FIX: CSRF token retrieval bug
This commit is contained in:
Robin Ward
parent
50fe117d7c
commit
c4394688de
|
|
@ -31,41 +31,62 @@ Discourse.LoginController = Discourse.Controller.extend(Discourse.ModalFunctiona
|
||||||
return this.get('loggingIn') || this.blank('loginName') || this.blank('loginPassword');
|
return this.get('loggingIn') || this.blank('loginName') || this.blank('loginPassword');
|
||||||
}.property('loginName', 'loginPassword', 'loggingIn'),
|
}.property('loginName', 'loginPassword', 'loggingIn'),
|
||||||
|
|
||||||
login: function() {
|
|
||||||
this.set('loggingIn', true);
|
|
||||||
|
|
||||||
var loginController = this;
|
actions: {
|
||||||
Discourse.ajax("/session", {
|
login: function() {
|
||||||
data: { login: this.get('loginName'), password: this.get('loginPassword') },
|
this.set('loggingIn', true);
|
||||||
type: 'POST'
|
|
||||||
}).then(function (result) {
|
var loginController = this;
|
||||||
// Successful login
|
Discourse.ajax("/session", {
|
||||||
if (result.error) {
|
data: { login: this.get('loginName'), password: this.get('loginPassword') },
|
||||||
loginController.set('loggingIn', false);
|
type: 'POST'
|
||||||
if( result.reason === 'not_activated' ) {
|
}).then(function (result) {
|
||||||
loginController.send('showNotActivated', {
|
// Successful login
|
||||||
username: loginController.get('loginName'),
|
if (result.error) {
|
||||||
sentTo: result.sent_to_email,
|
loginController.set('loggingIn', false);
|
||||||
currentEmail: result.current_email
|
if( result.reason === 'not_activated' ) {
|
||||||
});
|
loginController.send('showNotActivated', {
|
||||||
|
username: loginController.get('loginName'),
|
||||||
|
sentTo: result.sent_to_email,
|
||||||
|
currentEmail: result.current_email
|
||||||
|
});
|
||||||
|
}
|
||||||
|
loginController.flash(result.error, 'error');
|
||||||
|
} else {
|
||||||
|
// Trigger the browser's password manager using the hidden static login form:
|
||||||
|
var $hidden_login_form = $('#hidden-login-form');
|
||||||
|
$hidden_login_form.find('input[name=username]').val(loginController.get('loginName'));
|
||||||
|
$hidden_login_form.find('input[name=password]').val(loginController.get('loginPassword'));
|
||||||
|
$hidden_login_form.find('input[name=redirect]').val(window.location.href);
|
||||||
|
$hidden_login_form.submit();
|
||||||
}
|
}
|
||||||
loginController.flash(result.error, 'error');
|
|
||||||
|
}, function(result) {
|
||||||
|
// Failed to login
|
||||||
|
loginController.flash(I18n.t('login.error'), 'error');
|
||||||
|
loginController.set('loggingIn', false);
|
||||||
|
});
|
||||||
|
|
||||||
|
return false;
|
||||||
|
},
|
||||||
|
|
||||||
|
externalLogin: function(loginMethod){
|
||||||
|
var name = loginMethod.get("name");
|
||||||
|
var customLogin = loginMethod.get("customLogin");
|
||||||
|
|
||||||
|
if(customLogin){
|
||||||
|
customLogin();
|
||||||
} else {
|
} else {
|
||||||
// Trigger the browser's password manager using the hidden static login form:
|
this.set('authenticate', name);
|
||||||
var $hidden_login_form = $('#hidden-login-form');
|
var left = this.get('lastX') - 400;
|
||||||
$hidden_login_form.find('input[name=username]').val(loginController.get('loginName'));
|
var top = this.get('lastY') - 200;
|
||||||
$hidden_login_form.find('input[name=password]').val(loginController.get('loginPassword'));
|
|
||||||
$hidden_login_form.find('input[name=redirect]').val(window.location.href);
|
var height = loginMethod.get("frameHeight") || 400;
|
||||||
$hidden_login_form.submit();
|
var width = loginMethod.get("frameWidth") || 800;
|
||||||
|
window.open(Discourse.getURL("/auth/" + name), "_blank",
|
||||||
|
"menubar=no,status=no,height=" + height + ",width=" + width + ",left=" + left + ",top=" + top);
|
||||||
}
|
}
|
||||||
|
}
|
||||||
}, function(result) {
|
|
||||||
// Failed to login
|
|
||||||
loginController.flash(I18n.t('login.error'), 'error');
|
|
||||||
loginController.set('loggingIn', false);
|
|
||||||
});
|
|
||||||
|
|
||||||
return false;
|
|
||||||
},
|
},
|
||||||
|
|
||||||
authMessage: (function() {
|
authMessage: (function() {
|
||||||
|
|
@ -76,24 +97,6 @@ Discourse.LoginController = Discourse.Controller.extend(Discourse.ModalFunctiona
|
||||||
}
|
}
|
||||||
}).property('authenticate'),
|
}).property('authenticate'),
|
||||||
|
|
||||||
externalLogin: function(loginMethod){
|
|
||||||
var name = loginMethod.get("name");
|
|
||||||
var customLogin = loginMethod.get("customLogin");
|
|
||||||
|
|
||||||
if(customLogin){
|
|
||||||
customLogin();
|
|
||||||
} else {
|
|
||||||
this.set('authenticate', name);
|
|
||||||
var left = this.get('lastX') - 400;
|
|
||||||
var top = this.get('lastY') - 200;
|
|
||||||
|
|
||||||
var height = loginMethod.get("frameHeight") || 400;
|
|
||||||
var width = loginMethod.get("frameWidth") || 800;
|
|
||||||
window.open(Discourse.getURL("/auth/" + name), "_blank",
|
|
||||||
"menubar=no,status=no,height=" + height + ",width=" + width + ",left=" + left + ",top=" + top);
|
|
||||||
}
|
|
||||||
},
|
|
||||||
|
|
||||||
authenticationComplete: function(options) {
|
authenticationComplete: function(options) {
|
||||||
if (options.requires_invite) {
|
if (options.requires_invite) {
|
||||||
this.flash(I18n.t('login.requires_invite'), 'success');
|
this.flash(I18n.t('login.requires_invite'), 'success');
|
||||||
|
|
|
||||||
|
|
@ -83,7 +83,7 @@ Discourse.Ajax = Em.Mixin.create({
|
||||||
return Ember.Deferred.promise(function(promise){
|
return Ember.Deferred.promise(function(promise){
|
||||||
$.ajax(Discourse.getURL('/session/csrf'))
|
$.ajax(Discourse.getURL('/session/csrf'))
|
||||||
.success(function(result){
|
.success(function(result){
|
||||||
Discourse.csrfToken = result.csrf;
|
Discourse.Session.currentProp('csrfToken', result.csrf);
|
||||||
performAjax(promise);
|
performAjax(promise);
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue