diff --git a/code/forms/UsernameOrEmailLoginForm.php b/code/forms/UsernameOrEmailLoginForm.php
index 4fafaf7..f0139f0 100755
--- a/code/forms/UsernameOrEmailLoginForm.php
+++ b/code/forms/UsernameOrEmailLoginForm.php
@@ -7,80 +7,20 @@ class UsernameOrEmailLoginForm extends MemberLoginForm
public function __construct($controller, $name, $fields = null, $actions = null, $checkCurrentUser = true)
{
- $form_action_url = Controller::join_links(
- BASE_URL,
- "Security",
- $name
- );
-
- $lost_password_url = Controller::join_links(
- BASE_URL,
- "Security",
- "lostpassword"
- );
-
- if (isset($_REQUEST['BackURL'])) {
- $backURL = $_REQUEST['BackURL'];
- } else {
- $backURL = Session::get('BackURL');
- }
-
- $fields = new FieldList(
- HiddenField::create(
- "AuthenticationMethod",
- null,
- $this->authenticator_class,
- $this
- ),
- $identity_field = TextField::create(
- 'Identity',
- _t('AuthUsernameOrEmail.UsernameOrEmail', 'Username or Email')
- ),
- PasswordField::create(
- "Password",
- _t('Member.PASSWORD', 'Password')
- )
- );
-
- if(!Security::config()->remember_username) {
- // Some browsers won't respect this attribute unless it's added to the form
- $this->setAttribute('autocomplete', 'off');
- $identity_field->setAttribute('autocomplete', 'off');
- }
-
- if(Security::config()->autologin_enabled) {
- $fields->push(new CheckboxField(
- "Remember",
- _t('Member.REMEMBERME', "Remember me?")
- ));
- }
-
-
- if (isset($backURL)) {
- $fields->push(new HiddenField('BackURL', 'BackURL', $backURL));
- }
-
- $actions = new FieldList(
- FormAction::create('dologin', _t('Member.BUTTONLOGIN', "Log in")),
- LiteralField::create(
- 'forgotPassword',
- ''
- . _t('Member.BUTTONLOSTPASSWORD', "I've lost my password") . '
'
- )
- );
-
- // Reduce attack surface by enforcing POST requests
- $this->setFormMethod('POST', true);
-
- // LoginForm does its magic
parent::__construct($controller, $name, $fields, $actions);
- $this
- ->setAttribute("action",$form_action_url);
-
- $this
- ->setValidator(RequiredFields::create('Identity', 'Password'));
+ if ($emailField = $this->Fields()->fieldByName("Email")) {
+ $emailField->setTitle(_t('AuthUsernameOrEmail.UsernameOrEmail', 'Username or Email'));
+ }
+ // Focus on the Email input when the page is loaded
+ $js = << 'md5_v2.4',
- 'sha1' => 'sha1_v2.4'
- );
-
/**
* Overwrite standard authentication in order to also look for user ID
* (as well as email)
@@ -47,8 +36,8 @@ protected static function authenticate_member($data, $form, &$success)
}
// Otherwise, get identifier from posted value instead
- if(!$member && !empty($data['Identity'])) {
- $identity = $data['Identity'];
+ if(!$member && !empty($data['Email'])) {
+ $identity = $data['Email'];
}
// Check default login (see Security::setDefaultAdmin())
@@ -72,7 +61,7 @@ protected static function authenticate_member($data, $form, &$success)
// Attempt to identify user
if(!$member && $filter) {
- // Find user by email
+ // Find user by filter (Username or Email)
$member = Member::get()
->filter($filter)
->first();
@@ -97,52 +86,6 @@ protected static function authenticate_member($data, $form, &$success)
return $member;
}
- /**
- * Log login attempt
- * TODO We could handle this with an extension
- *
- * @param array $data
- * @param Member $member
- * @param bool $success
- */
- protected static function record_login_attempt($data, $member, $success) {
- if(!Security::config()->login_recording) return;
-
- // Check email is valid
- $identity = isset($data['Identity']) ? $data['Identity'] : null;
-
- if(is_array($identity)) {
- throw new InvalidArgumentException("Bad email passed to MemberAuthenticator::authenticate(): $identity");
- }
-
- $attempt = new LoginAttempt();
- if($success) {
- // successful login (member is existing with matching password)
- $attempt->MemberID = $member->ID;
- $attempt->Status = 'Success';
-
- // Audit logging hook
- $member->extend('authenticated');
-
- } else {
- // Failed login - we're trying to see if a user exists with this email (disregarding wrong passwords)
- $attempt->Status = 'Failure';
- if($member) {
- // Audit logging hook
- $attempt->MemberID = $member->ID;
- $member->extend('authenticationFailed');
- } else {
- // Audit logging hook
- singleton('Member')->extend('authenticationFailedUnknownUser', $data);
- }
- }
-
- $attempt->Email = $identity;
- $attempt->IP = Controller::curr()->getRequest()->getIP();
- $attempt->write();
- }
-
-
/**
* Tell this Authenticator to use your custom login form
* The 3rd parameter MUST be 'LoginForm' to fit within the authentication
diff --git a/lang/sk.yml b/lang/sk.yml
new file mode 100644
index 0000000..80b3767
--- /dev/null
+++ b/lang/sk.yml
@@ -0,0 +1,6 @@
+sk:
+ AuthUsernameOrEmail:
+ Title: "Používateľské meno"
+ Description: "Slúži na prihlasovanie."
+ UsernameOrEmail: "Používateľské meno alebo e-mail"
+ LoginError: "Poskytnuté detaily vyzerajú byť nesprávne. Prosím skúste opäť."
\ No newline at end of file
diff --git a/tests/UsernameAuthenticatorTest.php b/tests/UsernameAuthenticatorTest.php
index b8b99db..2eeada7 100644
--- a/tests/UsernameAuthenticatorTest.php
+++ b/tests/UsernameAuthenticatorTest.php
@@ -93,7 +93,7 @@ public function testDefaultAdmin()
// Test correct login
$result = UsernameOrEmailAuthenticator::authenticate(array(
- 'Identity' => 'admin',
+ 'Email' => 'admin',
'Password' => 'password'
), $form);
$this->assertNotEmpty($result);
@@ -103,7 +103,7 @@ public function testDefaultAdmin()
// Test incorrect login
$form->clearMessage();
$result = UsernameOrEmailAuthenticator::authenticate(array(
- 'Identity' => 'admin',
+ 'Email' => 'admin',
'Password' => 'notmypassword'
), $form);
$this->assertEmpty($result);
@@ -121,11 +121,11 @@ public function testDefaultAdminLockOut()
// Test correct login
UsernameOrEmailAuthenticator::authenticate(array(
- 'Identity' => 'admin',
+ 'Email' => 'admin',
'Password' => 'wrongpassword'
), $form);
$this->assertTrue(Member::default_admin()->isLockedOut());
$this->assertEquals(Member::default_admin()->LockedOutUntil, '2016-04-18 00:10:00');
}
-}
\ No newline at end of file
+}