Automatically login to phorkie

diff --git a/data/templates/base.htm b/data/templates/base.htm
index efc9e3b7f92e9b6757ef47a0dbddfc9eecefd9b8..fabfd5213de609fa4cfe4152eafde73966779e90 100644 (file)
--- a/data/templates/base.htm
+++ b/data/templates/base.htm
@@ -95,5 +95,8 @@
    <a href="http://www.gnu.org/licenses/agpl-3.0.html">
     <abbr title="GNU Affero General Public License">AGPL</abbr></a>.
   </div>
+  {% if autologin %}
+  <script src="js/autologin.js"></script>
+  {% endif %}
  </body>
 </html>

diff --git a/src/phorkie/Login/AutologinResponse.php b/src/phorkie/Login/AutologinResponse.php
new file mode 100644 (file)
index 0000000..9384e3b
--- /dev/null
+++ b/src/phorkie/Login/AutologinResponse.php
@@ -0,0 +1,53 @@
+<?php
+namespace phorkie;
+
+class Login_AutologinResponse
+{
+    /**
+     * 'error' or 'ok'
+     *
+     * @var string
+     */
+    public $status;
+
+    /**
+     * Status message
+     *
+     * @var string
+     */
+    public $message;
+
+    public $name;
+    public $identity;
+
+    public function __construct($status = 'error', $message = null)
+    {
+        $this->status  = $status;
+        $this->message = $message;
+    }
+
+    public function send()
+    {
+        if ($this->status == 'error') {
+            //Cookie to prevent trying autologin again and again.
+            // After 1 hour the cookie expires and autologin is tried again.
+            setcookie('tried-autologin', '1', time() + 60 * 60);
+        }
+
+        $data = htmlspecialchars(json_encode($this), ENT_NOQUOTES);
+        header('Content-type: text/html');
+        echo <<<XML
+<html>
+ <head>
+  <title>Autologin response</title>
+  <script type="text/javascript">
+    parent.notifyAutologin($data);
+  </script>
+ </head>
+ <body></body>
+</html>
+
+XML;
+    }
+}
+?>

diff --git a/www/js/autologin.js b/www/js/autologin.js
new file mode 100644 (file)
index 0000000..fbe9898
--- /dev/null
+++ b/www/js/autologin.js
@@ -0,0 +1,39 @@
+jQuery(function($) {
+    document.getElementsByTagName("body")[0]
+        .insertAdjacentHTML(
+            'beforeend',
+            '<iframe id="autologin" src="/login.php?autologin=1"'
+            + ' width="10" height="10" style="display: none"'
+            + '></iframe>'
+        );
+    /*;
+    $.ajax("../login.php?autologin=1")
+        .done(function() {
+            alert("success");
+        })
+        .fail(function() {
+            alert("error");
+        });
+    */
+});
+
+function notifyAutologin(data)
+{
+    if (data.status != 'ok') {
+        return;
+    }
+    document.getElementsByTagName("body")[0]
+        .insertAdjacentHTML(
+            'beforeend',
+            '<div id="autologinnotifier" class="alert alert-success"'
+            + ' style="display: none; position: fixed; top: 0px; left: 0px; width: 100%; text-align: center">'
+            + 'Welcome, ' + data.name + '.'
+            + ' You have been logged in - '
+            + '<a href="#" onclick="document.location.reload();">reload</a> to see it.'
+            + '</div>'
+        );
+    $('#autologinnotifier').click(function(event) {
+        $(this).fadeOut();
+    });
+    $('#autologinnotifier').hide().fadeIn('slow');
+}

diff --git a/www/login.php b/www/login.php
index e141b65b4e8eeeff0bd667cd48d7a5a505cfb86b..2762b4b8753b53bbced3b9efeae6d50de36a6741 100644 (file)
--- a/www/login.php
+++ b/www/login.php
@@ -6,10 +6,27 @@ require_once 'www-header.php';
 if (isset($_REQUEST['logout'])) {
     unset($_SESSION);
     session_destroy();
+    //delete last openid cookie.
+    // if you deliberately log out, you do not want to be logged in
+    // automatically on the next page reload.
+    setcookie('lastopenid', '0', time() - 3600);
+
     header('Location: ' . Tools::fullUrl());
     exit();
 }
 
+$bAutologin = false;
+if (isset($_GET['autologin']) && $_GET['autologin']
+    && isset($_COOKIE['lastopenid'])
+) {
+    $bAutologin = true;
+    // autologin=1: start openid autologin
+    // autologin=2: response from openid server
+    if ($_GET['autologin'] == 1) {
+        $_POST['openid_url'] = $_COOKIE['lastopenid'];
+    }
+}
+
 if (!count($_GET) && !count($_POST)) {
     render(
         'login',
@@ -36,10 +53,13 @@ if (isset($_POST['openid_url'])) {
 
 $realm    = Tools::fullUrl();
 $returnTo = Tools::fullUrl('login');
+if ($bAutologin) {
+    $returnTo = Tools::fullUrl('login?autologin=2');
+}
 
 try {
     $o = new \OpenID_RelyingParty($returnTo, $realm, $openid_url);
-} catch (OpenID_Exception $e) {
+} catch (\OpenID_Exception $e) {
     throw new Exception($e->getMessage());
 }
 
@@ -53,8 +73,23 @@ if (isset($_POST['openid_url'])) {
     $_SESSION['openid_url'] = $openid_url;
     try {
         $authRequest = $o->prepare();
-    } catch (OpenID_Exception $e) {
+        if ($bAutologin) {
+            $authRequest->setMode(\OpenID::MODE_CHECKID_IMMEDIATE);
+        }
+    } catch (\OpenID_Exception $e) {
+        if ($bAutologin) {
+            $alres = new Login_AutologinResponse('error', $e->getMessage());
+            $alres->send();
+            exit(0);
+        }
         throw new Exception($e->getMessage());
+    } catch (\Exception $e) {
+        if ($bAutologin) {
+            $alres = new Login_AutologinResponse('error', $e->getMessage());
+            $alres->send();
+            exit(0);
+        }
+        throw $e;
     }
 
     // SREG
@@ -100,17 +135,33 @@ $id      = $message->get('openid.claimed_id');
 $mode    = $message->get('openid.mode');
 
 try {
-    $result = $o->verify(new \Net_URL2($returnTo . '?' . $queryString), $message);
+    $sep = '?';
+    if (strpos($returnTo, '?') !== false) {
+        $sep = '&';
+    }
+    $result = $o->verify(new \Net_URL2($returnTo . $sep . $queryString), $message);
 
     if ($result->success()) {
         $status  = "<tr><td>Status:</td><td><font color='green'>SUCCESS!";
         $status .= " ({$result->getAssertionMethod()})</font></td></tr>";
     } else {
+        if ($bAutologin) {
+            $alres = new Login_AutologinResponse(
+                'error', 'Error logging in: ' . $result->getAssertionMethod()
+            );
+            $alres->send();
+            exit(0);
+        }
         throw new Exception('Error logging in');
         $status  = "<tr><td>Status:</td><td><font color='red'>FAIL!";
         $status .= " ({$result->getAssertionMethod()})</font></td></tr>";
     }
-} catch (OpenID_Exception $e) {
+} catch (\OpenID_Exception $e) {
+    if ($bAutologin) {
+        $alres = new Login_AutologinResponse('error', $e->getMessage());
+        $alres->send();
+        exit(0);
+    }
     throw new Exception('Error logging in');
     $status  = "<tr><td>Status:</td><td><font color='red'>EXCEPTION!";
     $status .= " ({$e->getMessage()} : {$e->getCode()})</font></td></tr>";
@@ -156,7 +207,17 @@ $name = isset($openid['openid.ax.value.fullname'])
 $_SESSION['name'] = isset($name) ? $name : $_SERVER['REMOTE_ADDR'];
 $_SESSION['identity'] = $openid['openid.identity'];
 
-setcookie('lastopenid', $_SESSION['identity'], time() + 84600 * 60, '/login');
+setcookie('tried-autologin', '0', time() - 3600);//delete
+setcookie('lastopenid', $_SESSION['identity'], time() + 84600 * 60);
+
+if ($bAutologin) {
+    $alres = new Login_AutologinResponse('ok');
+    $alres->name     = $_SESSION['name'];
+    $alres->identity = $_SESSION['identity'];
+    $alres->send();
+    exit(0);
+}
+
 
 $url = '';
 if (isset($_SESSION['REQUEST_URI'])) {

diff --git a/www/www-header.php b/www/www-header.php
index 74329ed6d0da1191fa61969fd29cd36ed974bc44..833fb8a56479a461382dba5983cfe6cfc9495551 100644 (file)
--- a/www/www-header.php
+++ b/www/www-header.php
@@ -105,6 +105,10 @@ function render($tplname, $vars = array())
         $vars['identity'] = $_SESSION['identity'];
         $vars['name'] = $_SESSION['name'];
         $vars['email'] = $_SESSION['email'];
+    } else if (isset($_COOKIE['lastopenid'])
+        && !isset($_COOKIE['tried-autologin'])
+    ) {
+        $vars['autologin'] = true;
     }
     $vars['db'] = new Database();
     if (!isset($vars['htmlhelper'])) {