⌈⌋ branch:  freshcode

Artifact [344c5fdc82]

Artifact 344c5fdc82a35e474f849c85ca2006f1a133cb05:

  • File page_login.php — part of check-in [e56e768074] at 2021-04-05 06:20:51 on branch trunk — Add background image for IndieAuth logon button, remove some debug messages. (user: mario size: 4125)

 * api: freshcode
 * type: intercept
 * title: OpenID + PW login
 * description: Login page shows up for authorization-required sections (e.g. /submit)
 * version: 0.6
 * Presents a login box, starts the OpenID auth process.
 * Has some JS default links for a few identity providers.
 * Also provides a /logout button now.
 * Alternatively allows a password. Note that this is
 * kept plain in the session, but hashed in per-project
 * `lock` entries later.

// initiate verification
if ($_POST->has("initiate_indieauth")) {
    # should be done at this point
elseif ($_POST->has("login_url")) {

    try {
        $openid = new LightOpenID(HTTP_HOST);
        $openid->verify_peer = false;
        $openid->identity = $_POST->uri["login_url"];
        $openid->optional = array("namePerson/friendly");
        exit(header("Location: " . $openid->authUrl()));
    catch (ErrorException $e) {
        $error = $e->getMessage();
elseif ($_REQUEST->has("set_password")) {
    $_SESSION["password"] = $_REQUEST->ascii->nocontrol->trim["set_password"];
$pw_placeholder = !empty($_SESSION["password"]) ? "remembered" : "...";

// else
?> <section id=main class=container-width><div style="width: 70%"><?php

// display login form
if (empty($_SESSION["openid"])) {
    $h_password = htmlspecialchars($_SESSION["password"]);


    <p>Use your <a href="https://indielogin.com/">IndieAuth</a> (or OpenID) address.</p>

     <form action="" method=POST class="login box">
       <input type=url id=login_url name=login_url size=50 value="" placeholder="https://name.example.net/">
       <input type=password style=display:none value=dummy>
       <input type=submit name=initiate_indieauth value=IndieAuth>
       <input type=submit name=initiate_openid value=OpenID>
       <span class="service-logins">
          Or use your <a onclick="$('#login_url').val('http://me.yahoo.com/#yourname').focus().prop({selectionStart:21, selectionEnd:29});">Yahoo</a> | <br>
                <a onclick="$('#login_url').val('http://launchpad.net/~yourname').focus().prop({selectionStart:22, selectionEnd:30});">Launchpad</a> login
    <p>There are intentionally no user accounts on freshcode.club,
    but this prerequisite also helps eschew spam submissions.</p>
    <p>Or alternatively a per-project password.</p>
     <form action="" method=POST class="login box" style="background: #dde; border-color: #99b;">
       <input type=text id=login_pw name=set_password size=20 value="{$h_password}" placeholder="{$pw_placeholder}">
       <input type=submit value=Save>
       <small>Write it down somewhere! And use "<u class=action>lock</u>" within the submit form to apply it.</small>
    <p style="color:#bbb">Logins may fail if you specified a raw password
    instead of an hash for the `lock` field.  Don't worry, such plain text
    passwords will be reencrypted twice per day.  So please just try later. 
    -- If your login using an OpenID fails, please take care to add or
    remove the trailing `/` slash.  Matching is rather strict and doesn't
    check for IRL equivalence at the moment.  -- If everything else fails,
    please just send a mail to info@…</p>


// drop relevant session data
elseif ($_REQUEST->id["name"] == "logout") {
    $_SESSION["openid"] = "";
    $_SESSION["user"] = "";
    print "<h3>Signed out</h3>";

// a previous login was already successful
else {

    print "<h3>Already logged in</h3>";
    print isset($login_hint)
        ? "<p>$login_hint</p>"
        : "<p>You have associated an IndieAuth/OpenID handle (<var>$_SESSION[openid]</var>).
           <form action='/login/logout' method=POST><button>Logout</button></form></p>";