diff --git a/modules/auth/user_form.go b/modules/auth/user_form.go index 4f7b80f590..3193717150 100644 --- a/modules/auth/user_form.go +++ b/modules/auth/user_form.go @@ -41,6 +41,8 @@ type InstallForm struct { OfflineMode bool DisableGravatar bool EnableFederatedAvatar bool + EnableOpenIDSignIn bool + EnableOpenIDSignUp bool DisableRegistration bool EnableCaptcha bool RequireSignInView bool diff --git a/options/locale/locale_en-US.ini b/options/locale/locale_en-US.ini index d3abb30f8c..9931d9152b 100644 --- a/options/locale/locale_en-US.ini +++ b/options/locale/locale_en-US.ini @@ -116,6 +116,10 @@ federated_avatar_lookup = Enable Federated Avatars Lookup federated_avatar_lookup_popup = Enable federated avatar lookup using Libravatar. disable_registration = Disable Self-registration disable_registration_popup = Disable user self-registration, only admin can create accounts. +openid_signin = Enable OpenID Sign-In +openid_signin_popup = Enable user login via OpenID +openid_signup = Enable OpenID Self-registration +openid_signup_popup = Enable OpenID based Self-registration enable_captcha = Enable Captcha enable_captcha_popup = Require a CAPTCHA for user self-registration. require_sign_in_view = Enable Require Sign In to View Pages diff --git a/public/js/index.js b/public/js/index.js index f6060dc631..1bad33e08d 100644 --- a/public/js/index.js +++ b/public/js/index.js @@ -311,9 +311,22 @@ function initInstall() { $('#offline-mode').checkbox('uncheck'); } }); + $('#enable-openid-signin input').change(function () { + if ($(this).is(':checked')) { + if ( $('#disable-registration input').is(':checked') ) { + } else { + $('#enable-openid-signup').checkbox('check'); + } + } else { + $('#enable-openid-signup').checkbox('uncheck'); + } + }); $('#disable-registration input').change(function () { if ($(this).is(':checked')) { $('#enable-captcha').checkbox('uncheck'); + $('#enable-openid-signup').checkbox('uncheck'); + } else { + $('#enable-openid-signup').checkbox('check'); } }); $('#enable-captcha input').change(function () { diff --git a/routers/install.go b/routers/install.go index 3d051bd376..08f5d80f3b 100644 --- a/routers/install.go +++ b/routers/install.go @@ -108,6 +108,8 @@ func Install(ctx *context.Context) { form.OfflineMode = setting.OfflineMode form.DisableGravatar = setting.DisableGravatar form.EnableFederatedAvatar = setting.EnableFederatedAvatar + form.EnableOpenIDSignIn = true + form.EnableOpenIDSignUp = true form.DisableRegistration = setting.Service.DisableRegistration form.EnableCaptcha = setting.Service.EnableCaptcha form.RequireSignInView = setting.Service.RequireSignInView @@ -292,6 +294,8 @@ func InstallPost(ctx *context.Context, form auth.InstallForm) { cfg.Section("server").Key("OFFLINE_MODE").SetValue(com.ToStr(form.OfflineMode)) cfg.Section("picture").Key("DISABLE_GRAVATAR").SetValue(com.ToStr(form.DisableGravatar)) cfg.Section("picture").Key("ENABLE_FEDERATED_AVATAR").SetValue(com.ToStr(form.EnableFederatedAvatar)) + cfg.Section("openid").Key("ENABLE_OPENID_SIGNIN").SetValue(com.ToStr(form.EnableOpenIDSignIn)) + cfg.Section("openid").Key("ENABLE_OPENID_SIGNUP").SetValue(com.ToStr(form.EnableOpenIDSignUp)) cfg.Section("service").Key("DISABLE_REGISTRATION").SetValue(com.ToStr(form.DisableRegistration)) cfg.Section("service").Key("ENABLE_CAPTCHA").SetValue(com.ToStr(form.EnableCaptcha)) cfg.Section("service").Key("REQUIRE_SIGNIN_VIEW").SetValue(com.ToStr(form.RequireSignInView)) diff --git a/routers/routes/routes.go b/routers/routes/routes.go index a7a759538f..d765c4c03b 100644 --- a/routers/routes/routes.go +++ b/routers/routes/routes.go @@ -136,6 +136,20 @@ func RegisterRoutes(m *macaron.Macaron) { bindIgnErr := binding.BindIgnErr validation.AddBindingRules() + openIDSignInEnabled := func(ctx *context.Context) { + if !setting.Service.EnableOpenIDSignIn { + ctx.Error(403) + return + } + } + + openIDSignUpEnabled := func(ctx *context.Context) { + if !setting.Service.EnableOpenIDSignUp { + ctx.Error(403) + return + } + } + m.Use(user.GetNotificationCount) // FIXME: not all routes need go through same middlewares. @@ -163,19 +177,21 @@ func RegisterRoutes(m *macaron.Macaron) { m.Group("/user", func() { m.Get("/login", user.SignIn) m.Post("/login", bindIgnErr(auth.SignInForm{}), user.SignInPost) - if setting.Service.EnableOpenIDSignIn { + m.Group("", func() { m.Combo("/login/openid"). Get(user.SignInOpenID). Post(bindIgnErr(auth.SignInOpenIDForm{}), user.SignInOpenIDPost) - m.Group("/openid", func() { - m.Combo("/connect"). - Get(user.ConnectOpenID). - Post(bindIgnErr(auth.ConnectOpenIDForm{}), user.ConnectOpenIDPost) - m.Combo("/register"). - Get(user.RegisterOpenID). + }, openIDSignInEnabled) + m.Group("/openid", func() { + m.Combo("/connect"). + Get(user.ConnectOpenID). + Post(bindIgnErr(auth.ConnectOpenIDForm{}), user.ConnectOpenIDPost) + m.Group("/register", func() { + m.Combo(""). + Get(user.RegisterOpenID, openIDSignUpEnabled). Post(bindIgnErr(auth.SignUpOpenIDForm{}), user.RegisterOpenIDPost) - }) - } + }, openIDSignUpEnabled) + }, openIDSignInEnabled) m.Get("/sign_up", user.SignUp) m.Post("/sign_up", bindIgnErr(auth.RegisterForm{}), user.SignUpPost) m.Get("/reset_password", user.ResetPasswd) @@ -206,15 +222,12 @@ func RegisterRoutes(m *macaron.Macaron) { m.Post("/email/delete", user.DeleteEmail) m.Get("/password", user.SettingsPassword) m.Post("/password", bindIgnErr(auth.ChangePasswordForm{}), user.SettingsPasswordPost) - if setting.Service.EnableOpenIDSignIn { - m.Group("/openid", func() { - m.Combo("").Get(user.SettingsOpenID). - Post(bindIgnErr(auth.AddOpenIDForm{}), user.SettingsOpenIDPost) - m.Post("/delete", user.DeleteOpenID) - m.Post("/toggle_visibility", user.ToggleOpenIDVisibility) - }) - } - + m.Group("/openid", func() { + m.Combo("").Get(user.SettingsOpenID). + Post(bindIgnErr(auth.AddOpenIDForm{}), user.SettingsOpenIDPost) + m.Post("/delete", user.DeleteOpenID) + m.Post("/toggle_visibility", user.ToggleOpenIDVisibility) + }, openIDSignInEnabled) m.Combo("/keys").Get(user.SettingsKeys). Post(bindIgnErr(auth.AddKeyForm{}), user.SettingsKeysPost) m.Post("/keys/delete", user.DeleteKey) diff --git a/routers/user/auth_openid.go b/routers/user/auth_openid.go index dcc3fcf0fc..a5124680dd 100644 --- a/routers/user/auth_openid.go +++ b/routers/user/auth_openid.go @@ -259,6 +259,7 @@ func ConnectOpenID(ctx *context.Context) { // ConnectOpenIDPost handles submission of a form to connect an OpenID URI to an existing account func ConnectOpenIDPost(ctx *context.Context, form auth.ConnectOpenIDForm) { + oid, _ := ctx.Session.Get("openid_verified_uri").(string) if oid == "" { ctx.Redirect(setting.AppSubURL + "/user/login/openid") @@ -300,10 +301,6 @@ func ConnectOpenIDPost(ctx *context.Context, form auth.ConnectOpenIDForm) { // RegisterOpenID shows a form to create a new user authenticated via an OpenID URI func RegisterOpenID(ctx *context.Context) { - if !setting.Service.EnableOpenIDSignUp { - ctx.Error(403) - return - } oid, _ := ctx.Session.Get("openid_verified_uri").(string) if oid == "" { ctx.Redirect(setting.AppSubURL + "/user/login/openid") @@ -328,10 +325,6 @@ func RegisterOpenID(ctx *context.Context) { // RegisterOpenIDPost handles submission of a form to create a new user authenticated via an OpenID URI func RegisterOpenIDPost(ctx *context.Context, cpt *captcha.Captcha, form auth.SignUpOpenIDForm) { - if !setting.Service.EnableOpenIDSignUp { - ctx.Error(403) - return - } oid, _ := ctx.Session.Get("openid_verified_uri").(string) if oid == "" { ctx.Redirect(setting.AppSubURL + "/user/login/openid") diff --git a/templates/install.tmpl b/templates/install.tmpl index ede1d4399f..5c6d1a9473 100644 --- a/templates/install.tmpl +++ b/templates/install.tmpl @@ -188,12 +188,24 @@ +
+
+ + +
+
+
+
+ + +
+