Browse Source

Merge BusinessAppTemplate

master
Skylar Ittner 5 months ago
parent
commit
223a431e8b
6 changed files with 68 additions and 53 deletions
  1. 42
    12
      index.php
  2. 1
    20
      langs/en/core.json
  3. 7
    0
      langs/en/index.json
  4. 14
    1
      langs/en/login.json
  5. 4
    5
      required.php
  6. 0
    15
      static/css/index.css

+ 42
- 12
index.php View File

@@ -13,8 +13,20 @@ if (!empty($_SESSION['loggedin']) && $_SESSION['loggedin'] === true && !isset($_
13 13
     die();
14 14
 }
15 15
 
16
-if (!empty($_GET['logout'])) {
17
-    // Show a logout message instead of immediately redirecting to login flow
16
+
17
+/**
18
+ * Show a simple HTML page with a line of text and a button.  Matches the UI of
19
+ * the AccountHub login flow.
20
+ *
21
+ * @global type $SETTINGS
22
+ * @global type $SECURE_NONCE
23
+ * @global type $Strings
24
+ * @param string $title Text to show, passed through i18n
25
+ * @param string $button Button text, passed through i18n
26
+ * @param string $url URL for the button
27
+ */
28
+function showHTML(string $title, string $button, string $url) {
29
+    global $SETTINGS, $SECURE_NONCE, $Strings;
18 30
     ?>
19 31
     <!DOCTYPE html>
20 32
     <meta charset="UTF-8">
@@ -26,8 +38,20 @@ if (!empty($_GET['logout'])) {
26 38
     <link rel="icon" href="static/img/logo.svg">
27 39
 
28 40
     <link href="static/css/bootstrap.min.css" rel="stylesheet">
29
-    <link href="static/css/svg-with-js.min.css" rel="stylesheet">
30
-    <link href="static/css/login.css" rel="stylesheet">
41
+    <style nonce="<?php echo $SECURE_NONCE; ?>">
42
+        .display-5 {
43
+            font-size: 2.5rem;
44
+            font-weight: 300;
45
+            line-height: 1.2;
46
+        }
47
+
48
+        .banner-image {
49
+            max-height: 100px;
50
+            margin: 2em auto;
51
+            border: 1px solid grey;
52
+            border-radius: 15%;
53
+        }
54
+    </style>
31 55
 
32 56
     <div class="container mt-4">
33 57
         <div class="row justify-content-center">
@@ -36,24 +60,25 @@ if (!empty($_GET['logout'])) {
36 60
             </div>
37 61
 
38 62
             <div class="col-12 text-center">
39
-                <h1 class="display-5 mb-4"><?php $Strings->get("You have been logged out.") ?></h1>
63
+                <h1 class="display-5 mb-4"><?php $Strings->get($title); ?></h1>
40 64
             </div>
41 65
 
42 66
             <div class="col-12 col-sm-8 col-lg-6">
43 67
                 <div class="card mt-4">
44 68
                     <div class="card-body">
45
-                        <a href="./index.php" class="btn btn-primary btn-block"><?php $Strings->get("Log in again"); ?></a>
69
+                        <a href="<?php echo $url; ?>" class="btn btn-primary btn-block"><?php $Strings->get($button); ?></a>
46 70
                     </div>
47 71
                 </div>
48 72
             </div>
49 73
         </div>
50 74
     </div>
51
-
52
-    <script src="static/js/fontawesome-all.min.js"></script>
53 75
     <?php
54
-    die();
55 76
 }
56 77
 
78
+if (!empty($_GET['logout'])) {
79
+    showHTML("You have been logged out.", "Log in again", "./index.php");
80
+    die();
81
+}
57 82
 if (empty($_SESSION["login_code"])) {
58 83
     $redirecttologin = true;
59 84
 } else {
@@ -64,7 +89,8 @@ if (empty($_SESSION["login_code"])) {
64 89
         Session::start($user);
65 90
         $_SESSION["login_code"] = null;
66 91
         header('Location: app.php');
67
-        die("Logged in, go to app.php");
92
+        showHTML("Logged in", "Continue", "./app.php");
93
+        die();
68 94
     } catch (Exception $ex) {
69 95
         $redirecttologin = true;
70 96
     }
@@ -76,8 +102,12 @@ if ($redirecttologin) {
76 102
 
77 103
         $_SESSION["login_code"] = $code;
78 104
 
79
-        header("Location: ./login/?code=" . htmlentities($code) . "&redirect=" . htmlentities($_SERVER["REQUEST_URI"]));
105
+        $loginurl = "./login/?code=" . htmlentities($code) . "&redirect=" . htmlentities($_SERVER["REQUEST_URI"]);
106
+
107
+        header("Location: $loginurl");
108
+        showHTML("Continue", "Continue", $loginurl);
109
+        die();
80 110
     } catch (Exception $ex) {
81 111
         sendError($ex->getMessage());
82 112
     }
83
-}
113
+}

+ 1
- 20
langs/en/core.json View File

@@ -1,26 +1,7 @@
1 1
 {
2
-    "sign in": "Sign In",
3
-    "username": "Username",
4
-    "password": "Password",
5
-    "continue": "Continue",
6
-    "authcode": "Authentication code",
7
-    "2fa prompt": "Enter the six-digit code from your mobile authenticator app.",
8
-    "2fa incorrect": "Authentication code incorrect.",
9
-    "login incorrect": "Login incorrect.",
10
-    "login server unavailable": "Login server unavailable.  Try again later or contact technical support.",
11
-    "account locked": "This account has been disabled. Contact technical support.",
12
-    "password expired": "You must change your password before continuing.",
13
-    "account terminated": "Account terminated.  Access denied.",
14
-    "account state error": "Your account state is not stable.  Log out, restart your browser, and try again.",
15
-    "welcome user": "Welcome, {user}!",
16 2
     "sign out": "Sign out",
17 3
     "404 error": "404 Error",
18 4
     "page not found": "Page not found.",
19 5
     "invalid parameters": "Invalid request parameters.",
20
-    "login server error": "The login server returned an error: {arg}",
21
-    "login server user data error": "The login server refused to provide account information.  Try again or contact technical support.",
22
-    "captcha error": "There was a problem with the CAPTCHA (robot test).  Try again.",
23
-    "no access permission": "You do not have permission to access this system.",
24
-    "generic op error": "An unknown error occurred.  Try again later.",
25
-    "home": "Home"
6
+    "login server error": "The login server returned an error: {arg}"
26 7
 }

+ 7
- 0
langs/en/index.json View File

@@ -0,0 +1,7 @@
1
+{
2
+    "You have been logged out.": "You have been logged out.",
3
+    "Log in again": "Log in again",
4
+    "login server unavailable": "Login server unavailable.  Try again later or contact technical support.",
5
+    "no access permission": "You do not have permission to access this system.",
6
+    "Logged in": "Logged in"
7
+}

+ 14
- 1
langs/en/login.json View File

@@ -8,5 +8,18 @@
8 8
     "Current password for {user}": "Current password for {user}",
9 9
     "New password": "New password",
10 10
     "New password (again)": "New password (again)",
11
-    "Fill in all three boxes.": "Fill in all three boxes."
11
+    "Fill in all three boxes.": "Fill in all three boxes.",
12
+    "sign in": "Sign In",
13
+    "username": "Username",
14
+    "password": "Password",
15
+    "continue": "Continue",
16
+    "authcode": "Authentication code",
17
+    "2fa prompt": "Enter the six-digit code from your mobile authenticator app.",
18
+    "2fa incorrect": "Authentication code incorrect.",
19
+    "login incorrect": "Login incorrect.",
20
+    "login server unavailable": "Login server unavailable.  Try again later or contact technical support.",
21
+    "account locked": "This account has been disabled. Contact technical support.",
22
+    "password expired": "You must change your password before continuing.",
23
+    "account terminated": "Account terminated.  Access denied.",
24
+    "account state error": "Your account state is not stable.  Log out, restart your browser, and try again."
12 25
 }

+ 4
- 5
required.php View File

@@ -33,7 +33,6 @@ session_start(); // stick some cookies in it
33 33
 // renew session cookie
34 34
 setcookie(session_name(), session_id(), time() + $session_length, "/", false, false);
35 35
 
36
-$captcha_server = ($SETTINGS['captcha']['enabled'] === true ? preg_replace("/http(s)?:\/\//", "", $SETTINGS['captcha']['server']) : "");
37 36
 if ($_SESSION['mobile'] === TRUE) {
38 37
     header("Content-Security-Policy: "
39 38
             . "default-src 'self';"
@@ -43,8 +42,8 @@ if ($_SESSION['mobile'] === TRUE) {
43 42
             . "frame-src 'none'; "
44 43
             . "font-src 'self'; "
45 44
             . "connect-src *; "
46
-            . "style-src 'self' 'unsafe-inline' $captcha_server; "
47
-            . "script-src 'self' 'unsafe-inline' $captcha_server");
45
+            . "style-src 'self' 'unsafe-inline'; "
46
+            . "script-src 'self' 'unsafe-inline'");
48 47
 } else {
49 48
     header("Content-Security-Policy: "
50 49
             . "default-src 'self';"
@@ -54,8 +53,8 @@ if ($_SESSION['mobile'] === TRUE) {
54 53
             . "frame-src 'none'; "
55 54
             . "font-src 'self'; "
56 55
             . "connect-src *; "
57
-            . "style-src 'self' 'nonce-$SECURE_NONCE' $captcha_server; "
58
-            . "script-src 'self' 'nonce-$SECURE_NONCE' $captcha_server");
56
+            . "style-src 'self' 'nonce-$SECURE_NONCE'; "
57
+            . "script-src 'self' 'nonce-$SECURE_NONCE'");
59 58
 }
60 59
 
61 60
 //

+ 0
- 15
static/css/index.css View File

@@ -1,15 +0,0 @@
1
-/* This Source Code Form is subject to the terms of the Mozilla Public
2
- * License, v. 2.0. If a copy of the MPL was not distributed with this
3
- * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
4
-
5
-.banner-image {
6
-    max-height: 100px;
7
-    margin: 2em auto;
8
-    border: 1px solid grey;
9
-    border-radius: 15%;
10
-}
11
-
12
-.footer {
13
-    margin-top: 10em;
14
-    text-align: center;
15
-}

Loading…
Cancel
Save