ma27/hydra
0
0
Fork 0
forked from lix-project/hydra
Code Pull requests Activity

Remove Persona support

Browse source 
Persona is no longer supported by Mozilla, so let's remove it.
This commit is contained in:
Eelco Dolstra 2016-10-20 14:14:04 +02:00
parent e0b2921ff2
commit bbe45ed844
7 changed files with 14 additions and 71 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
src/lib/Hydra/Controller/Root.pm
View file

@ -18,8 +18,7 @@ __PACKAGE__->config->{namespace} = '';
sub noLoginNeeded { sub noLoginNeeded {
my ($c) = @_; my ($c) = @_;
return $c->request->path eq "persona-login" || return $c->request->path eq "google-login" ||
$c->request->path eq "google-login" ||
$c->request->path eq "login" || $c->request->path eq "login" ||
$c->request->path eq "logo" || $c->request->path eq "logo" ||
$c->request->path =~ /^static\//; $c->request->path =~ /^static\//;

29
src/lib/Hydra/Controller/User.pm
View file

@ -54,10 +54,10 @@ sub doEmailLogin {
# in URLs. # in URLs.
die "Illegal email address.\n" unless $email =~ /^[a-zA-Z0-9\.\-\_]+@[a-zA-Z0-9\.\-\_]+$/; die "Illegal email address.\n" unless $email =~ /^[a-zA-Z0-9\.\-\_]+@[a-zA-Z0-9\.\-\_]+$/;
# If persona_allowed_domains is set, check if the email address # If allowed_domains is set, check if the email address
# returned is on these domains. When not configured, allow all # returned is on these domains. When not configured, allow all
# domains. # domains.
my $allowed_domains = $c->config->{persona_allowed_domains} || ""; my $allowed_domains = $c->config->{allowed_domains} // ($c->config->{persona_allowed_domains} // "");
if ($allowed_domains ne "") { if ($allowed_domains ne "") {
my $email_ok = 0; my $email_ok = 0;
my @domains = split ',', $allowed_domains; my @domains = split ',', $allowed_domains;
@ -73,7 +73,7 @@ sub doEmailLogin {
my $user = $c->find_user({ username => $email }); my $user = $c->find_user({ username => $email });
if ($user) { if ($user) {
# Automatically upgrade Persona accounts to Google accounts. # Automatically upgrade legacy Persona accounts to Google accounts.
if ($user->type eq "persona" && $type eq "google") { if ($user->type eq "persona" && $type eq "google") {
$user->update({type => "google"}); $user->update({type => "google"});
} }
@ -97,29 +97,6 @@ sub doEmailLogin {
} }
sub persona_login :Path('/persona-login') Args(0) {
my ($self, $c) = @_;
requirePost($c);
error($c, "Logging in via Persona is not enabled.") unless $c->config->{enable_persona};
my $assertion = $c->stash->{params}->{assertion} or die;
my $ua = new LWP::UserAgent;
my $response = $ua->post(
'https://verifier.login.persona.org/verify',
{ assertion => $assertion,
audience => $c->uri_for('/')
});
error($c, "Did not get a response from Persona.") unless $response->is_success;
my $d = decode_json($response->decoded_content) or die;
error($c, "Persona says: $d->{reason}") if $d->{status} ne "okay";
doEmailLogin($self, $c, "persona", $d->{email}, undef);
}
sub google_login :Path('/google-login') Args(0) { sub google_login :Path('/google-login') Args(0) {
my ($self, $c) = @_; my ($self, $c) = @_;
requirePost($c); requirePost($c);

28
src/root/auth.tt
View file

@ -4,10 +4,6 @@
<script src="https://apis.google.com/js/platform.js" async="1" defer="1"></script> <script src="https://apis.google.com/js/platform.js" async="1" defer="1"></script>
[% END %] [% END %]
[% IF c.user.type == 'persona' %]
<script src="https://login.persona.org/include.js"></script>
[% END %]
<script> <script>
function finishSignOut() { function finishSignOut() {
$.post("[% c.uri_for('/logout') %]") $.post("[% c.uri_for('/logout') %]")
@ -77,9 +73,6 @@
[% IF c.config.enable_google_login %] [% IF c.config.enable_google_login %]
$.getScript("https://apis.google.com/js/platform.js"); $.getScript("https://apis.google.com/js/platform.js");
[% END %] [% END %]
[% IF c.config.enable_persona %]
$.getScript("https://login.persona.org/include.js");
[% END %]
}); });
</script> </script>
@ -104,25 +97,4 @@
</script> </script>
[% END %] [% END %]
[% IF c.config.enable_persona %]
<script>
$("#persona-signin").click(function() {
navigator.id.watch({
onlogin: function(assertion) {
requestJSON({
url: "[% c.uri_for('/persona-login') %]",
data: "assertion=" + assertion,
type: 'POST',
success: function(data) { window.location.reload(); },
postError: function() { navigator.id.logout(); }
});
}
});
navigator.id.request({ siteName: 'Hydra' });
});
</script>
[% END %]
[% END %] [% END %]

3
src/root/layout.tt
View file

@ -104,8 +104,7 @@
<em><a href="http://nixos.org/hydra" target="_blank">Hydra</a> [% HTML.escape(version) %] (using [% HTML.escape(nixVersion) %]).</em> <em><a href="http://nixos.org/hydra" target="_blank">Hydra</a> [% HTML.escape(version) %] (using [% HTML.escape(nixVersion) %]).</em>
[% IF c.user_exists %] [% IF c.user_exists %]
You are signed in as <tt>[% HTML.escape(c.user.username) %]</tt> You are signed in as <tt>[% HTML.escape(c.user.username) %]</tt>
[%- IF c.user.type == 'persona' %] via Persona [%- IF c.user.type == 'google' %] via Google[% END %].
[%- ELSIF c.user.type == 'google' %] via Google[% END %].
[% END %] [% END %]
</small> </small>
</footer> </footer>

4
src/root/topbar.tt
View file

@ -136,10 +136,6 @@
<li><a href="#" id="google-signin">Sign in with Google</a></li> <li><a href="#" id="google-signin">Sign in with Google</a></li>
<li class="divider"></li> <li class="divider"></li>
[% END %] [% END %]
[% IF c.config.enable_persona %]
<li><a href="#" id="persona-signin">Sign in with Persona</a></li>
<li class="divider"></li>
[% END %]
<li> <li>
<a href="#hydra-signin" data-toggle="modal">Sign in with a Hydra account</a> <a href="#hydra-signin" data-toggle="modal">Sign in with a Hydra account</a>
</li> </li>

16
src/script/hydra-create-user
View file

@ -11,7 +11,7 @@ sub showHelp {
print <<EOF; print <<EOF;
Usage: $0 NAME Usage: $0 NAME
[--rename-from NAME] [--rename-from NAME]
[--type hydra|persona] [--type hydra|google]
[--full-name FULLNAME] [--full-name FULLNAME]
[--email-address EMAIL-ADDRESS] [--email-address EMAIL-ADDRESS]
[--password PASSWORD] [--password PASSWORD]
@ -47,8 +47,8 @@ GetOptions("rename-from=s" => \$renameFrom,
die "$0: one user name required\n" if scalar @ARGV != 1; die "$0: one user name required\n" if scalar @ARGV != 1;
my $userName = $ARGV[0]; my $userName = $ARGV[0];
die "$0: type must be `hydra' or `persona'\n" die "$0: type must be `hydra' or `google'\n"
if defined $type && $type ne "hydra" && $type ne "persona"; if defined $type && $type ne "hydra" && $type ne "google";
my $db = Hydra::Model::DB->new(); my $db = Hydra::Model::DB->new();
@ -65,17 +65,17 @@ txn_do($db, sub {
{ username => $userName, type => "hydra", emailaddress => "", password => "!" }); { username => $userName, type => "hydra", emailaddress => "", password => "!" });
} }
die "$0: Persona user names must be email addresses\n" die "$0: Google user names must be email addresses\n"
if $user->type eq "persona" && $userName !~ /\@/; if $user->type eq "google" && $userName !~ /\@/;
$user->update({ type => $type }) if defined $type; $user->update({ type => $type }) if defined $type;
$user->update({ fullname => $fullName eq "" ? undef : $fullName }) if defined $fullName; $user->update({ fullname => $fullName eq "" ? undef : $fullName }) if defined $fullName;
if ($user->type eq "persona") { if ($user->type eq "google") {
die "$0: Persona accounts do not have an explicitly set email address.\n" die "$0: Google accounts do not have an explicitly set email address.\n"
if defined $emailAddress; if defined $emailAddress;
die "$0: Persona accounts do not have a password.\n" die "$0: Google accounts do not have a password.\n"
if defined $password; if defined $password;
$user->update({ emailaddress => $userName, password => "!" }); $user->update({ emailaddress => $userName, password => "!" });
} else { } else {

2
src/sql/hydra.sql
View file

@ -10,7 +10,7 @@ create table Users (
emailAddress text not null, emailAddress text not null,
password text not null, -- sha256 hash password text not null, -- sha256 hash
emailOnError integer not null default 0, emailOnError integer not null default 0,
type text not null default 'hydra', -- either "hydra" or "persona" type text not null default 'hydra', -- either "hydra" or "google"
publicDashboard boolean not null default false publicDashboard boolean not null default false
); );