forked from lix-project/hydra
Remove Persona support
Persona is no longer supported by Mozilla, so let's remove it.
This commit is contained in:
parent
e0b2921ff2
commit
bbe45ed844
|
@ -18,8 +18,7 @@ __PACKAGE__->config->{namespace} = '';
|
|||
sub noLoginNeeded {
|
||||
my ($c) = @_;
|
||||
|
||||
return $c->request->path eq "persona-login" ||
|
||||
$c->request->path eq "google-login" ||
|
||||
return $c->request->path eq "google-login" ||
|
||||
$c->request->path eq "login" ||
|
||||
$c->request->path eq "logo" ||
|
||||
$c->request->path =~ /^static\//;
|
||||
|
|
|
@ -54,10 +54,10 @@ sub doEmailLogin {
|
|||
# in URLs.
|
||||
die "Illegal email address.\n" unless $email =~ /^[a-zA-Z0-9\.\-\_]+@[a-zA-Z0-9\.\-\_]+$/;
|
||||
|
||||
# If persona_allowed_domains is set, check if the email address
|
||||
# If allowed_domains is set, check if the email address
|
||||
# returned is on these domains. When not configured, allow all
|
||||
# domains.
|
||||
my $allowed_domains = $c->config->{persona_allowed_domains} || "";
|
||||
my $allowed_domains = $c->config->{allowed_domains} // ($c->config->{persona_allowed_domains} // "");
|
||||
if ($allowed_domains ne "") {
|
||||
my $email_ok = 0;
|
||||
my @domains = split ',', $allowed_domains;
|
||||
|
@ -73,7 +73,7 @@ sub doEmailLogin {
|
|||
my $user = $c->find_user({ username => $email });
|
||||
|
||||
if ($user) {
|
||||
# Automatically upgrade Persona accounts to Google accounts.
|
||||
# Automatically upgrade legacy Persona accounts to Google accounts.
|
||||
if ($user->type eq "persona" && $type eq "google") {
|
||||
$user->update({type => "google"});
|
||||
}
|
||||
|
@ -97,29 +97,6 @@ sub doEmailLogin {
|
|||
}
|
||||
|
||||
|
||||
sub persona_login :Path('/persona-login') Args(0) {
|
||||
my ($self, $c) = @_;
|
||||
requirePost($c);
|
||||
|
||||
error($c, "Logging in via Persona is not enabled.") unless $c->config->{enable_persona};
|
||||
|
||||
my $assertion = $c->stash->{params}->{assertion} or die;
|
||||
|
||||
my $ua = new LWP::UserAgent;
|
||||
my $response = $ua->post(
|
||||
'https://verifier.login.persona.org/verify',
|
||||
{ assertion => $assertion,
|
||||
audience => $c->uri_for('/')
|
||||
});
|
||||
error($c, "Did not get a response from Persona.") unless $response->is_success;
|
||||
|
||||
my $d = decode_json($response->decoded_content) or die;
|
||||
error($c, "Persona says: $d->{reason}") if $d->{status} ne "okay";
|
||||
|
||||
doEmailLogin($self, $c, "persona", $d->{email}, undef);
|
||||
}
|
||||
|
||||
|
||||
sub google_login :Path('/google-login') Args(0) {
|
||||
my ($self, $c) = @_;
|
||||
requirePost($c);
|
||||
|
|
|
@ -4,10 +4,6 @@
|
|||
<script src="https://apis.google.com/js/platform.js" async="1" defer="1"></script>
|
||||
[% END %]
|
||||
|
||||
[% IF c.user.type == 'persona' %]
|
||||
<script src="https://login.persona.org/include.js"></script>
|
||||
[% END %]
|
||||
|
||||
<script>
|
||||
function finishSignOut() {
|
||||
$.post("[% c.uri_for('/logout') %]")
|
||||
|
@ -77,9 +73,6 @@
|
|||
[% IF c.config.enable_google_login %]
|
||||
$.getScript("https://apis.google.com/js/platform.js");
|
||||
[% END %]
|
||||
[% IF c.config.enable_persona %]
|
||||
$.getScript("https://login.persona.org/include.js");
|
||||
[% END %]
|
||||
});
|
||||
|
||||
</script>
|
||||
|
@ -104,25 +97,4 @@
|
|||
</script>
|
||||
[% END %]
|
||||
|
||||
[% IF c.config.enable_persona %]
|
||||
<script>
|
||||
$("#persona-signin").click(function() {
|
||||
|
||||
navigator.id.watch({
|
||||
onlogin: function(assertion) {
|
||||
requestJSON({
|
||||
url: "[% c.uri_for('/persona-login') %]",
|
||||
data: "assertion=" + assertion,
|
||||
type: 'POST',
|
||||
success: function(data) { window.location.reload(); },
|
||||
postError: function() { navigator.id.logout(); }
|
||||
});
|
||||
}
|
||||
});
|
||||
|
||||
navigator.id.request({ siteName: 'Hydra' });
|
||||
});
|
||||
</script>
|
||||
[% END %]
|
||||
|
||||
[% END %]
|
||||
|
|
|
@ -104,8 +104,7 @@
|
|||
<em><a href="http://nixos.org/hydra" target="_blank">Hydra</a> [% HTML.escape(version) %] (using [% HTML.escape(nixVersion) %]).</em>
|
||||
[% IF c.user_exists %]
|
||||
You are signed in as <tt>[% HTML.escape(c.user.username) %]</tt>
|
||||
[%- IF c.user.type == 'persona' %] via Persona
|
||||
[%- ELSIF c.user.type == 'google' %] via Google[% END %].
|
||||
[%- IF c.user.type == 'google' %] via Google[% END %].
|
||||
[% END %]
|
||||
</small>
|
||||
</footer>
|
||||
|
|
|
@ -136,10 +136,6 @@
|
|||
<li><a href="#" id="google-signin">Sign in with Google</a></li>
|
||||
<li class="divider"></li>
|
||||
[% END %]
|
||||
[% IF c.config.enable_persona %]
|
||||
<li><a href="#" id="persona-signin">Sign in with Persona</a></li>
|
||||
<li class="divider"></li>
|
||||
[% END %]
|
||||
<li>
|
||||
<a href="#hydra-signin" data-toggle="modal">Sign in with a Hydra account</a>
|
||||
</li>
|
||||
|
|
|
@ -11,7 +11,7 @@ sub showHelp {
|
|||
print <<EOF;
|
||||
Usage: $0 NAME
|
||||
[--rename-from NAME]
|
||||
[--type hydra|persona]
|
||||
[--type hydra|google]
|
||||
[--full-name FULLNAME]
|
||||
[--email-address EMAIL-ADDRESS]
|
||||
[--password PASSWORD]
|
||||
|
@ -47,8 +47,8 @@ GetOptions("rename-from=s" => \$renameFrom,
|
|||
die "$0: one user name required\n" if scalar @ARGV != 1;
|
||||
my $userName = $ARGV[0];
|
||||
|
||||
die "$0: type must be `hydra' or `persona'\n"
|
||||
if defined $type && $type ne "hydra" && $type ne "persona";
|
||||
die "$0: type must be `hydra' or `google'\n"
|
||||
if defined $type && $type ne "hydra" && $type ne "google";
|
||||
|
||||
my $db = Hydra::Model::DB->new();
|
||||
|
||||
|
@ -65,17 +65,17 @@ txn_do($db, sub {
|
|||
{ username => $userName, type => "hydra", emailaddress => "", password => "!" });
|
||||
}
|
||||
|
||||
die "$0: Persona user names must be email addresses\n"
|
||||
if $user->type eq "persona" && $userName !~ /\@/;
|
||||
die "$0: Google user names must be email addresses\n"
|
||||
if $user->type eq "google" && $userName !~ /\@/;
|
||||
|
||||
$user->update({ type => $type }) if defined $type;
|
||||
|
||||
$user->update({ fullname => $fullName eq "" ? undef : $fullName }) if defined $fullName;
|
||||
|
||||
if ($user->type eq "persona") {
|
||||
die "$0: Persona accounts do not have an explicitly set email address.\n"
|
||||
if ($user->type eq "google") {
|
||||
die "$0: Google accounts do not have an explicitly set email address.\n"
|
||||
if defined $emailAddress;
|
||||
die "$0: Persona accounts do not have a password.\n"
|
||||
die "$0: Google accounts do not have a password.\n"
|
||||
if defined $password;
|
||||
$user->update({ emailaddress => $userName, password => "!" });
|
||||
} else {
|
||||
|
|
|
@ -10,7 +10,7 @@ create table Users (
|
|||
emailAddress text not null,
|
||||
password text not null, -- sha256 hash
|
||||
emailOnError integer not null default 0,
|
||||
type text not null default 'hydra', -- either "hydra" or "persona"
|
||||
type text not null default 'hydra', -- either "hydra" or "google"
|
||||
publicDashboard boolean not null default false
|
||||
);
|
||||
|
||||
|
|
Loading…
Reference in a new issue