projects / authserver.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 1b90529)
KaiRo bug 375 - Make branding a configuration option
authorRobert Kaiser <kairo@kairo.at>
Fri, 20 Jan 2017 03:09:09 +0000 (04:09 +0100)
committerRobert Kaiser <kairo@kairo.at>
Fri, 20 Jan 2017 03:09:09 +0000 (04:09 +0100)
.gitignore patch | blob | blame | history
app/KaiRoLogo-100x62.png [deleted file] patch | blob | blame | history
app/authorize.php patch | blob | blame | history
app/authsystem.css patch | blob | blame | history
app/authutils.php-class patch | blob | blame | history
app/index.php patch | blob | blame | history
app/skin/default/authskin.css [new file with mode: 0644] patch | blob
app/skin/default/icon.svg [new file with mode: 0644] patch | blob
app/skin/default/icon32.png [new file with mode: 0644] patch | blob
app/skin/default/logo-100x62.png [new file with mode: 0644] patch | blob
etc/kairo/auth_settings.json patch | blob | blame | history

diff --git a/.gitignore b/.gitignore
index 1533c81471a46abb36265513cd6a887c47480fea..cbc9833f4da13d2c50c983aaa0b1fe8cbb1b22da 100644 (file)
--- a/.gitignore
+++ b/.gitignore
@@ -2,3 +2,5 @@
 composer.lock
 /vendor
 /php-utility-classes
 composer.lock
 /vendor
 /php-utility-classes
+/app/skin/*
+!/app/skin/default
diff --git a/app/KaiRoLogo-100x62.png b/app/KaiRoLogo-100x62.png
deleted file mode 100644 (file)
index 6288ecb..0000000
Binary files a/app/KaiRoLogo-100x62.png and /dev/null differ
diff --git a/app/authorize.php b/app/authorize.php
index a37bd4a0f63aea6bd028830bffb5a5e0504a0c47..81f95b1c5285426bafc770f85320010d8b1c2c9f 100644 (file)
--- a/app/authorize.php
+++ b/app/authorize.php
@@ -15,7 +15,8 @@ $errors = $utils->checkForSecureConnection();
 $utils->sendSecurityHeaders();
 
 // Initialize the HTML document with our basic elements.
 $utils->sendSecurityHeaders();
 
 // Initialize the HTML document with our basic elements.
-extract($utils->initHTMLDocument('Authorization Request | KaiRo.at', 'KaiRo.at Authentication Server')); // sets $document, $html, $head, $title, $body
+extract($utils->initHTMLDocument(sprintf(_('Authorization Request | %s'), $utils->settings['operator_name']),
+                                 sprintf(_('%s Authentication Server'), $utils->settings['operator_name']))); // sets $document, $html, $head, $title, $body
 
 if (!count($errors)) {
   $session = $utils->initSession(); // Read session or create new session and set cookie.
 
 if (!count($errors)) {
   $session = $utils->initSession(); // Read session or create new session and set cookie.
@@ -39,7 +40,8 @@ if (!count($errors)) {
     $user = array('id' => 0, 'email' => '');
   }
   if (is_null($session)) {
     $user = array('id' => 0, 'email' => '');
   }
   if (is_null($session)) {
-    $errors[] = _('The session system is not working.').' '._('Please <a href="https://www.kairo.at/contact">contact KaiRo.at</a> and tell the team about this.');
+    $errors[] = _('The session system is not working.').' '
+                .sprintf(_('Please <a href="%s">contact %s</a> and tell the team about this.'), $utils->settings['operator_contact_url'], $utils->settings['operator_name']);
   }
   elseif ($session['logged_in']) {
     // We are logged in, process authorization request.
   }
   elseif ($session['logged_in']) {
     // We are logged in, process authorization request.
diff --git a/app/authsystem.css b/app/authsystem.css
index 4c8dd5f8a787e1949f9d16584d396939a9362e9f..bf0f490ae1e085aa51fa68a008daa2b32284b27e 100644 (file)
--- a/app/authsystem.css
+++ b/app/authsystem.css
@@ -5,7 +5,6 @@
 body {
   font-family: sans-serif;
 /*  margin: 0; */
 body {
   font-family: sans-serif;
 /*  margin: 0; */
-  background-color: #FFFFEE;
   padding-top: 5em; /* leave space for total height of h1: 4+1(r)em */
 }
 
   padding-top: 5em; /* leave space for total height of h1: 4+1(r)em */
 }
 
@@ -21,9 +20,6 @@ h1 {
   height: 4rem;
   min-height: calc(70px - 1rem);
   font-size: 2em;
   height: 4rem;
   min-height: calc(70px - 1rem);
   font-size: 2em;
-  background-color: #003366;
-  color: #FFFFEE;
-  background-image: url("KaiRoLogo-100x62.png");
   background-repeat: no-repeat;
   background-position: 10px 50%;
   overflow: hidden;
   background-repeat: no-repeat;
   background-position: 10px 50%;
   overflow: hidden;
@@ -47,10 +43,6 @@ h1 {
   }
 }
 
   }
 }
 
-a:link { color: #669999; }
-a:visited { color: #003366; }
-a:hover, a:active { color: #88BBBB; }
-
 ul.flat {
  list-style-type: none;
  margin: 0em;
 ul.flat {
  list-style-type: none;
  margin: 0em;
@@ -75,12 +67,14 @@ table.border {
  border-spacing: 0px;
  border-collapse: collapse;
  empty-cells: show;
  border-spacing: 0px;
  border-collapse: collapse;
  empty-cells: show;
- border-left: 1px solid #336699;
- border-top: 1px solid #336699;
+ border-width: 0;
+ border-left: 1px solid;
+ border-top: 1px solid;
 }
 table.border th, table.border td {
 }
 table.border th, table.border td {
- border-bottom: 1px solid #336699;
- border-right: 1px solid #336699;
+ border-width: 0;
+ border-bottom: 1px solid;
+ border-right: 1px solid;
 }
 table.border td {
  padding-left: 3px;
 }
 table.border td {
  padding-left: 3px;
@@ -132,13 +126,10 @@ table.border td {
 }
 
 .otheremaillinks > a {
 }
 
 .otheremaillinks > a {
-  background-color: #EEEEDD;
   text-decoration: none;
   padding: .2em;
   border-radius: 3px;
 }
   text-decoration: none;
   padding: .2em;
   border-radius: 3px;
 }
-.otheremaillinks > a:link, .otheremaillinks > a:visited { color: #BBBBBB; }
-.otheremaillinks > a:hover, .otheremaillinks > a:active { color: #808080; }
 
 .small {
   font-size: 0.75em;
 
 .small {
   font-size: 0.75em;
diff --git a/app/authutils.php-class b/app/authutils.php-class
index e76098c5a273d992297d0da07d42639d733e9d3a..d901669320cf86d946e673ee0b7ed43e03ca011a 100755 (executable)
--- a/app/authutils.php-class
+++ b/app/authutils.php-class
@@ -123,6 +123,10 @@ class AuthUtils {
     $this->settings['piwik_site_id'] = intval(@$this->settings['piwik_site_id']);
     $this->settings['piwik_url'] = strlen(@$this->settings['piwik_url']) ? $this->settings['piwik_url'] : '/piwik/';
     $this->settings['piwik_tracker_path'] = strlen(@$this->settings['piwik_tracker_path']) ? $this->settings['piwik_tracker_path'] : '../vendor/piwik/piwik-php-tracker/';
     $this->settings['piwik_site_id'] = intval(@$this->settings['piwik_site_id']);
     $this->settings['piwik_url'] = strlen(@$this->settings['piwik_url']) ? $this->settings['piwik_url'] : '/piwik/';
     $this->settings['piwik_tracker_path'] = strlen(@$this->settings['piwik_tracker_path']) ? $this->settings['piwik_tracker_path'] : '../vendor/piwik/piwik-php-tracker/';
+    $this->settings['skin'] = (@$this->settings['skin'] && is_dir('skin/'.$this->settings['skin'])) ? $this->settings['skin'] : 'default';
+    $this->settings['operator_name'] = (@$this->settings['operator_name']) ? $this->settings['operator_name'] : 'AuthServer';
+    $this->settings['operator_contact_url'] = (@$this->settings['operator_contact_url']) ? $this->settings['operator_contact_url'] : 'https://github.com/KaiRo_at/authserver/';
+    $this->settings['info_from_email'] = (@$this->settings['info_from_email']) ? $this->settings['info_from_email'] : 'noreply@example.com';
 
     // Initialize database.
     $config = new \Doctrine\DBAL\Configuration();
 
     // Initialize database.
     $config = new \Doctrine\DBAL\Configuration();
@@ -252,14 +256,16 @@ class AuthUtils {
       }
       else {
         $utils->log('create_session_failure', 'at login, prev session: '.$session['id'].', new user: '.$userid);
       }
       else {
         $utils->log('create_session_failure', 'at login, prev session: '.$session['id'].', new user: '.$userid);
-        $errors[] = _('The session system is not working.').' '._('Please <a href="https://www.kairo.at/contact">contact KaiRo.at</a> and tell the team about this.');
+        $errors[] = _('The session system is not working.').' '
+                    .sprintf(_('Please <a href="%s">contact %s</a> and tell the team about this.'), $this->settings['operator_contact_url'], $this->settings['operator_name']);
       }
     }
     else {
       $result = $this->db->prepare('UPDATE `auth_sessions` SET `sesskey` = :sesskey, `user` = :userid, `logged_in` = TRUE, `time_expire` = :expire WHERE `id` = :sessid;');
       if (!$result->execute(array(':sesskey' => $sesskey, ':userid' => $userid, ':expire' => gmdate('Y-m-d H:i:s', strtotime('+1 day')), ':sessid' => $session['id']))) {
         $utils->log('login_failure', 'session: '.$session['id'].', user: '.$userid);
       }
     }
     else {
       $result = $this->db->prepare('UPDATE `auth_sessions` SET `sesskey` = :sesskey, `user` = :userid, `logged_in` = TRUE, `time_expire` = :expire WHERE `id` = :sessid;');
       if (!$result->execute(array(':sesskey' => $sesskey, ':userid' => $userid, ':expire' => gmdate('Y-m-d H:i:s', strtotime('+1 day')), ':sessid' => $session['id']))) {
         $utils->log('login_failure', 'session: '.$session['id'].', user: '.$userid);
-        $errors[] = _('Login failed unexpectedly.').' '._('Please <a href="https://www.kairo.at/contact">contact KaiRo.at</a> and tell the team about this.');
+        $errors[] = _('Login failed unexpectedly.').' '
+                    .sprintf(_('Please <a href="%s">contact %s</a> and tell the team about this.'), $this->settings['operator_contact_url'], $this->settings['operator_name']);
       }
       else {
         // After update, actually fetch the session row from the DB so we have all values.
       }
       else {
         // After update, actually fetch the session row from the DB so we have all values.
@@ -510,12 +516,19 @@ class AuthUtils {
     $style = $head->appendElement('link');
     $style->setAttribute('rel', 'stylesheet');
     $style->setAttribute('href', 'authsystem.css');
     $style = $head->appendElement('link');
     $style->setAttribute('rel', 'stylesheet');
     $style->setAttribute('href', 'authsystem.css');
+    $style = $head->appendElement('link');
+    $style->setAttribute('rel', 'stylesheet');
+    $style->setAttribute('href', 'skin/'.$settings['skin'].'/authskin.css');
     $head->appendJSFile('authsystem.js');
     if ($settings['piwik_enabled']) {
       $head->setAttribute('data-piwiksite', $settings['piwik_site_id']);
       $head->setAttribute('data-piwikurl', $settings['piwik_url']);
       $head->appendJSFile('piwik.js', true, true);
     }
     $head->appendJSFile('authsystem.js');
     if ($settings['piwik_enabled']) {
       $head->setAttribute('data-piwiksite', $settings['piwik_site_id']);
       $head->setAttribute('data-piwikurl', $settings['piwik_url']);
       $head->appendJSFile('piwik.js', true, true);
     }
+    $icon = $head->appendElement('link');
+    $icon->setAttribute('rel', 'shortcut icon');
+    $icon->setAttribute('href', 'skin/'.$settings['skin'].'/icon32.png');
+    $icon->setAttribute('type', 'image/png');
     $title->appendText($titletext);
     $h1 = $body->appendElement('h1', $headlinetext);
 
     $title->appendText($titletext);
     $h1 = $body->appendElement('h1', $headlinetext);
 
diff --git a/app/index.php b/app/index.php
index ba0d0247e7e42bc500b84eb6181b717661e0c8f7..e1be02d4e1c4930185cea38e09fffbfabdff145b 100644 (file)
--- a/app/index.php
+++ b/app/index.php
@@ -10,14 +10,15 @@ $errors = $utils->checkForSecureConnection();
 $utils->sendSecurityHeaders();
 
 // Initialize the HTML document with our basic elements.
 $utils->sendSecurityHeaders();
 
 // Initialize the HTML document with our basic elements.
-extract($utils->initHTMLDocument('KaiRo.at Authentication Server')); // sets $document, $html, $head, $title, $body
+extract($utils->initHTMLDocument(sprintf(_('%s Authentication Server'), $utils->settings['operator_name']))); // sets $document, $html, $head, $title, $body
 
 if (!count($errors)) {
   $session = $utils->initSession(); // Read session or create new session and set cookie.
   $user = array('id' => 0, 'email' => '');
   $pagetype = 'default';
   if (is_null($session)) {
 
 if (!count($errors)) {
   $session = $utils->initSession(); // Read session or create new session and set cookie.
   $user = array('id' => 0, 'email' => '');
   $pagetype = 'default';
   if (is_null($session)) {
-    $errors[] = _('The session system is not working.').' '._('Please <a href="https://www.kairo.at/contact">contact KaiRo.at</a> and tell the team about this.');
+    $errors[] = _('The session system is not working.').' '
+                .sprintf(_('Please <a href="%s">contact %s</a> and tell the team about this.'), $utils->settings['operator_contact_url'], $utils->settings['operator_name']);
   }
   elseif (array_key_exists('logout', $_GET)) {
     $result = $db->prepare('UPDATE `auth_sessions` SET `logged_in` = FALSE WHERE `id` = :sessid;');
   }
   elseif (array_key_exists('logout', $_GET)) {
     $result = $db->prepare('UPDATE `auth_sessions` SET `logged_in` = FALSE WHERE `id` = :sessid;');
@@ -87,7 +88,8 @@ if (!count($errors)) {
             $result = $db->prepare('INSERT INTO `auth_users` (`email`, `pwdhash`, `status`, `verify_hash`) VALUES (:email, :pwdhash, \'unverified\', :vcode);');
             if (!$result->execute(array(':email' => $_POST['email'], ':pwdhash' => $newHash, ':vcode' => $vcode))) {
               $utils->log('user_insert_failure', 'email: '.$_POST['email'].' - '.$result->errorInfo()[2]);
             $result = $db->prepare('INSERT INTO `auth_users` (`email`, `pwdhash`, `status`, `verify_hash`) VALUES (:email, :pwdhash, \'unverified\', :vcode);');
             if (!$result->execute(array(':email' => $_POST['email'], ':pwdhash' => $newHash, ':vcode' => $vcode))) {
               $utils->log('user_insert_failure', 'email: '.$_POST['email'].' - '.$result->errorInfo()[2]);
-              $errors[] = _('Could not add user.').' '._('Please <a href="https://www.kairo.at/contact">contact KaiRo.at</a> and tell the team about this.');
+              $errors[] = _('Could not add user.').' '
+                          .sprintf(_('Please <a href="%s">contact %s</a> and tell the team about this.'), $utils->settings['operator_contact_url'], $utils->settings['operator_name']);
             }
             $user = array('id' => $db->lastInsertId(),
                           'email' => $_POST['email'],
             }
             $user = array('id' => $db->lastInsertId(),
                           'email' => $_POST['email'],
@@ -102,18 +104,18 @@ if (!count($errors)) {
             $mail->setCharset('utf-8');
             $mail->addHeader('X-KAIRO-AUTH', 'email_verification');
             $mail->addRecipient($user['email']);
             $mail->setCharset('utf-8');
             $mail->addHeader('X-KAIRO-AUTH', 'email_verification');
             $mail->addRecipient($user['email']);
-            $mail->setSender('noreply@auth.kairo.at', _('KaiRo.at Authentication Service'));
-            $mail->setSubject('Email Verification for KaiRo.at Authentication');
+            $mail->setSender($utils->settings['info_from_email'], sprintf(_('%s Authentication Service'), $utils->settings['operator_name']));
+            $mail->setSubject(sprintf(_('Email Verification for %s Authentication'), $utils->settings['operator_name']));
             $mail->addMailText(_('Welcome!')."\n\n");
             $mail->addMailText(sprintf(_('This email address, %s, has been used for registration on "%s".'),
             $mail->addMailText(_('Welcome!')."\n\n");
             $mail->addMailText(sprintf(_('This email address, %s, has been used for registration on "%s".'),
-                                      $user['email'], _('KaiRo.at Authentication Service'))."\n\n");
+                                       $user['email'], sprintf(_('%s Authentication Service'), $utils->settings['operator_name']))."\n\n");
             $mail->addMailText(_('Please confirm that registration by clicking the following link (or calling it up in your browser):')."\n");
             $mail->addMailText($utils->getDomainBaseURL().strstr($_SERVER['REQUEST_URI'], '?', true)
                               .'?email='.rawurlencode($user['email']).'&verification_code='.rawurlencode($user['verify_hash'])."\n\n");
             $mail->addMailText(_('With this confirmation, you accept that we handle your data for the purpose of logging you into other websites when you request that.')."\n");
             $mail->addMailText(_('Those websites will get to know your email address but not your password, which we store securely.')."\n");
             $mail->addMailText(_('If you do not call this confirmation link within 72 hours, your data will be deleted from our database.')."\n\n");
             $mail->addMailText(_('Please confirm that registration by clicking the following link (or calling it up in your browser):')."\n");
             $mail->addMailText($utils->getDomainBaseURL().strstr($_SERVER['REQUEST_URI'], '?', true)
                               .'?email='.rawurlencode($user['email']).'&verification_code='.rawurlencode($user['verify_hash'])."\n\n");
             $mail->addMailText(_('With this confirmation, you accept that we handle your data for the purpose of logging you into other websites when you request that.')."\n");
             $mail->addMailText(_('Those websites will get to know your email address but not your password, which we store securely.')."\n");
             $mail->addMailText(_('If you do not call this confirmation link within 72 hours, your data will be deleted from our database.')."\n\n");
-            $mail->addMailText(sprintf(_('The %s team'), 'KaiRo.at'));
+            $mail->addMailText(sprintf(_('The %s team'), $utils->settings['operator_name']));
             //$mail->setDebugAddress("robert@localhost");
             $mailsent = $mail->send();
             if ($mailsent) {
             //$mail->setDebugAddress("robert@localhost");
             $mailsent = $mail->send();
             if ($mailsent) {
@@ -121,7 +123,8 @@ if (!count($errors)) {
             }
             else {
               $utils->log('verify_mail_failure', 'user: '.$user['id'].', email: '.$user['email']);
             }
             else {
               $utils->log('verify_mail_failure', 'user: '.$user['id'].', email: '.$user['email']);
-              $errors[] = _('The confirmation email could not be sent to you.').' '._('Please <a href="https://www.kairo.at/contact">contact KaiRo.at</a> and tell the team about this.');
+              $errors[] = _('The confirmation email could not be sent to you.').' '
+                          .sprintf(_('Please <a href="%s">contact %s</a> and tell the team about this.'), $utils->settings['operator_contact_url'], $utils->settings['operator_name']);
             }
           }
           else {
             }
           }
           else {
@@ -130,7 +133,8 @@ if (!count($errors)) {
             $result = $db->prepare('UPDATE `auth_users` SET `verify_hash` = :vcode WHERE `id` = :userid;');
             if (!$result->execute(array(':vcode' => $vcode, ':userid' => $user['id']))) {
               $utils->log('vhash_set_failure', 'user: '.$user['id']);
             $result = $db->prepare('UPDATE `auth_users` SET `verify_hash` = :vcode WHERE `id` = :userid;');
             if (!$result->execute(array(':vcode' => $vcode, ':userid' => $user['id']))) {
               $utils->log('vhash_set_failure', 'user: '.$user['id']);
-              $errors[] = _('Could not initiate reset request.').' '._('Please <a href="https://www.kairo.at/contact">contact KaiRo.at</a> and tell the team about this.');
+              $errors[] = _('Could not initiate reset request.').' '
+                          .sprintf(_('Please <a href="%s">contact %s</a> and tell the team about this.'), $utils->settings['operator_contact_url'], $utils->settings['operator_name']);
             }
             else {
               $utils->log('pwd_reset_request', 'user: '.$user['id'].', email: '.$user['email']);
             }
             else {
               $utils->log('pwd_reset_request', 'user: '.$user['id'].', email: '.$user['email']);
@@ -140,16 +144,16 @@ if (!count($errors)) {
               $mail->setCharset('utf-8');
               $mail->addHeader('X-KAIRO-AUTH', 'password_reset');
               $mail->addRecipient($user['email']);
               $mail->setCharset('utf-8');
               $mail->addHeader('X-KAIRO-AUTH', 'password_reset');
               $mail->addRecipient($user['email']);
-              $mail->setSender('noreply@auth.kairo.at', _('KaiRo.at Authentication Service'));
-              $mail->setSubject('How to reset your password for KaiRo.at Authentication');
+              $mail->setSender($utils->settings['info_from_email'], sprintf(_('%s Authentication Service'), $utils->settings['operator_name']));
+              $mail->setSubject(sprintf(_('How to reset your password for %s Authentication'), $utils->settings['operator_name']));
               $mail->addMailText(_('Hi,')."\n\n");
               $mail->addMailText(sprintf(_('A request for setting a new password for this email address, %s, has been submitted on "%s".'),
               $mail->addMailText(_('Hi,')."\n\n");
               $mail->addMailText(sprintf(_('A request for setting a new password for this email address, %s, has been submitted on "%s".'),
-                                        $user['email'], _('KaiRo.at Authentication Service'))."\n\n");
+                                         $user['email'], sprintf(_('%s Authentication Service'), $utils->settings['operator_name']))."\n\n");
               $mail->addMailText(_('You can set a new password by clicking the following link (or calling it up in your browser):')."\n");
               $mail->addMailText($utils->getDomainBaseURL().strstr($_SERVER['REQUEST_URI'], '?', true)
                                 .'?email='.rawurlencode($user['email']).'&reset_code='.rawurlencode($resetcode)."\n\n");
               $mail->addMailText(_('If you do not call this confirmation link within 1 hour, this link expires and the existing password is being kept in place.')."\n\n");
               $mail->addMailText(_('You can set a new password by clicking the following link (or calling it up in your browser):')."\n");
               $mail->addMailText($utils->getDomainBaseURL().strstr($_SERVER['REQUEST_URI'], '?', true)
                                 .'?email='.rawurlencode($user['email']).'&reset_code='.rawurlencode($resetcode)."\n\n");
               $mail->addMailText(_('If you do not call this confirmation link within 1 hour, this link expires and the existing password is being kept in place.')."\n\n");
-              $mail->addMailText(sprintf(_('The %s team'), 'KaiRo.at'));
+              $mail->addMailText(sprintf(_('The %s team'), $utils->settings['operator_name']));
               //$mail->setDebugAddress("robert@localhost");
               $mailsent = $mail->send();
               if ($mailsent) {
               //$mail->setDebugAddress("robert@localhost");
               $mailsent = $mail->send();
               if ($mailsent) {
@@ -157,7 +161,8 @@ if (!count($errors)) {
               }
               else {
                 $utils->log('pwd_reset_mail_failure', 'user: '.$user['id'].', email: '.$user['email']);
               }
               else {
                 $utils->log('pwd_reset_mail_failure', 'user: '.$user['id'].', email: '.$user['email']);
-                $errors[] = _('The email with password reset instructions could not be sent to you.').' '._('Please <a href="https://www.kairo.at/contact">contact KaiRo.at</a> and tell the team about this.');
+                $errors[] = _('The email with password reset instructions could not be sent to you.').' '
+                            .sprintf(_('Please <a href="%s">contact %s</a> and tell the team about this.'), $utils->settings['operator_contact_url'], $utils->settings['operator_name']);
               }
             }
           }
               }
             }
           }
@@ -216,7 +221,8 @@ if (!count($errors)) {
       $result = $db->prepare('UPDATE `auth_users` SET `verify_hash` = \'\', `status` = \'ok\' WHERE `id` = :userid;');
       if (!$result->execute(array(':userid' => $user['id']))) {
         $utils->log('verification_save_failure', 'user: '.$user['id']);
       $result = $db->prepare('UPDATE `auth_users` SET `verify_hash` = \'\', `status` = \'ok\' WHERE `id` = :userid;');
       if (!$result->execute(array(':userid' => $user['id']))) {
         $utils->log('verification_save_failure', 'user: '.$user['id']);
-        $errors[] = _('Could not save confirmation.').' '._('Please <a href="https://www.kairo.at/contact">contact KaiRo.at</a> and tell the team about this.');
+        $errors[] = _('Could not save confirmation.').' '
+                    .sprintf(_('Please <a href="%s">contact %s</a> and tell the team about this.'), $utils->settings['operator_contact_url'], $utils->settings['operator_name']);
       }
       $pagetype = 'verification_done';
     }
       }
       $pagetype = 'verification_done';
     }
@@ -277,7 +283,8 @@ if (!count($errors)) {
                                     ':scope' => $scope,
                                     ':userid' => $user['id']))) {
           $utils->log('client_save_failure', 'client: '.$clientid);
                                     ':scope' => $scope,
                                     ':userid' => $user['id']))) {
           $utils->log('client_save_failure', 'client: '.$clientid);
-          $errors[] = _('Unexpectedly failed to save new client information.').' '._('Please <a href="https://www.kairo.at/contact">contact KaiRo.at</a> and tell the team about this.');
+          $errors[] = _('Unexpectedly failed to save new client information.').' '
+                      .sprintf(_('Please <a href="%s">contact %s</a> and tell the team about this.'), $utils->settings['operator_contact_url'], $utils->settings['operator_name']);
         }
       }
       if (!count($errors)) {
         }
       }
       if (!count($errors)) {
@@ -320,7 +327,8 @@ if (!count($errors)) {
         $result = $db->prepare('UPDATE `auth_users` SET `pwdhash` = :pwdhash, `verify_hash` = \'\' WHERE `id` = :userid;');
         if (!$result->execute(array(':pwdhash' => $newHash, ':userid' => $session['user']))) {
           $utils->log('pwd_reset_failure', 'user: '.$session['user']);
         $result = $db->prepare('UPDATE `auth_users` SET `pwdhash` = :pwdhash, `verify_hash` = \'\' WHERE `id` = :userid;');
         if (!$result->execute(array(':pwdhash' => $newHash, ':userid' => $session['user']))) {
           $utils->log('pwd_reset_failure', 'user: '.$session['user']);
-          $errors[] = _('Password reset failed.').' '._('Please <a href="https://www.kairo.at/contact">contact KaiRo.at</a> and tell the team about this.');
+          $errors[] = _('Password reset failed.').' '
+                      .sprintf(_('Please <a href="%s">contact %s</a> and tell the team about this.'), $utils->settings['operator_contact_url'], $utils->settings['operator_name']);
         }
         else {
           $pagetype = 'reset_done';
         }
         else {
           $pagetype = 'reset_done';
diff --git a/app/skin/default/authskin.css b/app/skin/default/authskin.css
new file mode 100644 (file)
index 0000000..02906cb
--- /dev/null
+++ b/app/skin/default/authskin.css
@@ -0,0 +1,30 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this file,
+ * You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+body {
+  background-color: #FFFFFF;
+}
+
+h1 {
+  background-color: #404040;
+  color: #FFFFFF;
+  background-image: url("logo-100x62.png");
+}
+
+a:link { color: #0000EE; }
+a:visited { color: #8000EE; }
+a:hover, a:active { color: #8080FF; }
+
+table.border {
+ border-color: #404040;
+}
+table.border th, table.border td {
+ border-color: #404040;
+}
+
+.otheremaillinks > a {
+  background-color: #EEEEEE;
+}
+.otheremaillinks > a:link, .otheremaillinks > a:visited { color: #BBBBBB; }
+.otheremaillinks > a:hover, .otheremaillinks > a:active { color: #808080; }
diff --git a/app/skin/default/icon.svg b/app/skin/default/icon.svg
new file mode 100644 (file)
index 0000000..3f9007e
--- /dev/null
+++ b/app/skin/default/icon.svg
@@ -0,0 +1,170 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<!-- Created with Inkscape (http://www.inkscape.org/) -->
+<svg
+    xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
+    xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
+    xmlns="http://www.w3.org/2000/svg"
+    xmlns:cc="http://web.resource.org/cc/"
+    xmlns:dc="http://purl.org/dc/elements/1.1/"
+    xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
+    xmlns:svg="http://www.w3.org/2000/svg"
+    xmlns:ns1="http://sozi.baierouge.fr"
+    xmlns:xlink="http://www.w3.org/1999/xlink"
+    id="svg18832"
+    sodipodi:docname="login_mini_icon_2.svg"
+    viewBox="0 0 212.6 212.6"
+    sodipodi:version="0.32"
+    version="1.0"
+    inkscape:output_extension="org.inkscape.output.svg.inkscape"
+    inkscape:version="0.45.1"
+    sodipodi:docbase="/home/andre/data/projekte_privat/wiesenschluempfe/bilder/icons"
+  >
+  <sodipodi:namedview
+      id="base"
+      inkscape:zoom="0.98994949"
+      borderopacity="1.0"
+      inkscape:current-layer="layer1"
+      inkscape:cx="116.8274"
+      inkscape:object-bbox="true"
+      inkscape:grid-points="true"
+      inkscape:guide-points="true"
+      showgrid="true"
+      inkscape:document-units="mm"
+      bordercolor="#666666"
+      inkscape:window-x="0"
+      inkscape:window-y="0"
+      objecttolerance="10000"
+      inkscape:object-nodes="true"
+      inkscape:window-width="858"
+      inkscape:pageopacity="0.0"
+      inkscape:pageshadow="2"
+      guidetolerance="10000"
+      pagecolor="#ffffff"
+      gridtolerance="10000"
+      inkscape:object-points="true"
+      inkscape:cy="160.64295"
+      inkscape:window-height="580"
+  />
+  <g
+      id="layer1"
+      inkscape:label="Layer 1"
+      inkscape:groupmode="layer"
+      transform="translate(-241.43 -409.02)"
+    >
+    <path
+        id="path15809"
+        style="fill-rule:evenodd;fill:#000000"
+        d="m295.02 409.02l-0.44 35.44h124.01v141.73h-124.01v35.43h159.45v-212.6h-159.01z"
+        inkscape:export-ydpi="52.360001"
+        sodipodi:nodetypes="ccccccccc"
+        inkscape:export-filename="/home/andre/data/projekte_privat/wiesenschluempfe/bilder/logout_mini_icon.png"
+        inkscape:export-xdpi="52.360001"
+    />
+    <path
+        id="path15815"
+        style="fill:#000000"
+        d="m241.43 533.04h88.58l-35.43 35.43h53.15l53.15-53.15-53.15-53.15h-53.15l35.43 35.44h-88.58v35.43z"
+        inkscape:export-ydpi="52.360001"
+        sodipodi:nodetypes="cccccccccc"
+        inkscape:export-filename="/home/andre/data/projekte_privat/wiesenschluempfe/bilder/logout_mini_icon.png"
+        inkscape:export-xdpi="52.360001"
+    />
+  </g
+  >
+  <metadata
+    >
+    <rdf:RDF
+      >
+      <cc:Work
+        >
+        <dc:format
+          >image/svg+xml</dc:format
+        >
+        <dc:type
+            rdf:resource="http://purl.org/dc/dcmitype/StillImage"
+        />
+        <cc:license
+            rdf:resource="http://creativecommons.org/licenses/publicdomain/"
+        />
+        <dc:publisher
+          >
+          <cc:Agent
+              rdf:about="http://openclipart.org/"
+            >
+            <dc:title
+              >Openclipart</dc:title
+            >
+          </cc:Agent
+          >
+        </dc:publisher
+        >
+        <dc:title
+          >login mini icon</dc:title
+        >
+        <dc:date
+          >2008-02-13T10:41:13</dc:date
+        >
+        <dc:description
+        />
+        <dc:source
+          >https://openclipart.org/detail/13847/login-mini-icon-by-artmaster</dc:source
+        >
+        <dc:creator
+          >
+          <cc:Agent
+            >
+            <dc:title
+              >artmaster</dc:title
+            >
+          </cc:Agent
+          >
+        </dc:creator
+        >
+        <dc:subject
+          >
+          <rdf:Bag
+            >
+            <rdf:li
+              >black</rdf:li
+            >
+            <rdf:li
+              >entry</rdf:li
+            >
+            <rdf:li
+              >icon</rdf:li
+            >
+            <rdf:li
+              >login</rdf:li
+            >
+            <rdf:li
+              >mini</rdf:li
+            >
+            <rdf:li
+              >sign</rdf:li
+            >
+          </rdf:Bag
+          >
+        </dc:subject
+        >
+      </cc:Work
+      >
+      <cc:License
+          rdf:about="http://creativecommons.org/licenses/publicdomain/"
+        >
+        <cc:permits
+            rdf:resource="http://creativecommons.org/ns#Reproduction"
+        />
+        <cc:permits
+            rdf:resource="http://creativecommons.org/ns#Distribution"
+        />
+        <cc:permits
+            rdf:resource="http://creativecommons.org/ns#DerivativeWorks"
+        />
+      </cc:License
+      >
+    </rdf:RDF
+    >
+  </metadata
+  >
+</svg
+>
diff --git a/app/skin/default/icon32.png b/app/skin/default/icon32.png
new file mode 100644 (file)
index 0000000..f177927
Binary files /dev/null and b/app/skin/default/icon32.png differ
diff --git a/app/skin/default/logo-100x62.png b/app/skin/default/logo-100x62.png
new file mode 100644 (file)
index 0000000..8424a5d
Binary files /dev/null and b/app/skin/default/logo-100x62.png differ
diff --git a/etc/kairo/auth_settings.json b/etc/kairo/auth_settings.json
index fa4b58b09ef4a79b01102ec73f8427ca2c7f65f0..864ca60c98a3c6803e004440a404795044d53930 100644 (file)
--- a/etc/kairo/auth_settings.json
+++ b/etc/kairo/auth_settings.json
@@ -8,8 +8,12 @@
  ""
 ],
 "client_reg_email_whitelist": ["you@example.com"],
  ""
 ],
 "client_reg_email_whitelist": ["you@example.com"],
+"skin": "default",
+"operator_name": "AuthServer",
+"operator_contact_url": "https://github.com/KaiRo_at/authserver/",
+"info_from_email": "noreply@example.com",
 "piwik_enabled": false,
 "piwik_url": "/piwik/",
 "piwik_site_id": 1,
 "piwik_enabled": false,
 "piwik_url": "/piwik/",
 "piwik_site_id": 1,
-"piwik_tracker_path": "/srv/www/piwik/vendor/piwik/piwik-php-tracker/"
+"piwik_tracker_path": "/srv/www/piwik/vendor/piwik/piwik-php-tracker/",
 }
 }
OAuth2-capable authorization/login server