Make users who have not yet set their password by time they reach the landing...

Make users who have not yet set their password by time they reach the landing page set their password. issue #1592

Make users who have not yet set their password by time they reach the landing...
Make users who have not yet set their password by time they reach the landing page set their password. issue #1592
de00a20b · Shane Tomlinson · Lloyd Hilaiel · d625a4cd · de00a20b · de00a20b
Commit de00a20b authored 12 years ago by Shane Tomlinson Committed by Lloyd Hilaiel 12 years ago
--- a/resources/static/css/style.css
+++ b/resources/static/css/style.css
@@ -669,7 +669,7 @@ h1 {
  margin-bottom: 10px;
 }
-.siteinfo, #congrats, .password_entry, .enter_password .hint, #unknown_secondary, #primary_verify, .verify_primary .submit {
+.siteinfo, #congrats, .password_entry, #verify_password, .enter_password .hint, #unknown_secondary, #primary_verify, .verify_primary .submit {
  display: none;
 }
@@ -677,7 +677,7 @@ h1 {
  float: left;
 }
-.enter_password .password_entry, .known_secondary .password_entry,
+.enter_password .password_entry, .enter_verify_password #verify_password, .known_secondary .password_entry,
 .unknown_secondary #unknown_secondary, .verify_primary #verify_primary {
  display: block;
 }

--- a/resources/static/pages/verify_secondary_address.js
+++ b/resources/static/pages/verify_secondary_address.js
@@ -17,6 +17,7 @@ BrowserID.verifySecondaryAddress = (function() {
      validation = bid.Validation,
      token,
      sc,
+      needsPassword,
      mustAuth,
      verifyFunction;
@@ -36,7 +37,11 @@ BrowserID.verifySecondaryAddress = (function() {
  function submit(oncomplete) {
    var pass = dom.getInner("#password") || undefined,
-        valid = !mustAuth || validation.password(pass);
+        vpass = dom.getInner("#vpassword") || undefined,
+        valid = (!needsPassword ||
+                    validation.passwordAndValidationPassword(pass, vpass))
+             && (!mustAuth ||
+                    validation.password(pass));
    if (valid) {
      user[verifyFunction](token, pass, function(info) {
@@ -56,13 +61,25 @@ BrowserID.verifySecondaryAddress = (function() {
      if(info) {
        showRegistrationInfo(info);
+        needsPassword = info.needs_password;
        mustAuth = info.must_auth;
-        if (mustAuth) {
+        if (needsPassword) {
+          // This is a fix for legacy users who started the user creation
+          // process without setting their password in the dialog.  If the user
+          // needs a password, they must set it now.  Once all legacy users are
+          // verified or their links invalidated, this flow can be removed.
+          dom.addClass("body", "enter_password");
+          dom.addClass("body", "enter_verify_password");
+          complete(oncomplete, true);
+        }
+        else if (mustAuth) {
+          // These are users who have set their passwords inside of the dialog.
          dom.addClass("body", "enter_password");
          complete(oncomplete, true);
        }
        else {
+          // These are users who do not have to set their passwords at all.
          submit(oncomplete);
        }
      }

--- a/resources/static/test/cases/pages/verify_secondary_address.js
+++ b/resources/static/test/cases/pages/verify_secondary_address.js
@@ -116,6 +116,7 @@
    xhr.useResult("mustAuth");
    createController(config, function() {
      xhr.useResult("valid");
+      testHasClass("body", "enter_password");
      controller.submit(function(status) {
        equal(status, true, "correct status");
        testHasClass("body", "complete");
@@ -134,4 +135,88 @@
    });
  });
+  asyncTest("must set password, successful login", function() {
+    xhr.useResult("needsPassword");
+    createController(config, function() {
+      xhr.useResult("valid");
+      $("#password").val("password");
+      $("#vpassword").val("password");
+      testHasClass("body", "enter_password");
+      testHasClass("body", "enter_verify_password");
+      controller.submit(function(status) {
+        equal(status, true, "correct status");
+        testHasClass("body", "complete");
+        start();
+      });
+    });
+  });
+  asyncTest("must set password, too short a password", function() {
+    xhr.useResult("needsPassword");
+    createController(config, function() {
+      xhr.useResult("valid");
+      $("#password").val("pass");
+      $("#vpassword").val("pass");
+      controller.submit(function(status) {
+        equal(status, false, "correct status");
+        testHelpers.testTooltipVisible();
+        start();
+      });
+    });
+  });
+  asyncTest("must set password, too long a password", function() {
+    xhr.useResult("needsPassword");
+    createController(config, function() {
+      xhr.useResult("valid");
+      var pass = testHelpers.generateString(81);
+      $("#password").val(pass);
+      $("#vpassword").val(pass);
+      controller.submit(function(status) {
+        equal(status, false, "correct status");
+        testHelpers.testTooltipVisible();
+        start();
+      });
+    });
+  });
+  asyncTest("must set password, missing verification password", function() {
+    xhr.useResult("needsPassword");
+    createController(config, function() {
+      xhr.useResult("valid");
+      $("#password").val("password");
+      $("#vpassword").val("");
+      controller.submit(function(status) {
+        equal(status, false, "correct status");
+        testHelpers.testTooltipVisible();
+        start();
+      });
+    });
+  });
+  asyncTest("must set password, mismatched passwords", function() {
+    xhr.useResult("needsPassword");
+    createController(config, function() {
+      xhr.useResult("valid");
+      $("#password").val("password");
+      $("#vpassword").val("password1");
+      controller.submit(function(status) {
+        equal(status, false, "correct status");
+        testHelpers.testTooltipVisible();
+        start();
+      });
+    });
+  });
 }());
--- a/resources/static/test/mocks/xhr.js
+++ b/resources/static/test/mocks/xhr.js
@@ -34,6 +34,7 @@ BrowserID.Mocks.xhr = (function() {
      "get /wsapi/session_context contextAjaxError": undefined,
      "get /wsapi/email_for_token?token=token valid": { email: "testuser@testuser.com" },
      "get /wsapi/email_for_token?token=token mustAuth": { email: "testuser@testuser.com", must_auth: true },
+      "get /wsapi/email_for_token?token=token needsPassword": { email: "testuser@testuser.com", needs_password: true },
      "get /wsapi/email_for_token?token=token invalid": { success: false },
      "post /wsapi/authenticate_user valid": { success: true, userid: 1 },
      "post /wsapi/authenticate_user invalid": { success: false },

--- a/resources/views/add_email_address.ejs
+++ b/resources/views/add_email_address.ejs
@@ -31,6 +31,20 @@
                      <%= gettext('Password must be between 8 and 80 characters long.') %>
                    </div>
                </li>
+                <li class="password_entry" id="verify_password">
+                    <label class="serif" for="vpassword"><%= gettext('Verify Password') %></label>
+                    <input class="sans" id="vpassword" placeholder="<%= gettext('Repeat Password') %>" type="password" maxlength="80">
+                    <div id="vpassword_required" class="tooltip" for="vpassword">
+                      <%= gettext('Verification password is required.') %>
+                    </div>
+                    <div class="tooltip" id="passwords_no_match" for="vpassword">
+                      <%= gettext ('Passwords do not match.') %>
+                    </div>
+                </li>
            </ul>
            <div class="submit cf password_entry">

--- a/resources/views/verify_email_address.ejs
+++ b/resources/views/verify_email_address.ejs
@@ -18,6 +18,7 @@
                    <label class="serif" for="email"><%= gettext('Email Address') %></label>
                    <input class="youraddress sans" id="email" placeholder="<%= gettext('Your Email') %>" type="email" value="" disabled="disabled" maxlength="254" />
                </li>
                <li class="password_entry">
                    <label class="serif" for="password"><%= gettext('Password') %></label>
                    <input class="sans" id="password" placeholder="<%= gettext('Your Password') %>" type="password" autofocus maxlength=80 />
@@ -30,6 +31,20 @@
                      <%= gettext('Password must be between 8 and 80 characters long.') %>
                    </div>
                </li>
+                <li class="password_entry" id="verify_password">
+                    <label class="serif" for="vpassword"><%= gettext('Verify Password') %></label>
+                    <input class="sans" id="vpassword" placeholder="<%= gettext('Repeat Password') %>" type="password" maxlength="80">
+                    <div id="vpassword_required" class="tooltip" for="vpassword">
+                      <%= gettext('Verification password is required.') %>
+                    </div>
+                    <div class="tooltip" id="passwords_no_match" for="vpassword">
+                      <%= gettext ('Passwords do not match.') %>
+                    </div>
+                </li>
            </ul>
            <div class="submit cf password_entry">