diff options
Diffstat (limited to 'web')
-rw-r--r-- | web/react/components/signup_user_oauth.jsx | 84 | ||||
-rw-r--r-- | web/react/pages/signup_user_oauth.jsx | 11 | ||||
-rw-r--r-- | web/templates/signup_user_oauth.html | 26 | ||||
-rw-r--r-- | web/web.go | 87 |
4 files changed, 208 insertions, 0 deletions
diff --git a/web/react/components/signup_user_oauth.jsx b/web/react/components/signup_user_oauth.jsx new file mode 100644 index 000000000..40ed07ef8 --- /dev/null +++ b/web/react/components/signup_user_oauth.jsx @@ -0,0 +1,84 @@ +// Copyright (c) 2015 Spinpunch, Inc. All Rights Reserved. +// See License.txt for license information. + + +var utils = require('../utils/utils.jsx'); +var client = require('../utils/client.jsx'); +var UserStore = require('../stores/user_store.jsx'); +var BrowserStore = require('../stores/browser_store.jsx'); + +module.exports = React.createClass({ + handleSubmit: function(e) { + e.preventDefault(); + + if (!this.state.user.username) { + this.setState({name_error: "This field is required", email_error: "", password_error: "", server_error: ""}); + return; + } + + var username_error = utils.isValidUsername(this.state.user.username); + if (username_error === "Cannot use a reserved word as a username.") { + this.setState({name_error: "This username is reserved, please choose a new one.", email_error: "", password_error: "", server_error: ""}); + return; + } else if (username_error) { + this.setState({name_error: "Username must begin with a letter, and contain between 3 to 15 lowercase characters made up of numbers, letters, and the symbols '.', '-' and '_'.", email_error: "", password_error: "", server_error: ""}); + return; + } + + this.setState({name_error: "", server_error: ""}); + + this.state.user.allow_marketing = this.refs.email_service.getDOMNode().checked; + + var user = this.state.user; + client.createUser(user, "", "", + function(data) { + client.track('signup', 'signup_user_oauth_02'); + window.location.href = '/login/'+user.auth_service+'?id='+user.team_id; + }.bind(this), + function(err) { + this.state.server_error = err.message; + this.setState(this.state); + }.bind(this) + ); + }, + handleChange: function() { + var user = this.state.user; + user.username = this.refs.name.getDOMNode().value; + this.setState({ user: user }); + }, + getInitialState: function() { + var user = JSON.parse(this.props.user); + return { user: user }; + }, + render: function() { + + client.track('signup', 'signup_user_oauth_01'); + + var name_error = this.state.name_error ? <label className='control-label'>{ this.state.name_error }</label> : null; + var server_error = this.state.server_error ? <div className={ "form-group has-error" }><label className='control-label'>{ this.state.server_error }</label></div> : null; + + var yourEmailIs = this.state.user.email == "" ? "" : <span>Your email address is <b>{ this.state.user.email }.</b></span>; + + return ( + <div> + <img className="signup-team-logo" src="/static/images/logo.png" /> + <h4>Welcome to { config.SiteName }</h4> + <p>{"To continue signing up with " + this.state.user.auth_type + ", please register a username."}</p> + <p>Your username can be made of lowercase letters and numbers.</p> + <label className="control-label">Username</label> + <div className={ name_error ? "form-group has-error" : "form-group" }> + <input type="text" ref="name" className="form-control" placeholder="" maxLength="128" value={this.state.user.username} onChange={this.handleChange} /> + { name_error } + </div> + <p>{"Pick something " + strings.Team + "mates will recognize. Your username is how you will appear to others"}</p> + <p>{ yourEmailIs } You’ll use this address to sign in to {config.SiteName}.</p> + <div className="checkbox"><label><input type="checkbox" ref="email_service" /> It's ok to send me occassional email with updates about the {config.SiteName} service. </label></div> + <p><button onClick={this.handleSubmit} className="btn-primary btn">Create Account</button></p> + { server_error } + <p>By proceeding to create your account and use { config.SiteName }, you agree to our <a href={ config.TermsLink }>Terms of Service</a> and <a href={ config.PrivacyLink }>Privacy Policy</a>. If you do not agree, you cannot use {config.SiteName}.</p> + </div> + ); + } +}); + + diff --git a/web/react/pages/signup_user_oauth.jsx b/web/react/pages/signup_user_oauth.jsx new file mode 100644 index 000000000..3bbb89f41 --- /dev/null +++ b/web/react/pages/signup_user_oauth.jsx @@ -0,0 +1,11 @@ +// Copyright (c) 2015 Spinpunch, Inc. All Rights Reserved. +// See License.txt for license information. + +var SignupUserOAuth = require('../components/signup_user_oauth.jsx'); + +global.window.setup_signup_user_oauth_page = function(user) { + React.render( + <SignupUserOAuth user={user} />, + document.getElementById('signup-user-complete') + ); +}; diff --git a/web/templates/signup_user_oauth.html b/web/templates/signup_user_oauth.html new file mode 100644 index 000000000..a973b8385 --- /dev/null +++ b/web/templates/signup_user_oauth.html @@ -0,0 +1,26 @@ +{{define "signup_user_oauth"}} +<!DOCTYPE html> +<html> +{{template "head" . }} +<body class="white"> + <div class="container-fluid"> + <div class="inner__wrap"> + <div class="row content"> + <div class="col-sm-12"> + <div class="signup-team__container"> + <div id="signup-user-complete"></div> + </div> + </div> + <div class="footer-push"></div> + </div> + <div class="row footer"> + {{template "footer" . }} + </div> + </div> + </div> + <script> + window.setup_signup_user_oauth_page('{{.Props.User}}'); + </script> +</body> +</html> +{{end}} diff --git a/web/web.go b/web/web.go index 3e4bc2d53..85901a8d2 100644 --- a/web/web.go +++ b/web/web.go @@ -14,6 +14,7 @@ import ( "gopkg.in/fsnotify.v1" "html/template" "net/http" + "net/url" "strconv" "strings" ) @@ -52,6 +53,10 @@ func InitWeb() { mainrouter.Handle("/{team:[A-Za-z0-9-]+(__)?[A-Za-z0-9-]+}", api.AppHandler(login)).Methods("GET") mainrouter.Handle("/{team:[A-Za-z0-9-]+(__)?[A-Za-z0-9-]+}/", api.AppHandler(login)).Methods("GET") mainrouter.Handle("/{team:[A-Za-z0-9-]+(__)?[A-Za-z0-9-]+}/login", api.AppHandler(login)).Methods("GET") + + mainrouter.Handle("/login/gitlab", api.AppHandlerIndependent(loginWithGitLab)).Methods("GET") + mainrouter.Handle("/login/gitlab/complete", api.AppHandlerIndependent(loginCompleteGitLab)).Methods("GET") + mainrouter.Handle("/{team:[A-Za-z0-9-]+(__)?[A-Za-z0-9-]+}/logout", api.AppHandler(logout)).Methods("GET") mainrouter.Handle("/{team:[A-Za-z0-9-]+(__)?[A-Za-z0-9-]+}/reset_password", api.AppHandler(resetPassword)).Methods("GET") // Bug in gorilla.mux pervents us from using regex here. @@ -61,6 +66,10 @@ func InitWeb() { mainrouter.Handle("/signup_team_complete/", api.AppHandlerIndependent(signupTeamComplete)).Methods("GET") mainrouter.Handle("/signup_user_complete/", api.AppHandlerIndependent(signupUserComplete)).Methods("GET") mainrouter.Handle("/signup_team_confirm/", api.AppHandlerIndependent(signupTeamConfirm)).Methods("GET") + + mainrouter.Handle("/signup/gitlab", api.AppHandlerIndependent(signupWithGitLab)).Methods("GET") + mainrouter.Handle("/signup/gitlab/complete", api.AppHandlerIndependent(signupCompleteGitLab)).Methods("GET") + mainrouter.Handle("/verify_email", api.AppHandlerIndependent(verifyEmail)).Methods("GET") mainrouter.Handle("/find_team", api.AppHandlerIndependent(findTeam)).Methods("GET") mainrouter.Handle("/signup_team", api.AppHandlerIndependent(signup)).Methods("GET") @@ -439,3 +448,81 @@ func resetPassword(c *api.Context, w http.ResponseWriter, r *http.Request) { page.Props["IsReset"] = strconv.FormatBool(isResetLink) page.Render(c, w) } + +func signupWithGitLab(c *api.Context, w http.ResponseWriter, r *http.Request) { + teamId := r.FormValue("id") + + if len(teamId) != 26 { + c.Err = model.NewAppError("signupWithGitLab", "Invalid team id", "team_id="+teamId) + return + } + + state := model.HashPassword(utils.Cfg.SSOSettings.GitLabId) + + authUrl := utils.Cfg.SSOSettings.GitLabUrl + "/oauth/authorize" + authUrl += "?response_type=code&client_id=" + utils.Cfg.SSOSettings.GitLabId + "&redirect_uri=" + url.QueryEscape("http://localhost:8065/signup/gitlab/complete?id="+teamId) + "&state=" + url.QueryEscape(state) + http.Redirect(w, r, authUrl, http.StatusFound) +} + +func signupCompleteGitLab(c *api.Context, w http.ResponseWriter, r *http.Request) { + code := r.URL.Query().Get("code") + state := r.URL.Query().Get("state") + teamId := r.FormValue("id") + + uri := "http://localhost:8065/signup/gitlab/complete?id=" + teamId + + if glu, err := api.AuthorizeGitLabUser(code, state, uri); err != nil { + c.Err = err + return + } else { + user := model.UserFromGitLabUser(glu) + user.TeamId = teamId + + page := NewHtmlTemplatePage("signup_user_oauth", "Complete User Sign Up") + page.Props["User"] = user.ToJson() + page.Render(c, w) + } +} + +func loginWithGitLab(c *api.Context, w http.ResponseWriter, r *http.Request) { + teamId := r.FormValue("id") + + if len(teamId) != 26 { + c.Err = model.NewAppError("signupWithGitLab", "Invalid team id", "team_id="+teamId) + return + } + + state := model.HashPassword(utils.Cfg.SSOSettings.GitLabId) + + authUrl := utils.Cfg.SSOSettings.GitLabUrl + "/oauth/authorize" + authUrl += "?response_type=code&client_id=" + utils.Cfg.SSOSettings.GitLabId + "&redirect_uri=" + url.QueryEscape("http://localhost:8065/login/gitlab/complete?id="+teamId) + "&state=" + url.QueryEscape(state) + http.Redirect(w, r, authUrl, http.StatusFound) +} + +func loginCompleteGitLab(c *api.Context, w http.ResponseWriter, r *http.Request) { + code := r.URL.Query().Get("code") + state := r.URL.Query().Get("state") + teamId := r.FormValue("id") + + uri := "http://localhost:8065/login/gitlab/complete?id=" + teamId + + if glu, err := api.AuthorizeGitLabUser(code, state, uri); err != nil { + c.Err = err + return + } else { + var user *model.User + if result := <-api.Srv.Store.User().GetByAuth(teamId, strconv.FormatInt(glu.Id, 10), model.USER_AUTH_SERVICE_GITLAB); result.Err != nil { + c.Err = result.Err + return + } else { + user = result.Data.(*model.User) + api.Login(c, w, r, user, "") + + if c.Err != nil { + return + } + + root(c, w, r) + } + } +} |