##// END OF EJS Templates
jro_apps » redmine
RSS
Log failed user logins to the Rails logger...
Eric Davis -
r3297:d2baf5f2a7b0
parent child
Show More
Side by Side Unified
Context file:
r3297:d2baf5f2a7b0 Loading diff...:
Show file before | Show file after | Hide comments
@@ -1,263 +1,264
1 # Redmine - project management software
1 # Redmine - project management software
2 # Copyright (C) 2006-2009 Jean-Philippe Lang
2 # Copyright (C) 2006-2009 Jean-Philippe Lang
3 #
3 #
4 # This program is free software; you can redistribute it and/or
4 # This program is free software; you can redistribute it and/or
5 # modify it under the terms of the GNU General Public License
5 # modify it under the terms of the GNU General Public License
6 # as published by the Free Software Foundation; either version 2
6 # as published by the Free Software Foundation; either version 2
7 # of the License, or (at your option) any later version.
7 # of the License, or (at your option) any later version.
8 #
8 #
9 # This program is distributed in the hope that it will be useful,
9 # This program is distributed in the hope that it will be useful,
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 # GNU General Public License for more details.
12 # GNU General Public License for more details.
13 #
13 #
14 # You should have received a copy of the GNU General Public License
14 # You should have received a copy of the GNU General Public License
15 # along with this program; if not, write to the Free Software
15 # along with this program; if not, write to the Free Software
16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
17
17
18 class AccountController < ApplicationController
18 class AccountController < ApplicationController
19 helper :custom_fields
19 helper :custom_fields
20 include CustomFieldsHelper
20 include CustomFieldsHelper
21
21
22 # prevents login action to be filtered by check_if_login_required application scope filter
22 # prevents login action to be filtered by check_if_login_required application scope filter
23 skip_before_filter :check_if_login_required
23 skip_before_filter :check_if_login_required
24
24
25 # Login request and validation
25 # Login request and validation
26 def login
26 def login
27 if request.get?
27 if request.get?
28 # Logout user
28 # Logout user
29 self.logged_user = nil
29 self.logged_user = nil
30 else
30 else
31 # Authenticate user
31 # Authenticate user
32 if Setting.openid? && using_open_id?
32 if Setting.openid? && using_open_id?
33 open_id_authenticate(params[:openid_url])
33 open_id_authenticate(params[:openid_url])
34 else
34 else
35 password_authentication
35 password_authentication
36 end
36 end
37 end
37 end
38 end
38 end
39
39
40 # Log out current user and redirect to welcome page
40 # Log out current user and redirect to welcome page
41 def logout
41 def logout
42 cookies.delete :autologin
42 cookies.delete :autologin
43 Token.delete_all(["user_id = ? AND action = ?", User.current.id, 'autologin']) if User.current.logged?
43 Token.delete_all(["user_id = ? AND action = ?", User.current.id, 'autologin']) if User.current.logged?
44 self.logged_user = nil
44 self.logged_user = nil
45 redirect_to home_url
45 redirect_to home_url
46 end
46 end
47
47
48 # Enable user to choose a new password
48 # Enable user to choose a new password
49 def lost_password
49 def lost_password
50 redirect_to(home_url) && return unless Setting.lost_password?
50 redirect_to(home_url) && return unless Setting.lost_password?
51 if params[:token]
51 if params[:token]
52 @token = Token.find_by_action_and_value("recovery", params[:token])
52 @token = Token.find_by_action_and_value("recovery", params[:token])
53 redirect_to(home_url) && return unless @token and !@token.expired?
53 redirect_to(home_url) && return unless @token and !@token.expired?
54 @user = @token.user
54 @user = @token.user
55 if request.post?
55 if request.post?
56 @user.password, @user.password_confirmation = params[:new_password], params[:new_password_confirmation]
56 @user.password, @user.password_confirmation = params[:new_password], params[:new_password_confirmation]
57 if @user.save
57 if @user.save
58 @token.destroy
58 @token.destroy
59 flash[:notice] = l(:notice_account_password_updated)
59 flash[:notice] = l(:notice_account_password_updated)
60 redirect_to :action => 'login'
60 redirect_to :action => 'login'
61 return
61 return
62 end
62 end
63 end
63 end
64 render :template => "account/password_recovery"
64 render :template => "account/password_recovery"
65 return
65 return
66 else
66 else
67 if request.post?
67 if request.post?
68 user = User.find_by_mail(params[:mail])
68 user = User.find_by_mail(params[:mail])
69 # user not found in db
69 # user not found in db
70 (flash.now[:error] = l(:notice_account_unknown_email); return) unless user
70 (flash.now[:error] = l(:notice_account_unknown_email); return) unless user
71 # user uses an external authentification
71 # user uses an external authentification
72 (flash.now[:error] = l(:notice_can_t_change_password); return) if user.auth_source_id
72 (flash.now[:error] = l(:notice_can_t_change_password); return) if user.auth_source_id
73 # create a new token for password recovery
73 # create a new token for password recovery
74 token = Token.new(:user => user, :action => "recovery")
74 token = Token.new(:user => user, :action => "recovery")
75 if token.save
75 if token.save
76 Mailer.deliver_lost_password(token)
76 Mailer.deliver_lost_password(token)
77 flash[:notice] = l(:notice_account_lost_email_sent)
77 flash[:notice] = l(:notice_account_lost_email_sent)
78 redirect_to :action => 'login'
78 redirect_to :action => 'login'
79 return
79 return
80 end
80 end
81 end
81 end
82 end
82 end
83 end
83 end
84
84
85 # User self-registration
85 # User self-registration
86 def register
86 def register
87 redirect_to(home_url) && return unless Setting.self_registration? || session[:auth_source_registration]
87 redirect_to(home_url) && return unless Setting.self_registration? || session[:auth_source_registration]
88 if request.get?
88 if request.get?
89 session[:auth_source_registration] = nil
89 session[:auth_source_registration] = nil
90 @user = User.new(:language => Setting.default_language)
90 @user = User.new(:language => Setting.default_language)
91 else
91 else
92 @user = User.new(params[:user])
92 @user = User.new(params[:user])
93 @user.admin = false
93 @user.admin = false
94 @user.status = User::STATUS_REGISTERED
94 @user.status = User::STATUS_REGISTERED
95 if session[:auth_source_registration]
95 if session[:auth_source_registration]
96 @user.status = User::STATUS_ACTIVE
96 @user.status = User::STATUS_ACTIVE
97 @user.login = session[:auth_source_registration][:login]
97 @user.login = session[:auth_source_registration][:login]
98 @user.auth_source_id = session[:auth_source_registration][:auth_source_id]
98 @user.auth_source_id = session[:auth_source_registration][:auth_source_id]
99 if @user.save
99 if @user.save
100 session[:auth_source_registration] = nil
100 session[:auth_source_registration] = nil
101 self.logged_user = @user
101 self.logged_user = @user
102 flash[:notice] = l(:notice_account_activated)
102 flash[:notice] = l(:notice_account_activated)
103 redirect_to :controller => 'my', :action => 'account'
103 redirect_to :controller => 'my', :action => 'account'
104 end
104 end
105 else
105 else
106 @user.login = params[:user][:login]
106 @user.login = params[:user][:login]
107 @user.password, @user.password_confirmation = params[:password], params[:password_confirmation]
107 @user.password, @user.password_confirmation = params[:password], params[:password_confirmation]
108
108
109 case Setting.self_registration
109 case Setting.self_registration
110 when '1'
110 when '1'
111 register_by_email_activation(@user)
111 register_by_email_activation(@user)
112 when '3'
112 when '3'
113 register_automatically(@user)
113 register_automatically(@user)
114 else
114 else
115 register_manually_by_administrator(@user)
115 register_manually_by_administrator(@user)
116 end
116 end
117 end
117 end
118 end
118 end
119 end
119 end
120
120
121 # Token based account activation
121 # Token based account activation
122 def activate
122 def activate
123 redirect_to(home_url) && return unless Setting.self_registration? && params[:token]
123 redirect_to(home_url) && return unless Setting.self_registration? && params[:token]
124 token = Token.find_by_action_and_value('register', params[:token])
124 token = Token.find_by_action_and_value('register', params[:token])
125 redirect_to(home_url) && return unless token and !token.expired?
125 redirect_to(home_url) && return unless token and !token.expired?
126 user = token.user
126 user = token.user
127 redirect_to(home_url) && return unless user.status == User::STATUS_REGISTERED
127 redirect_to(home_url) && return unless user.status == User::STATUS_REGISTERED
128 user.status = User::STATUS_ACTIVE
128 user.status = User::STATUS_ACTIVE
129 if user.save
129 if user.save
130 token.destroy
130 token.destroy
131 flash[:notice] = l(:notice_account_activated)
131 flash[:notice] = l(:notice_account_activated)
132 end
132 end
133 redirect_to :action => 'login'
133 redirect_to :action => 'login'
134 end
134 end
135
135
136 private
136 private
137
137
138 def password_authentication
138 def password_authentication
139 user = User.try_to_login(params[:username], params[:password])
139 user = User.try_to_login(params[:username], params[:password])
140
140
141 if user.nil?
141 if user.nil?
142 invalid_credentials
142 invalid_credentials
143 elsif user.new_record?
143 elsif user.new_record?
144 onthefly_creation_failed(user, {:login => user.login, :auth_source_id => user.auth_source_id })
144 onthefly_creation_failed(user, {:login => user.login, :auth_source_id => user.auth_source_id })
145 else
145 else
146 # Valid user
146 # Valid user
147 successful_authentication(user)
147 successful_authentication(user)
148 end
148 end
149 end
149 end
150
150
151
151
152 def open_id_authenticate(openid_url)
152 def open_id_authenticate(openid_url)
153 authenticate_with_open_id(openid_url, :required => [:nickname, :fullname, :email], :return_to => signin_url) do |result, identity_url, registration|
153 authenticate_with_open_id(openid_url, :required => [:nickname, :fullname, :email], :return_to => signin_url) do |result, identity_url, registration|
154 if result.successful?
154 if result.successful?
155 user = User.find_or_initialize_by_identity_url(identity_url)
155 user = User.find_or_initialize_by_identity_url(identity_url)
156 if user.new_record?
156 if user.new_record?
157 # Self-registration off
157 # Self-registration off
158 redirect_to(home_url) && return unless Setting.self_registration?
158 redirect_to(home_url) && return unless Setting.self_registration?
159
159
160 # Create on the fly
160 # Create on the fly
161 user.login = registration['nickname'] unless registration['nickname'].nil?
161 user.login = registration['nickname'] unless registration['nickname'].nil?
162 user.mail = registration['email'] unless registration['email'].nil?
162 user.mail = registration['email'] unless registration['email'].nil?
163 user.firstname, user.lastname = registration['fullname'].split(' ') unless registration['fullname'].nil?
163 user.firstname, user.lastname = registration['fullname'].split(' ') unless registration['fullname'].nil?
164 user.random_password
164 user.random_password
165 user.status = User::STATUS_REGISTERED
165 user.status = User::STATUS_REGISTERED
166
166
167 case Setting.self_registration
167 case Setting.self_registration
168 when '1'
168 when '1'
169 register_by_email_activation(user) do
169 register_by_email_activation(user) do
170 onthefly_creation_failed(user)
170 onthefly_creation_failed(user)
171 end
171 end
172 when '3'
172 when '3'
173 register_automatically(user) do
173 register_automatically(user) do
174 onthefly_creation_failed(user)
174 onthefly_creation_failed(user)
175 end
175 end
176 else
176 else
177 register_manually_by_administrator(user) do
177 register_manually_by_administrator(user) do
178 onthefly_creation_failed(user)
178 onthefly_creation_failed(user)
179 end
179 end
180 end
180 end
181 else
181 else
182 # Existing record
182 # Existing record
183 if user.active?
183 if user.active?
184 successful_authentication(user)
184 successful_authentication(user)
185 else
185 else
186 account_pending
186 account_pending
187 end
187 end
188 end
188 end
189 end
189 end
190 end
190 end
191 end
191 end
192
192
193 def successful_authentication(user)
193 def successful_authentication(user)
194 # Valid user
194 # Valid user
195 self.logged_user = user
195 self.logged_user = user
196 # generate a key and set cookie if autologin
196 # generate a key and set cookie if autologin
197 if params[:autologin] && Setting.autologin?
197 if params[:autologin] && Setting.autologin?
198 token = Token.create(:user => user, :action => 'autologin')
198 token = Token.create(:user => user, :action => 'autologin')
199 cookies[:autologin] = { :value => token.value, :expires => 1.year.from_now }
199 cookies[:autologin] = { :value => token.value, :expires => 1.year.from_now }
200 end
200 end
201 call_hook(:controller_account_success_authentication_after, {:user => user })
201 call_hook(:controller_account_success_authentication_after, {:user => user })
202 redirect_back_or_default :controller => 'my', :action => 'page'
202 redirect_back_or_default :controller => 'my', :action => 'page'
203 end
203 end
204
204
205 # Onthefly creation failed, display the registration form to fill/fix attributes
205 # Onthefly creation failed, display the registration form to fill/fix attributes
206 def onthefly_creation_failed(user, auth_source_options = { })
206 def onthefly_creation_failed(user, auth_source_options = { })
207 @user = user
207 @user = user
208 session[:auth_source_registration] = auth_source_options unless auth_source_options.empty?
208 session[:auth_source_registration] = auth_source_options unless auth_source_options.empty?
209 render :action => 'register'
209 render :action => 'register'
210 end
210 end
211
211
212 def invalid_credentials
212 def invalid_credentials
213 logger.warn "Failed login for '#{params[:username]}' from #{request.remote_ip} at #{Time.now.utc}"
213 flash.now[:error] = l(:notice_account_invalid_creditentials)
214 flash.now[:error] = l(:notice_account_invalid_creditentials)
214 end
215 end
215
216
216 # Register a user for email activation.
217 # Register a user for email activation.
217 #
218 #
218 # Pass a block for behavior when a user fails to save
219 # Pass a block for behavior when a user fails to save
219 def register_by_email_activation(user, &block)
220 def register_by_email_activation(user, &block)
220 token = Token.new(:user => user, :action => "register")
221 token = Token.new(:user => user, :action => "register")
221 if user.save and token.save
222 if user.save and token.save
222 Mailer.deliver_register(token)
223 Mailer.deliver_register(token)
223 flash[:notice] = l(:notice_account_register_done)
224 flash[:notice] = l(:notice_account_register_done)
224 redirect_to :action => 'login'
225 redirect_to :action => 'login'
225 else
226 else
226 yield if block_given?
227 yield if block_given?
227 end
228 end
228 end
229 end
229
230
230 # Automatically register a user
231 # Automatically register a user
231 #
232 #
232 # Pass a block for behavior when a user fails to save
233 # Pass a block for behavior when a user fails to save
233 def register_automatically(user, &block)
234 def register_automatically(user, &block)
234 # Automatic activation
235 # Automatic activation
235 user.status = User::STATUS_ACTIVE
236 user.status = User::STATUS_ACTIVE
236 user.last_login_on = Time.now
237 user.last_login_on = Time.now
237 if user.save
238 if user.save
238 self.logged_user = user
239 self.logged_user = user
239 flash[:notice] = l(:notice_account_activated)
240 flash[:notice] = l(:notice_account_activated)
240 redirect_to :controller => 'my', :action => 'account'
241 redirect_to :controller => 'my', :action => 'account'
241 else
242 else
242 yield if block_given?
243 yield if block_given?
243 end
244 end
244 end
245 end
245
246
246 # Manual activation by the administrator
247 # Manual activation by the administrator
247 #
248 #
248 # Pass a block for behavior when a user fails to save
249 # Pass a block for behavior when a user fails to save
249 def register_manually_by_administrator(user, &block)
250 def register_manually_by_administrator(user, &block)
250 if user.save
251 if user.save
251 # Sends an email to the administrators
252 # Sends an email to the administrators
252 Mailer.deliver_account_activation_request(user)
253 Mailer.deliver_account_activation_request(user)
253 account_pending
254 account_pending
254 else
255 else
255 yield if block_given?
256 yield if block_given?
256 end
257 end
257 end
258 end
258
259
259 def account_pending
260 def account_pending
260 flash[:notice] = l(:notice_account_pending)
261 flash[:notice] = l(:notice_account_pending)
261 redirect_to :action => 'login'
262 redirect_to :action => 'login'
262 end
263 end
263 end
264 end
General Comments 0
You need to be logged in to leave comments. Login now