Merge BusinessAppTemplate

index.php

@@ -13,8 +13,20 @@ if (!empty($_SESSION['loggedin']) && $_SESSION['loggedin'] === true && !isset($_
     die();
 }
 
-if (!empty($_GET['logout'])) {
+
-    // Show a logout message instead of immediately redirecting to login flow
+/**
+ * Show a simple HTML page with a line of text and a button.  Matches the UI of
+ * the AccountHub login flow.
+ *
+ * @global type $SETTINGS
+ * @global type $SECURE_NONCE
+ * @global type $Strings
+ * @param string $title Text to show, passed through i18n
+ * @param string $button Button text, passed through i18n
+ * @param string $url URL for the button
+ */
+function showHTML(string $title, string $button, string $url) {
+    global $SETTINGS, $SECURE_NONCE, $Strings;
     ?>
     <!DOCTYPE html>
     <meta charset="UTF-8">
@@ -26,8 +38,20 @@ if (!empty($_GET['logout'])) {
     <link rel="icon" href="static/img/logo.svg">
 
     <link href="static/css/bootstrap.min.css" rel="stylesheet">
-    <link href="static/css/svg-with-js.min.css" rel="stylesheet">
+    <style nonce="<?php echo $SECURE_NONCE; ?>">
-    <link href="static/css/login.css" rel="stylesheet">
+        .display-5 {
+            font-size: 2.5rem;
+            font-weight: 300;
+            line-height: 1.2;
+        }
+
+        .banner-image {
+            max-height: 100px;
+            margin: 2em auto;
+            border: 1px solid grey;
+            border-radius: 15%;
+        }
+    </style>
 
     <div class="container mt-4">
         <div class="row justify-content-center">
@@ -36,24 +60,25 @@ if (!empty($_GET['logout'])) {
             </div>
 
             <div class="col-12 text-center">
-                <h1 class="display-5 mb-4"><?php $Strings->get("You have been logged out.") ?></h1>
+                <h1 class="display-5 mb-4"><?php $Strings->get($title); ?></h1>
             </div>
 
             <div class="col-12 col-sm-8 col-lg-6">
                 <div class="card mt-4">
                     <div class="card-body">
-                        <a href="./index.php" class="btn btn-primary btn-block"><?php $Strings->get("Log in again"); ?></a>
+                        <a href="<?php echo $url; ?>" class="btn btn-primary btn-block"><?php $Strings->get($button); ?></a>
                     </div>
                 </div>
             </div>
         </div>
     </div>
-
-    <script src="static/js/fontawesome-all.min.js"></script>
     <?php
-    die();
 }
 
+if (!empty($_GET['logout'])) {
+    showHTML("You have been logged out.", "Log in again", "./index.php");
+    die();
+}
 if (empty($_SESSION["login_code"])) {
     $redirecttologin = true;
 } else {
@@ -64,7 +89,8 @@ if (empty($_SESSION["login_code"])) {
         Session::start($user);
         $_SESSION["login_code"] = null;
         header('Location: app.php');
-        die("Logged in, go to app.php");
+        showHTML("Logged in", "Continue", "./app.php");
+        die();
     } catch (Exception $ex) {
         $redirecttologin = true;
     }
@@ -76,8 +102,12 @@ if ($redirecttologin) {
 
         $_SESSION["login_code"] = $code;
 
-        header("Location: ./login/?code=" . htmlentities($code) . "&redirect=" . htmlentities($_SERVER["REQUEST_URI"]));
+        $loginurl = "./login/?code=" . htmlentities($code) . "&redirect=" . htmlentities($_SERVER["REQUEST_URI"]);
+
+        header("Location: $loginurl");
+        showHTML("Continue", "Continue", $loginurl);
+        die();
     } catch (Exception $ex) {
         sendError($ex->getMessage());
     }
-}
+}

langs/en/core.json

@@ -1,26 +1,7 @@
 {
-    "sign in": "Sign In",
-    "username": "Username",
-    "password": "Password",
-    "continue": "Continue",
-    "authcode": "Authentication code",
-    "2fa prompt": "Enter the six-digit code from your mobile authenticator app.",
-    "2fa incorrect": "Authentication code incorrect.",
-    "login incorrect": "Login incorrect.",
-    "login server unavailable": "Login server unavailable.  Try again later or contact technical support.",
-    "account locked": "This account has been disabled. Contact technical support.",
-    "password expired": "You must change your password before continuing.",
-    "account terminated": "Account terminated.  Access denied.",
-    "account state error": "Your account state is not stable.  Log out, restart your browser, and try again.",
-    "welcome user": "Welcome, {user}!",
     "sign out": "Sign out",
     "404 error": "404 Error",
     "page not found": "Page not found.",
     "invalid parameters": "Invalid request parameters.",
-    "login server error": "The login server returned an error: {arg}",
+    "login server error": "The login server returned an error: {arg}"
-    "login server user data error": "The login server refused to provide account information.  Try again or contact technical support.",
-    "captcha error": "There was a problem with the CAPTCHA (robot test).  Try again.",
-    "no access permission": "You do not have permission to access this system.",
-    "generic op error": "An unknown error occurred.  Try again later.",
-    "home": "Home"
 }

langs/en/index.json

@@ -0,0 +1,7 @@
+{
+    "You have been logged out.": "You have been logged out.",
+    "Log in again": "Log in again",
+    "login server unavailable": "Login server unavailable.  Try again later or contact technical support.",
+    "no access permission": "You do not have permission to access this system.",
+    "Logged in": "Logged in"
+}

langs/en/login.json

@@ -8,5 +8,18 @@
     "Current password for {user}": "Current password for {user}",
     "New password": "New password",
     "New password (again)": "New password (again)",
-    "Fill in all three boxes.": "Fill in all three boxes."
+    "Fill in all three boxes.": "Fill in all three boxes.",
+    "sign in": "Sign In",
+    "username": "Username",
+    "password": "Password",
+    "continue": "Continue",
+    "authcode": "Authentication code",
+    "2fa prompt": "Enter the six-digit code from your mobile authenticator app.",
+    "2fa incorrect": "Authentication code incorrect.",
+    "login incorrect": "Login incorrect.",
+    "login server unavailable": "Login server unavailable.  Try again later or contact technical support.",
+    "account locked": "This account has been disabled. Contact technical support.",
+    "password expired": "You must change your password before continuing.",
+    "account terminated": "Account terminated.  Access denied.",
+    "account state error": "Your account state is not stable.  Log out, restart your browser, and try again."
 }

required.php

@@ -33,7 +33,6 @@ session_start(); // stick some cookies in it
 // renew session cookie
 setcookie(session_name(), session_id(), time() + $session_length, "/", false, false);
 
-$captcha_server = ($SETTINGS['captcha']['enabled'] === true ? preg_replace("/http(s)?:\/\//", "", $SETTINGS['captcha']['server']) : "");
 if ($_SESSION['mobile'] === TRUE) {
     header("Content-Security-Policy: "
             . "default-src 'self';"
@@ -43,8 +42,8 @@ if ($_SESSION['mobile'] === TRUE) {
             . "frame-src 'none'; "
             . "font-src 'self'; "
             . "connect-src *; "
-            . "style-src 'self' 'unsafe-inline' $captcha_server; "
+            . "style-src 'self' 'unsafe-inline'; "
-            . "script-src 'self' 'unsafe-inline' $captcha_server");
+            . "script-src 'self' 'unsafe-inline'");
 } else {
     header("Content-Security-Policy: "
             . "default-src 'self';"
@@ -54,8 +53,8 @@ if ($_SESSION['mobile'] === TRUE) {
             . "frame-src 'none'; "
             . "font-src 'self'; "
             . "connect-src *; "
-            . "style-src 'self' 'nonce-$SECURE_NONCE' $captcha_server; "
+            . "style-src 'self' 'nonce-$SECURE_NONCE'; "
-            . "script-src 'self' 'nonce-$SECURE_NONCE' $captcha_server");
+            . "script-src 'self' 'nonce-$SECURE_NONCE'");
 }
 
 //

static/css/index.css

@@ -1,15 +0,0 @@
-/* This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
-
-.banner-image {
-    max-height: 100px;
-    margin: 2em auto;
-    border: 1px solid grey;
-    border-radius: 15%;
-}
-
-.footer {
-    margin-top: 10em;
-    text-align: center;
-}