Commit Graph

327 Commits

Author SHA1 Message Date
Evan Prodromou
be3a44651c implement rememberme functionality
Added a checkbox on login or register to remember the current user. If
the login is successful, this sets a cookie with a random code (saved
in the DB). If they come back, and they aren't logged in "normally",
we check to see if they have a rememberme cookie. If so, we log them
in.

However, they can't change settings -- cookie theft is too prevalent.
So we mark a session as having a "real" (password or OpenID) login, or
not. In settings pages, we check to see if the login is "real", and if
not, we redirect to the login page.

darcs-hash:20080624025234-34904-ad20001bf35bf41fcb63a0c357fd929aacc55fdb.gz
2008-06-23 22:52:34 -04:00
Evan Prodromou
e330eb50d2 more robust handling of new JIDs
darcs-hash:20080624015616-34904-c1ff985257c8c57aacf68439488d628a8b4d2e38.gz
2008-06-23 21:56:16 -04:00
Evan Prodromou
960a092a9c don't validate email if none provided
darcs-hash:20080624014642-34904-7d4b1b91a3163add6a99146f92360913e172a39a.gz
2008-06-23 21:46:42 -04:00
Evan Prodromou
a8a2f40696 broadcast notices to jabber
darcs-hash:20080624014241-34904-39ace8e82e50e5f50c5980b5fb3256184a7c9050.gz
2008-06-23 21:42:41 -04:00
Evan Prodromou
d1e55b3777 jabber send and confirmation code
darcs-hash:20080624013203-34904-fe87dc6b3b991e9753512b8b7cc192f7610eb1dc.gz
2008-06-23 21:32:03 -04:00
Evan Prodromou
63dcbe1e6e add jabber library and use it
darcs-hash:20080624001523-34904-8d0c052f12301d86aeb9107149b34f22c94da1c4.gz
2008-06-23 20:15:23 -04:00
Evan Prodromou
ae40dfe842 add imsettings to menu
darcs-hash:20080623223641-34904-2758e19c70026a0c169e99d86481d87b0b4bc79c.gz
2008-06-23 18:36:41 -04:00
Evan Prodromou
1899d09cd1 forgot to return on invalid nickname
darcs-hash:20080622181550-34904-7970919db30ccfc3979fa6c118c29af9eac0c550.gz
2008-06-22 14:15:50 -04:00
Evan Prodromou
d758c11784 disallow nicknames on a blacklist
darcs-hash:20080622180437-34904-4b6313f6fd8845232031663c5c2df00dff725183.gz
2008-06-22 14:04:37 -04:00
Evan Prodromou
b4d8bbdad7 allow blank email address (I think)
darcs-hash:20080622165453-34904-a3bdd2557622e6db3aef88371c22586e2d2fed07.gz
2008-06-22 12:54:53 -04:00
Evan Prodromou
29014487d7 UNDO: move profile update to front
darcs-hash:20080622164928-34904-04e381d2ac562a31fb3ed3dce300e2c2c456b0d7.gz
2008-06-22 12:49:28 -04:00
Evan Prodromou
c1a5e54e67 move profile update to front
darcs-hash:20080622164928-34904-77df2f698c617e2788cc0db2d902238a5dd522d1.gz
2008-06-22 12:49:28 -04:00
Evan Prodromou
71456d596a debugging for profile update
darcs-hash:20080622164542-34904-e6945828677580ee30b5fb85101928633708f605.gz
2008-06-22 12:45:42 -04:00
Evan Prodromou
8a170ed8fd special function for generating confirmation codes
darcs-hash:20080622163241-34904-199b3654328d78c0b9fe2fa85a3ecc1ab0b1262a.gz
2008-06-22 12:32:41 -04:00
Evan Prodromou
1906237ddc confirm address
darcs-hash:20080622161917-34904-32528c78b43d501d5994c4f5c74b977ca4d9c618.gz
2008-06-22 12:19:17 -04:00
Evan Prodromou
ac35bec3ab fix name of class in confirmaddress.php
darcs-hash:20080622161749-34904-eb2e43aaa3f409accd94a2555f854fb22a297db7.gz
2008-06-22 12:17:49 -04:00
Evan Prodromou
4fd1f6246d correctly use Confirm_address
darcs-hash:20080622161607-34904-d8e042b80fe6acd3cb6ad763216a0b1817752cac.gz
2008-06-22 12:16:07 -04:00
Evan Prodromou
97115c846e move confirmemail to confirmaddress
Rename the confirmemail to more general confirmaddress so we can use
it for Jabber, SMS, or whatever.

darcs-hash:20080622155250-34904-0cbc2895c01769dfb5e7393e6534355b6f5c2ac3.gz
2008-06-22 11:52:50 -04:00
Evan Prodromou
0239802682 more debugging
darcs-hash:20080622153754-34904-b722aa6d0ffa52242b06a8eec1eaa5216d216a4f.gz
2008-06-22 11:37:54 -04:00
Evan Prodromou
1cab6c7d50 strcmp for comparison
darcs-hash:20080622153220-34904-119cea6c5dbe20e33569287cf9632c07e9768b10.gz
2008-06-22 11:32:20 -04:00
Evan Prodromou
7bf88079a9 nickname update
darcs-hash:20080622152628-34904-9974209ebe964058d00337bc602ef20c10b83f66.gz
2008-06-22 11:26:28 -04:00
Evan Prodromou
785ea92bb7 better logic in profile settings, missing method in all
darcs-hash:20080622152306-34904-3d3ab7c02c33efac17d02692a10b4fee2fb013f1.gz
2008-06-22 11:23:06 -04:00
Evan Prodromou
acf562b3dd use updateKeys() for updating the user
darcs-hash:20080622151611-34904-1d952df08b5247ab391bb76fd50d7b90498f0c96.gz
2008-06-22 11:16:11 -04:00
Evan Prodromou
e69f28faab add confirm email to profile settings
darcs-hash:20080622142015-34904-00feabce7fe73360319d8a9c1372478879bb203a.gz
2008-06-22 10:20:15 -04:00
Evan Prodromou
745a145f0d add better debugging
darcs-hash:20080622140941-34904-2a0eda21f6a374a9d26107a4bc627fc6de2a7063.gz
2008-06-22 10:09:41 -04:00
Evan Prodromou
676bbebe1a fix url for redirect
darcs-hash:20080620072632-84dde-d1e1b1593a882b6faa4fcd21c36200398ee49286.gz
2008-06-20 03:26:32 -04:00
Evan Prodromou
15a09c5d69 change from using tag uris to http urls for identifiers
Weirdly, I got in an argument with Tim Berners-Lee in #swig about the
tag URIs I was using in FOAF documents. Eventually, I was convinced
that it's a better thing to use HTTP URLs instead. So, now we have
HTTP URLs.

The tricky thing was for users. Since they can change their names, we
can't use their profile URL, since it includes the name. Instead, I
made up a new action, which simply redirects from a user ID to their
current profile URL. This should be sufficiently long-term.

darcs-hash:20080620071700-84dde-c6145243dc45dd2dff621aff421375d05796057e.gz
2008-06-20 03:17:00 -04:00
Evan Prodromou
f72329a13d whitespace and debugging changes
darcs-hash:20080620064824-84dde-1d349cf2add75fbffa7cc763fb5ac8776cce4d03.gz
2008-06-20 02:48:24 -04:00
Evan Prodromou
9277f8da1a correct confirmation code
darcs-hash:20080620062606-84dde-59be3fd35a01d788f3953e2dba70baefefabfb76.gz
2008-06-20 02:26:06 -04:00
Evan Prodromou
74889ec599 correct name for common_good_rand()
darcs-hash:20080620052453-5ed1f-4ce9b677b9010b3879bbae1ba9218036f0ad728f.gz
2008-06-20 01:24:53 -04:00
Evan Prodromou
bf0be3ddb7 confirm email addresses
darcs-hash:20080620051536-5ed1f-231e427832dd20c861eb7a6dc1171315e90f455b.gz
2008-06-20 01:15:36 -04:00
Evan Prodromou
480ca70dc8 try to clear openid url cookie better
darcs-hash:20080619183238-84dde-dbe912a40894ec7414e6d5ea0bc40ec527385436.gz
2008-06-19 14:32:38 -04:00
Evan Prodromou
aabac60b6e push instructions into head and require license
darcs-hash:20080619173225-84dde-d73961d047f75fa1e3ac4287d35e4c6afb391e84.gz
2008-06-19 13:32:25 -04:00
Evan Prodromou
6ef35544b1 common_show_footer() was hidden in an if
darcs-hash:20080619172031-84dde-6b97932d4d51541581c0b220df8ce53cbc51e2da.gz
2008-06-19 13:20:31 -04:00
Evan Prodromou
50c7e4c722 posting from a form takes you back to the same page
darcs-hash:20080619161814-5ed1f-5add55346470e71a53a676d39617062acc0f19bf.gz
2008-06-19 12:18:14 -04:00
Evan Prodromou
912947c690 Don't repeat "Remove OpenID" header
darcs-hash:20080619155154-5ed1f-0bd8ea0c1e7a7ead736483cd516bcf4f999e9deb.gz
2008-06-19 11:51:54 -04:00
Evan Prodromou
d900e125ac had order of arguments for oid_link_user backwards in finishaddopenid
darcs-hash:20080619155042-5ed1f-d814e2ae7f565e7e5cd8c0389071491705117e73.gz
2008-06-19 11:50:42 -04:00
Evan Prodromou
c030c8dbd2 fetch the oid before showing it
darcs-hash:20080619153719-5ed1f-da58c447643d24dbfd9d0076c74d8ce4f57c5be3.gz
2008-06-19 11:37:19 -04:00
Evan Prodromou
fa90195c4d cant remove last openid, public xrds includes immediate
Added a check to make sure the user doesn't remove their last OpenID
if they don't also have a password.

Also, put the finishimmediate URL in the publicxrds so that e.g.
Yahoo! doesn't get snippy.

darcs-hash:20080619153231-5ed1f-a5d784ff39b53afdfb0584689188dd78bdb90c41.gz
2008-06-19 11:32:31 -04:00
Evan Prodromou
26c7d5f04e need a profileurl for new users
darcs-hash:20080619151803-5ed1f-53df3a53f1147233658397c3c6d2cd6a2202b199.gz
2008-06-19 11:18:03 -04:00
Evan Prodromou
08035caa5b refresh the cookie on successful immediate
darcs-hash:20080619140505-84dde-d4006afa9507e29e58115f23c4acc5156a571930.gz
2008-06-19 10:05:05 -04:00
Evan Prodromou
3c32396109 use openid.php functions in finishimmediate
darcs-hash:20080619135603-84dde-1bfd6606f34416eb6f1be4d5c926f6bb198427bd.gz
2008-06-19 09:56:03 -04:00
Evan Prodromou
0ba9948603 move update_user function to openid.php
darcs-hash:20080619135148-84dde-6caaa7f97d2405bc318bfa818c4ac9cbc31cab33.gz
2008-06-19 09:51:48 -04:00
Evan Prodromou
171b4f72ee immediate mode for openid
darcs-hash:20080619134710-84dde-6086a4ac7bbd72a251fe5ce6fe3156e3270ebd74.gz
2008-06-19 09:47:10 -04:00
Evan Prodromou
7258969cd4 use query method to do some transactions
darcs-hash:20080619033619-84dde-e4fcc00f5d86cb0d11feff5f88f719ea72d3318e.gz
2008-06-18 23:36:19 -04:00
Evan Prodromou
4aedce6864 do some commits
darcs-hash:20080619033212-84dde-2f7227fe16c7015b03121424520ebd74d4b96762.gz
2008-06-18 23:32:12 -04:00
Evan Prodromou
e47ba46634 take out check for other user
darcs-hash:20080618210044-84dde-3b064b11117d4c785e4eba7902f1c0298dbbd8a7.gz
2008-06-18 17:00:44 -04:00
Evan Prodromou
6ac185abeb forgot settingsmenu in openidsettings
darcs-hash:20080618204611-84dde-e8de48c6a7213787c09201f4007bfc57064bdeed.gz
2008-06-18 16:46:11 -04:00
Evan Prodromou
4373682489 removed message was slurping in success flag
darcs-hash:20080618204421-84dde-ba5ec861d68adf9179bb3907784156fb404d23ed.gz
2008-06-18 16:44:21 -04:00
Evan Prodromou
03a08efce9 move instructions to top in openid pages
darcs-hash:20080618190202-84dde-20cc79646144076090c36fe25d78f2d0e399d5ad.gz
2008-06-18 15:02:02 -04:00