Commit f0bc2231 authored by ale's avatar ale

Make account recovery URL configurable

parent f144f4dc
Pipeline #1618 passed with stages
in 1 minute and 46 seconds
......@@ -1173,13 +1173,15 @@ var _templatesLogin_passwordHtml = []byte(`{{template "header" .}}
<input type="password" name="password" id="inputPassword"
class="form-control" placeholder="Password" required>
{{if .AccountRecoveryURL}}
<p>
<small>
<a href="/recovery">
<a href="{{.AccountRecoveryURL}}">
Forgot your password?
</a>
</small>
</p>
{{end}}
<button type="submit" class="btn btn-lg btn-primary btn-block">Login</button>
......@@ -1198,7 +1200,7 @@ func templatesLogin_passwordHtml() (*asset, error) {
return nil, err
}
info := bindataFileInfo{name: "templates/login_password.html", size: 1088, mode: os.FileMode(420), modTime: time.Unix(1541234797, 0)}
info := bindataFileInfo{name: "templates/login_password.html", size: 1149, mode: os.FileMode(420), modTime: time.Unix(1542882702, 0)}
a := &asset{bytes: bytes, info: info}
return a, nil
}
......
......@@ -39,6 +39,7 @@ type Config struct {
DeviceManager *device.Config `yaml:"device_manager"`
KeyStore *clientutil.BackendConfig `yaml:"keystore"`
KeyStoreEnableGroups []string `yaml:"keystore_enable_groups"`
AccountRecoveryURL string `yaml:"account_recovery_url"`
allowedServicesRx []*regexp.Regexp
}
......
......@@ -143,7 +143,9 @@ func New(loginService *LoginService, authClient authclient.Client, config *Confi
if err != nil {
return nil, err
}
s.loginHandler = newLoginHandler(s.loginCallback, devMgr, authClient, config.AuthService, config.U2FAppID, config.URLPrefix, s.tpl, sessionSecrets...)
s.loginHandler = newLoginHandler(s.loginCallback, devMgr, authClient,
config.AuthService, config.U2FAppID, config.URLPrefix, config.AccountRecoveryURL,
s.tpl, sessionSecrets...)
return s, nil
}
......
......@@ -72,19 +72,20 @@ func init() {
type loginCallbackFunc func(http.ResponseWriter, *http.Request, string, string, *auth.UserInfo) error
type loginHandler struct {
authClient authclient.Client
authService string
u2fAppID string
urlPrefix string
devMgr *device.Manager
loginCallback loginCallbackFunc
loginSessionStore sessions.Store
tpl *template.Template
authClient authclient.Client
authService string
u2fAppID string
urlPrefix string
devMgr *device.Manager
loginCallback loginCallbackFunc
loginSessionStore sessions.Store
tpl *template.Template
accountRecoveryURL string
}
// NewLoginHandler will wrap an http.Handler with the login workflow,
// invoking it only on successful login.
func newLoginHandler(okHandler loginCallbackFunc, devMgr *device.Manager, authClient authclient.Client, authService, u2fAppID, urlPrefix string, tpl *template.Template, keyPairs ...[]byte) *loginHandler {
func newLoginHandler(okHandler loginCallbackFunc, devMgr *device.Manager, authClient authclient.Client, authService, u2fAppID, urlPrefix, accountRecoveryURL string, tpl *template.Template, keyPairs ...[]byte) *loginHandler {
store := sessions.NewCookieStore(keyPairs...)
store.Options = &sessions.Options{
HttpOnly: true,
......@@ -92,14 +93,15 @@ func newLoginHandler(okHandler loginCallbackFunc, devMgr *device.Manager, authCl
MaxAge: 0,
}
return &loginHandler{
authClient: authClient,
authService: authService,
u2fAppID: u2fAppID,
urlPrefix: strings.TrimRight(urlPrefix, "/"),
devMgr: devMgr,
loginCallback: okHandler,
loginSessionStore: store,
tpl: parseEmbeddedTemplates(),
authClient: authClient,
authService: authService,
u2fAppID: u2fAppID,
urlPrefix: strings.TrimRight(urlPrefix, "/"),
devMgr: devMgr,
loginCallback: okHandler,
loginSessionStore: store,
accountRecoveryURL: accountRecoveryURL,
tpl: parseEmbeddedTemplates(),
}
}
......@@ -334,6 +336,7 @@ func (l *loginHandler) makeLoginURL(req *http.Request) string {
func (l *loginHandler) executeTemplateToBuffer(req *http.Request, templateName string, data map[string]interface{}) (loginState, []byte, error) {
data["CSRFField"] = csrf.TemplateField(req)
data["URLPrefix"] = l.urlPrefix
data["AccountRecoveryURL"] = l.accountRecoveryURL
var buf bytes.Buffer
if err := l.tpl.ExecuteTemplate(&buf, templateName, data); err != nil {
return loginStateNone, nil, err
......
......@@ -28,13 +28,15 @@
<input type="password" name="password" id="inputPassword"
class="form-control" placeholder="Password" required>
{{if .AccountRecoveryURL}}
<p>
<small>
<a href="/recovery">
<a href="{{.AccountRecoveryURL}}">
Forgot your password?
</a>
</small>
</p>
{{end}}
<button type="submit" class="btn btn-lg btn-primary btn-block">Login</button>
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment