From: Robert Kaiser Date: Fri, 20 Jan 2017 03:09:09 +0000 (+0100) Subject: KaiRo bug 375 - Make branding a configuration option X-Git-Url: https://git-public.kairo.at/?p=authserver.git;a=commitdiff_plain;h=3f24953f10063243a61eb2f9ddcb3e8888f96147 KaiRo bug 375 - Make branding a configuration option --- diff --git a/.gitignore b/.gitignore index 1533c81..cbc9833 100644 --- a/.gitignore +++ b/.gitignore @@ -2,3 +2,5 @@ composer.lock /vendor /php-utility-classes +/app/skin/* +!/app/skin/default diff --git a/app/KaiRoLogo-100x62.png b/app/KaiRoLogo-100x62.png deleted file mode 100644 index 6288ecb..0000000 Binary files a/app/KaiRoLogo-100x62.png and /dev/null differ diff --git a/app/authorize.php b/app/authorize.php index a37bd4a..81f95b1 100644 --- a/app/authorize.php +++ b/app/authorize.php @@ -15,7 +15,8 @@ $errors = $utils->checkForSecureConnection(); $utils->sendSecurityHeaders(); // Initialize the HTML document with our basic elements. -extract($utils->initHTMLDocument('Authorization Request | KaiRo.at', 'KaiRo.at Authentication Server')); // sets $document, $html, $head, $title, $body +extract($utils->initHTMLDocument(sprintf(_('Authorization Request | %s'), $utils->settings['operator_name']), + sprintf(_('%s Authentication Server'), $utils->settings['operator_name']))); // sets $document, $html, $head, $title, $body if (!count($errors)) { $session = $utils->initSession(); // Read session or create new session and set cookie. @@ -39,7 +40,8 @@ if (!count($errors)) { $user = array('id' => 0, 'email' => ''); } if (is_null($session)) { - $errors[] = _('The session system is not working.').' '._('Please contact KaiRo.at and tell the team about this.'); + $errors[] = _('The session system is not working.').' ' + .sprintf(_('Please contact %s and tell the team about this.'), $utils->settings['operator_contact_url'], $utils->settings['operator_name']); } elseif ($session['logged_in']) { // We are logged in, process authorization request. diff --git a/app/authsystem.css b/app/authsystem.css index 4c8dd5f..bf0f490 100644 --- a/app/authsystem.css +++ b/app/authsystem.css @@ -5,7 +5,6 @@ body { font-family: sans-serif; /* margin: 0; */ - background-color: #FFFFEE; padding-top: 5em; /* leave space for total height of h1: 4+1(r)em */ } @@ -21,9 +20,6 @@ h1 { height: 4rem; min-height: calc(70px - 1rem); font-size: 2em; - background-color: #003366; - color: #FFFFEE; - background-image: url("KaiRoLogo-100x62.png"); background-repeat: no-repeat; background-position: 10px 50%; overflow: hidden; @@ -47,10 +43,6 @@ h1 { } } -a:link { color: #669999; } -a:visited { color: #003366; } -a:hover, a:active { color: #88BBBB; } - ul.flat { list-style-type: none; margin: 0em; @@ -75,12 +67,14 @@ table.border { border-spacing: 0px; border-collapse: collapse; empty-cells: show; - border-left: 1px solid #336699; - border-top: 1px solid #336699; + border-width: 0; + border-left: 1px solid; + border-top: 1px solid; } table.border th, table.border td { - border-bottom: 1px solid #336699; - border-right: 1px solid #336699; + border-width: 0; + border-bottom: 1px solid; + border-right: 1px solid; } table.border td { padding-left: 3px; @@ -132,13 +126,10 @@ table.border td { } .otheremaillinks > a { - background-color: #EEEEDD; text-decoration: none; padding: .2em; border-radius: 3px; } -.otheremaillinks > a:link, .otheremaillinks > a:visited { color: #BBBBBB; } -.otheremaillinks > a:hover, .otheremaillinks > a:active { color: #808080; } .small { font-size: 0.75em; diff --git a/app/authutils.php-class b/app/authutils.php-class index e76098c..d901669 100755 --- a/app/authutils.php-class +++ b/app/authutils.php-class @@ -123,6 +123,10 @@ class AuthUtils { $this->settings['piwik_site_id'] = intval(@$this->settings['piwik_site_id']); $this->settings['piwik_url'] = strlen(@$this->settings['piwik_url']) ? $this->settings['piwik_url'] : '/piwik/'; $this->settings['piwik_tracker_path'] = strlen(@$this->settings['piwik_tracker_path']) ? $this->settings['piwik_tracker_path'] : '../vendor/piwik/piwik-php-tracker/'; + $this->settings['skin'] = (@$this->settings['skin'] && is_dir('skin/'.$this->settings['skin'])) ? $this->settings['skin'] : 'default'; + $this->settings['operator_name'] = (@$this->settings['operator_name']) ? $this->settings['operator_name'] : 'AuthServer'; + $this->settings['operator_contact_url'] = (@$this->settings['operator_contact_url']) ? $this->settings['operator_contact_url'] : 'https://github.com/KaiRo_at/authserver/'; + $this->settings['info_from_email'] = (@$this->settings['info_from_email']) ? $this->settings['info_from_email'] : 'noreply@example.com'; // Initialize database. $config = new \Doctrine\DBAL\Configuration(); @@ -252,14 +256,16 @@ class AuthUtils { } else { $utils->log('create_session_failure', 'at login, prev session: '.$session['id'].', new user: '.$userid); - $errors[] = _('The session system is not working.').' '._('Please contact KaiRo.at and tell the team about this.'); + $errors[] = _('The session system is not working.').' ' + .sprintf(_('Please contact %s and tell the team about this.'), $this->settings['operator_contact_url'], $this->settings['operator_name']); } } else { $result = $this->db->prepare('UPDATE `auth_sessions` SET `sesskey` = :sesskey, `user` = :userid, `logged_in` = TRUE, `time_expire` = :expire WHERE `id` = :sessid;'); if (!$result->execute(array(':sesskey' => $sesskey, ':userid' => $userid, ':expire' => gmdate('Y-m-d H:i:s', strtotime('+1 day')), ':sessid' => $session['id']))) { $utils->log('login_failure', 'session: '.$session['id'].', user: '.$userid); - $errors[] = _('Login failed unexpectedly.').' '._('Please contact KaiRo.at and tell the team about this.'); + $errors[] = _('Login failed unexpectedly.').' ' + .sprintf(_('Please contact %s and tell the team about this.'), $this->settings['operator_contact_url'], $this->settings['operator_name']); } else { // After update, actually fetch the session row from the DB so we have all values. @@ -510,12 +516,19 @@ class AuthUtils { $style = $head->appendElement('link'); $style->setAttribute('rel', 'stylesheet'); $style->setAttribute('href', 'authsystem.css'); + $style = $head->appendElement('link'); + $style->setAttribute('rel', 'stylesheet'); + $style->setAttribute('href', 'skin/'.$settings['skin'].'/authskin.css'); $head->appendJSFile('authsystem.js'); if ($settings['piwik_enabled']) { $head->setAttribute('data-piwiksite', $settings['piwik_site_id']); $head->setAttribute('data-piwikurl', $settings['piwik_url']); $head->appendJSFile('piwik.js', true, true); } + $icon = $head->appendElement('link'); + $icon->setAttribute('rel', 'shortcut icon'); + $icon->setAttribute('href', 'skin/'.$settings['skin'].'/icon32.png'); + $icon->setAttribute('type', 'image/png'); $title->appendText($titletext); $h1 = $body->appendElement('h1', $headlinetext); diff --git a/app/index.php b/app/index.php index ba0d024..e1be02d 100644 --- a/app/index.php +++ b/app/index.php @@ -10,14 +10,15 @@ $errors = $utils->checkForSecureConnection(); $utils->sendSecurityHeaders(); // Initialize the HTML document with our basic elements. -extract($utils->initHTMLDocument('KaiRo.at Authentication Server')); // sets $document, $html, $head, $title, $body +extract($utils->initHTMLDocument(sprintf(_('%s Authentication Server'), $utils->settings['operator_name']))); // sets $document, $html, $head, $title, $body if (!count($errors)) { $session = $utils->initSession(); // Read session or create new session and set cookie. $user = array('id' => 0, 'email' => ''); $pagetype = 'default'; if (is_null($session)) { - $errors[] = _('The session system is not working.').' '._('Please contact KaiRo.at and tell the team about this.'); + $errors[] = _('The session system is not working.').' ' + .sprintf(_('Please contact %s and tell the team about this.'), $utils->settings['operator_contact_url'], $utils->settings['operator_name']); } elseif (array_key_exists('logout', $_GET)) { $result = $db->prepare('UPDATE `auth_sessions` SET `logged_in` = FALSE WHERE `id` = :sessid;'); @@ -87,7 +88,8 @@ if (!count($errors)) { $result = $db->prepare('INSERT INTO `auth_users` (`email`, `pwdhash`, `status`, `verify_hash`) VALUES (:email, :pwdhash, \'unverified\', :vcode);'); if (!$result->execute(array(':email' => $_POST['email'], ':pwdhash' => $newHash, ':vcode' => $vcode))) { $utils->log('user_insert_failure', 'email: '.$_POST['email'].' - '.$result->errorInfo()[2]); - $errors[] = _('Could not add user.').' '._('Please contact KaiRo.at and tell the team about this.'); + $errors[] = _('Could not add user.').' ' + .sprintf(_('Please contact %s and tell the team about this.'), $utils->settings['operator_contact_url'], $utils->settings['operator_name']); } $user = array('id' => $db->lastInsertId(), 'email' => $_POST['email'], @@ -102,18 +104,18 @@ if (!count($errors)) { $mail->setCharset('utf-8'); $mail->addHeader('X-KAIRO-AUTH', 'email_verification'); $mail->addRecipient($user['email']); - $mail->setSender('noreply@auth.kairo.at', _('KaiRo.at Authentication Service')); - $mail->setSubject('Email Verification for KaiRo.at Authentication'); + $mail->setSender($utils->settings['info_from_email'], sprintf(_('%s Authentication Service'), $utils->settings['operator_name'])); + $mail->setSubject(sprintf(_('Email Verification for %s Authentication'), $utils->settings['operator_name'])); $mail->addMailText(_('Welcome!')."\n\n"); $mail->addMailText(sprintf(_('This email address, %s, has been used for registration on "%s".'), - $user['email'], _('KaiRo.at Authentication Service'))."\n\n"); + $user['email'], sprintf(_('%s Authentication Service'), $utils->settings['operator_name']))."\n\n"); $mail->addMailText(_('Please confirm that registration by clicking the following link (or calling it up in your browser):')."\n"); $mail->addMailText($utils->getDomainBaseURL().strstr($_SERVER['REQUEST_URI'], '?', true) .'?email='.rawurlencode($user['email']).'&verification_code='.rawurlencode($user['verify_hash'])."\n\n"); $mail->addMailText(_('With this confirmation, you accept that we handle your data for the purpose of logging you into other websites when you request that.')."\n"); $mail->addMailText(_('Those websites will get to know your email address but not your password, which we store securely.')."\n"); $mail->addMailText(_('If you do not call this confirmation link within 72 hours, your data will be deleted from our database.')."\n\n"); - $mail->addMailText(sprintf(_('The %s team'), 'KaiRo.at')); + $mail->addMailText(sprintf(_('The %s team'), $utils->settings['operator_name'])); //$mail->setDebugAddress("robert@localhost"); $mailsent = $mail->send(); if ($mailsent) { @@ -121,7 +123,8 @@ if (!count($errors)) { } else { $utils->log('verify_mail_failure', 'user: '.$user['id'].', email: '.$user['email']); - $errors[] = _('The confirmation email could not be sent to you.').' '._('Please contact KaiRo.at and tell the team about this.'); + $errors[] = _('The confirmation email could not be sent to you.').' ' + .sprintf(_('Please contact %s and tell the team about this.'), $utils->settings['operator_contact_url'], $utils->settings['operator_name']); } } else { @@ -130,7 +133,8 @@ if (!count($errors)) { $result = $db->prepare('UPDATE `auth_users` SET `verify_hash` = :vcode WHERE `id` = :userid;'); if (!$result->execute(array(':vcode' => $vcode, ':userid' => $user['id']))) { $utils->log('vhash_set_failure', 'user: '.$user['id']); - $errors[] = _('Could not initiate reset request.').' '._('Please contact KaiRo.at and tell the team about this.'); + $errors[] = _('Could not initiate reset request.').' ' + .sprintf(_('Please contact %s and tell the team about this.'), $utils->settings['operator_contact_url'], $utils->settings['operator_name']); } else { $utils->log('pwd_reset_request', 'user: '.$user['id'].', email: '.$user['email']); @@ -140,16 +144,16 @@ if (!count($errors)) { $mail->setCharset('utf-8'); $mail->addHeader('X-KAIRO-AUTH', 'password_reset'); $mail->addRecipient($user['email']); - $mail->setSender('noreply@auth.kairo.at', _('KaiRo.at Authentication Service')); - $mail->setSubject('How to reset your password for KaiRo.at Authentication'); + $mail->setSender($utils->settings['info_from_email'], sprintf(_('%s Authentication Service'), $utils->settings['operator_name'])); + $mail->setSubject(sprintf(_('How to reset your password for %s Authentication'), $utils->settings['operator_name'])); $mail->addMailText(_('Hi,')."\n\n"); $mail->addMailText(sprintf(_('A request for setting a new password for this email address, %s, has been submitted on "%s".'), - $user['email'], _('KaiRo.at Authentication Service'))."\n\n"); + $user['email'], sprintf(_('%s Authentication Service'), $utils->settings['operator_name']))."\n\n"); $mail->addMailText(_('You can set a new password by clicking the following link (or calling it up in your browser):')."\n"); $mail->addMailText($utils->getDomainBaseURL().strstr($_SERVER['REQUEST_URI'], '?', true) .'?email='.rawurlencode($user['email']).'&reset_code='.rawurlencode($resetcode)."\n\n"); $mail->addMailText(_('If you do not call this confirmation link within 1 hour, this link expires and the existing password is being kept in place.')."\n\n"); - $mail->addMailText(sprintf(_('The %s team'), 'KaiRo.at')); + $mail->addMailText(sprintf(_('The %s team'), $utils->settings['operator_name'])); //$mail->setDebugAddress("robert@localhost"); $mailsent = $mail->send(); if ($mailsent) { @@ -157,7 +161,8 @@ if (!count($errors)) { } else { $utils->log('pwd_reset_mail_failure', 'user: '.$user['id'].', email: '.$user['email']); - $errors[] = _('The email with password reset instructions could not be sent to you.').' '._('Please contact KaiRo.at and tell the team about this.'); + $errors[] = _('The email with password reset instructions could not be sent to you.').' ' + .sprintf(_('Please contact %s and tell the team about this.'), $utils->settings['operator_contact_url'], $utils->settings['operator_name']); } } } @@ -216,7 +221,8 @@ if (!count($errors)) { $result = $db->prepare('UPDATE `auth_users` SET `verify_hash` = \'\', `status` = \'ok\' WHERE `id` = :userid;'); if (!$result->execute(array(':userid' => $user['id']))) { $utils->log('verification_save_failure', 'user: '.$user['id']); - $errors[] = _('Could not save confirmation.').' '._('Please contact KaiRo.at and tell the team about this.'); + $errors[] = _('Could not save confirmation.').' ' + .sprintf(_('Please contact %s and tell the team about this.'), $utils->settings['operator_contact_url'], $utils->settings['operator_name']); } $pagetype = 'verification_done'; } @@ -277,7 +283,8 @@ if (!count($errors)) { ':scope' => $scope, ':userid' => $user['id']))) { $utils->log('client_save_failure', 'client: '.$clientid); - $errors[] = _('Unexpectedly failed to save new client information.').' '._('Please contact KaiRo.at and tell the team about this.'); + $errors[] = _('Unexpectedly failed to save new client information.').' ' + .sprintf(_('Please contact %s and tell the team about this.'), $utils->settings['operator_contact_url'], $utils->settings['operator_name']); } } if (!count($errors)) { @@ -320,7 +327,8 @@ if (!count($errors)) { $result = $db->prepare('UPDATE `auth_users` SET `pwdhash` = :pwdhash, `verify_hash` = \'\' WHERE `id` = :userid;'); if (!$result->execute(array(':pwdhash' => $newHash, ':userid' => $session['user']))) { $utils->log('pwd_reset_failure', 'user: '.$session['user']); - $errors[] = _('Password reset failed.').' '._('Please contact KaiRo.at and tell the team about this.'); + $errors[] = _('Password reset failed.').' ' + .sprintf(_('Please contact %s and tell the team about this.'), $utils->settings['operator_contact_url'], $utils->settings['operator_name']); } else { $pagetype = 'reset_done'; diff --git a/app/skin/default/authskin.css b/app/skin/default/authskin.css new file mode 100644 index 0000000..02906cb --- /dev/null +++ b/app/skin/default/authskin.css @@ -0,0 +1,30 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this file, + * You can obtain one at http://mozilla.org/MPL/2.0/. */ + +body { + background-color: #FFFFFF; +} + +h1 { + background-color: #404040; + color: #FFFFFF; + background-image: url("logo-100x62.png"); +} + +a:link { color: #0000EE; } +a:visited { color: #8000EE; } +a:hover, a:active { color: #8080FF; } + +table.border { + border-color: #404040; +} +table.border th, table.border td { + border-color: #404040; +} + +.otheremaillinks > a { + background-color: #EEEEEE; +} +.otheremaillinks > a:link, .otheremaillinks > a:visited { color: #BBBBBB; } +.otheremaillinks > a:hover, .otheremaillinks > a:active { color: #808080; } diff --git a/app/skin/default/icon.svg b/app/skin/default/icon.svg new file mode 100644 index 0000000..3f9007e --- /dev/null +++ b/app/skin/default/icon.svg @@ -0,0 +1,170 @@ + + + + + + + + + + + + image/svg+xml + + + + + Openclipart + + + login mini icon + 2008-02-13T10:41:13 + + https://openclipart.org/detail/13847/login-mini-icon-by-artmaster + + + artmaster + + + + + black + entry + icon + login + mini + sign + + + + + + + + + + + diff --git a/app/skin/default/icon32.png b/app/skin/default/icon32.png new file mode 100644 index 0000000..f177927 Binary files /dev/null and b/app/skin/default/icon32.png differ diff --git a/app/skin/default/logo-100x62.png b/app/skin/default/logo-100x62.png new file mode 100644 index 0000000..8424a5d Binary files /dev/null and b/app/skin/default/logo-100x62.png differ diff --git a/etc/kairo/auth_settings.json b/etc/kairo/auth_settings.json index fa4b58b..864ca60 100644 --- a/etc/kairo/auth_settings.json +++ b/etc/kairo/auth_settings.json @@ -8,8 +8,12 @@ "" ], "client_reg_email_whitelist": ["you@example.com"], +"skin": "default", +"operator_name": "AuthServer", +"operator_contact_url": "https://github.com/KaiRo_at/authserver/", +"info_from_email": "noreply@example.com", "piwik_enabled": false, "piwik_url": "/piwik/", "piwik_site_id": 1, -"piwik_tracker_path": "/srv/www/piwik/vendor/piwik/piwik-php-tracker/" +"piwik_tracker_path": "/srv/www/piwik/vendor/piwik/piwik-php-tracker/", }