Add redirection to set password after login if not set

2018-06-04 18:49:42 +01:00 · 2018-06-04 18:49:42 +01:00 · 8b2018852e
parent 0aeefa2387
commit 8b2018852e
5 changed files with 43 additions and 32 deletions
--- a/app/scss/components.scss
+++ b/app/scss/components.scss
@ -315,6 +315,11 @@ select:not([multiple]) {
 	border: 1px solid #c96;
 }

+.alert-primary {
+	background: #339;
+	border: 1px solid #66a;
+}
+
 .alert-success {
 	background: #161;
 	border: 1px solid #393;
--- a/app/templates/flask_user/login.html
+++ b/app/templates/flask_user/login.html
@ -11,10 +11,6 @@ Sign in
 		<h2>{%trans%}Sign in{%endtrans%}</h2>

 		<form action="" method="POST" class="form box-body" role="form">
-			<h3>Sign in with Github</h3>
-			<p><a class="button" href="{{ url_for('github_signin_page') }}">GitHub</a></p>
-
-
 			<h3>Sign in with username/password</h3>
 			{{ form.hidden_tag() }}

@ -38,17 +34,13 @@ Sign in
 			{# Password field #}
 			{% set field = form.password %}
 			<div class="form-group {% if field.errors %}has-error{% endif %}">
-				{# Label on left, "Forgot your Password?" on right #}
 				<div class="row">
-					<div class="col-xs-6">
-						<label for="{{ field.id }}" class="control-label">{{ field.label.text }}</label>
-					</div>
-					<div class="col-xs-6 text-right">
-						{% if user_manager.enable_forgot_password %}
+					<label for="{{ field.id }}" class="control-label">{{ field.label.text }}
+					{% if user_manager.enable_forgot_password %}
 						<a href="{{ url_for('user.forgot_password') }}" tabindex='195'>
-							{%trans%}Forgot your Password?{%endtrans%}</a>
-							{% endif %}
-					</div>
+							[{%trans%}Forgot My Password{%endtrans%}]</a>
+					{% endif %}
+					</label>
 				</div>
 				{{ field(class_='form-control', tabindex=120) }}
 				{% if field.errors %}
@ -64,7 +56,12 @@ Sign in
 			{% endif %}

 			{# Submit button #}
-			{{ render_submit_field(form.submit, tabindex=180) }}
+			<p>
+				{{ render_submit_field(form.submit, tabindex=180) }}
+			</p>
+
+			<h3>Sign in with Github</h3>
+			<p><a class="button" href="{{ url_for('github_signin_page') }}">GitHub</a></p>
 		</form>
 	</div>

--- a/app/templates/users/set_password.html
+++ b/app/templates/users/set_password.html
@ -5,30 +5,36 @@
 {% endblock %}

 {% block content %}
+
+{% if optional %}
+	<div class="box box_grey alert alert-primary">
+		It is recommended that you set a password for your account.
+
+		<a class="alert_right button" href="{{ url_for('home_page') }}">Skip</a>
+	</div>
+{% endif %}
+
+
 <h1>Set Password</h1>

 {% from "macros/forms.html" import render_field, render_submit_field %}
 <form action="" method="POST" class="form" role="form">
-	<div class="row">
-		<div class="col-sm-6 col-md-5 col-lg-4">
-			{{ form.hidden_tag() }}
+	{{ form.hidden_tag() }}

-			{% if not current_user.email %}
-				{{ render_field(form.email, tabindex=230) }}
+	{% if not current_user.email %}
+		{{ render_field(form.email, tabindex=230) }}

-				<p>
-					Your email is needed to recover your account if you forget your
-					password, and to optionally send notifications.
-					Your email will never be shared to a third-party.
-				</p>
-			{% endif %}
+		<p>
+			Your email is needed to recover your account if you forget your
+			password, and to optionally send notifications.
+			Your email will never be shared to a third-party.
+		</p>
+	{% endif %}

-			{{ render_field(form.password, tabindex=230) }}
-			{{ render_field(form.password2, tabindex=240) }}
+	{{ render_field(form.password, tabindex=230) }}
+	{{ render_field(form.password2, tabindex=240) }}

-			{{ render_submit_field(form.submit, tabindex=280) }}
-		</div>
-	</div>
+	{{ render_submit_field(form.submit, tabindex=280) }}
 </form>

 {% endblock %}
--- a/app/views/githublogin.py
+++ b/app/views/githublogin.py
@ -64,7 +64,10 @@ def github_authorized(oauth_token):
 			flash("Unable to find an account for that Github user", "error")
 			return redirect(url_for("user_claim_page"))
 		elif loginUser(userByGithub):
-			return redirect(next_url or url_for("home_page"))
+			if current_user.password is None:
+				return redirect(next_url or url_for("set_password_page", optional=True))
+			else:
+				return redirect(next_url or url_for("home_page"))
 		else:
 			flash("Authorization failed [err=gh-login-failed]", "danger")
 			return redirect(url_for("user.login"))
--- a/app/views/users.py
+++ b/app/views/users.py
@ -162,7 +162,7 @@ def set_password_page():
 		else:
 			flash("Passwords do not match", "error")

-	return render_template("users/set_password.html", form=form)
+	return render_template("users/set_password.html", form=form, optional=request.args.get("optional"))


@app.route("/user/claim/", methods=["GET", "POST"])