Business
/
AccountHub
Watch 1
Star 0
Fork 0
Code Issues 3 Pull Requests 0 Releases 7 Wiki Activity
Browse Source

Merge BusinessAppTemplate

master
Skylar Ittner 5 months ago
parent
93098309cb d7ca7125ce
commit
223a431e8b
6 changed files with 68 additions and 53 deletions
Split View Show Diff Stats
  1. 42
    12
      index.php
  2. 1
    20
      langs/en/core.json
  3. 7
    0
      langs/en/index.json
  4. 14
    1
      langs/en/login.json
  5. 4
    5
      required.php
  6. 0
    15
      static/css/index.css

+ 42
- 12
index.php View File 

@@ -13,8 +13,20 @@ if (!empty($_SESSION['loggedin']) && $_SESSION['loggedin'] === true && !isset($_
13 13 
     die();
14 14 
 }
15 15
16 
-if (!empty($_GET['logout'])) {
17 
-    // Show a logout message instead of immediately redirecting to login flow
16 
+
17 
+/**
18 
+ * Show a simple HTML page with a line of text and a button.  Matches the UI of
19 
+ * the AccountHub login flow.
20 
+ *
21 
+ * @global type $SETTINGS
22 
+ * @global type $SECURE_NONCE
23 
+ * @global type $Strings
24 
+ * @param string $title Text to show, passed through i18n
25 
+ * @param string $button Button text, passed through i18n
26 
+ * @param string $url URL for the button
27 
+ */
28 
+function showHTML(string $title, string $button, string $url) {
29 
+    global $SETTINGS, $SECURE_NONCE, $Strings;
18 30 
     ?>
19 31 
     <!DOCTYPE html>
20 32 
     <meta charset="UTF-8">
 
@@ -26,8 +38,20 @@ if (!empty($_GET['logout'])) {
26 38 
     <link rel="icon" href="static/img/logo.svg">
27 39
28 40 
     <link href="static/css/bootstrap.min.css" rel="stylesheet">
29 
-    <link href="static/css/svg-with-js.min.css" rel="stylesheet">
30 
-    <link href="static/css/login.css" rel="stylesheet">
41 
+    <style nonce="<?php echo $SECURE_NONCE; ?>">
42 
+        .display-5 {
43 
+            font-size: 2.5rem;
44 
+            font-weight: 300;
45 
+            line-height: 1.2;
46 
+        }
47 
+
48 
+        .banner-image {
49 
+            max-height: 100px;
50 
+            margin: 2em auto;
51 
+            border: 1px solid grey;
52 
+            border-radius: 15%;
53 
+        }
54 
+    </style>
31 55
32 56 
     <div class="container mt-4">
33 57 
         <div class="row justify-content-center">
 
@@ -36,24 +60,25 @@ if (!empty($_GET['logout'])) {
36 60 
             </div>
37 61
38 62 
             <div class="col-12 text-center">
39 
-                <h1 class="display-5 mb-4"><?php $Strings->get("You have been logged out.") ?></h1>
63 
+                <h1 class="display-5 mb-4"><?php $Strings->get($title); ?></h1>
40 64 
             </div>
41 65
42 66 
             <div class="col-12 col-sm-8 col-lg-6">
43 67 
                 <div class="card mt-4">
44 68 
                     <div class="card-body">
45 
-                        <a href="./index.php" class="btn btn-primary btn-block"><?php $Strings->get("Log in again"); ?></a>
69 
+                        <a href="<?php echo $url; ?>" class="btn btn-primary btn-block"><?php $Strings->get($button); ?></a>
46 70 
                     </div>
47 71 
                 </div>
48 72 
             </div>
49 73 
         </div>
50 74 
     </div>
51 
-
52 
-    <script src="static/js/fontawesome-all.min.js"></script>
53 75 
     <?php
54 
-    die();
55 76 
 }
56 77
78 
+if (!empty($_GET['logout'])) {
79 
+    showHTML("You have been logged out.", "Log in again", "./index.php");
80 
+    die();
81 
+}
57 82 
 if (empty($_SESSION["login_code"])) {
58 83 
     $redirecttologin = true;
59 84 
 } else {
 
@@ -64,7 +89,8 @@ if (empty($_SESSION["login_code"])) {
64 89 
         Session::start($user);
65 90 
         $_SESSION["login_code"] = null;
66 91 
         header('Location: app.php');
67 
-        die("Logged in, go to app.php");
92 
+        showHTML("Logged in", "Continue", "./app.php");
93 
+        die();
68 94 
     } catch (Exception $ex) {
69 95 
         $redirecttologin = true;
70 96 
     }
 
@@ -76,8 +102,12 @@ if ($redirecttologin) {
76 102
77 103 
         $_SESSION["login_code"] = $code;
78 104
79 
-        header("Location: ./login/?code=" . htmlentities($code) . "&redirect=" . htmlentities($_SERVER["REQUEST_URI"]));
105 
+        $loginurl = "./login/?code=" . htmlentities($code) . "&redirect=" . htmlentities($_SERVER["REQUEST_URI"]);
106 
+
107 
+        header("Location: $loginurl");
108 
+        showHTML("Continue", "Continue", $loginurl);
109 
+        die();
80 110 
     } catch (Exception $ex) {
81 111 
         sendError($ex->getMessage());
82 112 
     }
83 
-}
113 
+}

+ 1
- 20
langs/en/core.json View File 

@@ -1,26 +1,7 @@
1 1 
 {
2 
-    "sign in": "Sign In",
3 
-    "username": "Username",
4 
-    "password": "Password",
5 
-    "continue": "Continue",
6 
-    "authcode": "Authentication code",
7 
-    "2fa prompt": "Enter the six-digit code from your mobile authenticator app.",
8 
-    "2fa incorrect": "Authentication code incorrect.",
9 
-    "login incorrect": "Login incorrect.",
10 
-    "login server unavailable": "Login server unavailable.  Try again later or contact technical support.",
11 
-    "account locked": "This account has been disabled. Contact technical support.",
12 
-    "password expired": "You must change your password before continuing.",
13 
-    "account terminated": "Account terminated.  Access denied.",
14 
-    "account state error": "Your account state is not stable.  Log out, restart your browser, and try again.",
15 
-    "welcome user": "Welcome, {user}!",
16 2 
     "sign out": "Sign out",
17 3 
     "404 error": "404 Error",
18 4 
     "page not found": "Page not found.",
19 5 
     "invalid parameters": "Invalid request parameters.",
20 
-    "login server error": "The login server returned an error: {arg}",
21 
-    "login server user data error": "The login server refused to provide account information.  Try again or contact technical support.",
22 
-    "captcha error": "There was a problem with the CAPTCHA (robot test).  Try again.",
23 
-    "no access permission": "You do not have permission to access this system.",
24 
-    "generic op error": "An unknown error occurred.  Try again later.",
25 
-    "home": "Home"
6 
+    "login server error": "The login server returned an error: {arg}"
26 7 
 }

+ 7
- 0
langs/en/index.json View File 

@@ -0,0 +1,7 @@
1 
+{
2 
+    "You have been logged out.": "You have been logged out.",
3 
+    "Log in again": "Log in again",
4 
+    "login server unavailable": "Login server unavailable.  Try again later or contact technical support.",
5 
+    "no access permission": "You do not have permission to access this system.",
6 
+    "Logged in": "Logged in"
7 
+}

+ 14
- 1
langs/en/login.json View File 

@@ -8,5 +8,18 @@
8 8 
     "Current password for {user}": "Current password for {user}",
9 9 
     "New password": "New password",
10 10 
     "New password (again)": "New password (again)",
11 
-    "Fill in all three boxes.": "Fill in all three boxes."
11 
+    "Fill in all three boxes.": "Fill in all three boxes.",
12 
+    "sign in": "Sign In",
13 
+    "username": "Username",
14 
+    "password": "Password",
15 
+    "continue": "Continue",
16 
+    "authcode": "Authentication code",
17 
+    "2fa prompt": "Enter the six-digit code from your mobile authenticator app.",
18 
+    "2fa incorrect": "Authentication code incorrect.",
19 
+    "login incorrect": "Login incorrect.",
20 
+    "login server unavailable": "Login server unavailable.  Try again later or contact technical support.",
21 
+    "account locked": "This account has been disabled. Contact technical support.",
22 
+    "password expired": "You must change your password before continuing.",
23 
+    "account terminated": "Account terminated.  Access denied.",
24 
+    "account state error": "Your account state is not stable.  Log out, restart your browser, and try again."
12 25 
 }

+ 4
- 5
required.php View File 

@@ -33,7 +33,6 @@ session_start(); // stick some cookies in it
33 33 
 // renew session cookie
34 34 
 setcookie(session_name(), session_id(), time() + $session_length, "/", false, false);
35 35
36 
-$captcha_server = ($SETTINGS['captcha']['enabled'] === true ? preg_replace("/http(s)?:\/\//", "", $SETTINGS['captcha']['server']) : "");
37 36 
 if ($_SESSION['mobile'] === TRUE) {
38 37 
     header("Content-Security-Policy: "
39 38 
             . "default-src 'self';"
 
@@ -43,8 +42,8 @@ if ($_SESSION['mobile'] === TRUE) {
43 42 
             . "frame-src 'none'; "
44 43 
             . "font-src 'self'; "
45 44 
             . "connect-src *; "
46 
-            . "style-src 'self' 'unsafe-inline' $captcha_server; "
47 
-            . "script-src 'self' 'unsafe-inline' $captcha_server");
45 
+            . "style-src 'self' 'unsafe-inline'; "
46 
+            . "script-src 'self' 'unsafe-inline'");
48 47 
 } else {
49 48 
     header("Content-Security-Policy: "
50 49 
             . "default-src 'self';"
 
@@ -54,8 +53,8 @@ if ($_SESSION['mobile'] === TRUE) {
54 53 
             . "frame-src 'none'; "
55 54 
             . "font-src 'self'; "
56 55 
             . "connect-src *; "
57 
-            . "style-src 'self' 'nonce-$SECURE_NONCE' $captcha_server; "
58 
-            . "script-src 'self' 'nonce-$SECURE_NONCE' $captcha_server");
56 
+            . "style-src 'self' 'nonce-$SECURE_NONCE'; "
57 
+            . "script-src 'self' 'nonce-$SECURE_NONCE'");
59 58 
 }
60 59
61 60 
 //

+ 0
- 15
static/css/index.css View File 

@@ -1,15 +0,0 @@
1 
-/* This Source Code Form is subject to the terms of the Mozilla Public
2 
- * License, v. 2.0. If a copy of the MPL was not distributed with this
3 
- * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
4 
-
5 
-.banner-image {
6 
-    max-height: 100px;
7 
-    margin: 2em auto;
8 
-    border: 1px solid grey;
9 
-    border-radius: 15%;
10 
-}
11 
-
12 
-.footer {
13 
-    margin-top: 10em;
14 
-    text-align: center;
15 
-}

Write Preview
Loading…
Cancel
Save