += ' ';
+}
-var captcha_blurb = '';
-switch(response.respawn_info.lockout_info.lockout_policy)
+return typeof(response.error) == 'string' ? response.error : false;
-{
-case 'captcha':
-captcha_blurb = $lang.get('user_err_locked_out_captcha_blurb');
-break;
-case 'lockout':
-break;
-default:
-base += 'WTF? Shouldn\'t be locked out with lockout policy set to disable. ';
-break;
-}
-base += $lang.get('user_err_locked_out', {
-captcha_blurb: captcha_blurb,
-lockout_threshold: response.respawn_info.lockout_info.lockout_threshold,
-lockout_duration: response.respawn_info.lockout_info.lockout_duration,
-time_rem: response.respawn_info.lockout_info.time_rem,
-plural: ( response.respawn_info.lockout_info.time_rem == 1 ) ? '' : $lang.get('meta_plural')
-});
-}
-else if ( response.respawn_info.lockout_info.lockout_policy == 'lockout' || response.respawn_info.lockout_info.lockout_policy == 'captcha' )
-{
-// if we have a lockout policy of captcha or lockout, then warn the user
-switch ( response.respawn_info.lockout_info.lockout_policy )
-{
-case 'captcha':
-base += $lang.get('user_err_invalid_credentials_lockout_captcha', {
-fails: response.respawn_info.lockout_info.lockout_fails,
-lockout_threshold: response.respawn_info.lockout_info.lockout_threshold,
-lockout_duration: response.respawn_info.lockout_info.lockout_duration
-});
-break;
-case 'lockout':
-base += $lang.get('user_err_invalid_credentials_lockout', {
-fails: response.respawn_info.lockout_info.lockout_fails,
-lockout_threshold: response.respawn_info.lockout_info.lockout_threshold,
-lockout_duration: response.respawn_info.lockout_info.lockout_duration
-});
-break;
-}
-}
-return base;
-break;
-}
 }
 window.ajaxShowCaptcha = function(code)
 {
 var mydiv = document.createElement('div');
 var targetpage = adminpage;
 if ( !level )
 {
 level = USER_LEVEL_ADMIN;
 }
 ajaxLogonInit(function(k, response)
 {
 ajaxLoginReplaceSIDInline(k, old_sid, level);
 window.user_id = response.user_id;
 window.user_level = response.user_level;

Enano CMS (1.1.x)