Separate reset password page

This patch adds separate reset password page. It is a complement to separate login page. It differentiate from reset password capabilities in Web UI's anauthorized dialog by not performing login. This is useful for users who wants only to reset the password and not to use Web UI. And also for users who are using the separate login page. https://fedorahosted.org/freeipa/ticket/2755
author: Petr Vobornik <pvoborni@redhat.com> 2012-06-08 16:38:17 +0200
committer: Petr Vobornik <pvoborni@redhat.com> 2012-06-21 12:46:59 +0200
commit: 1eab43d29244f6e0b8d6f3146317624715d84af7 (patch)
tree: 3c5d8a1c981d569e92b439684a53409ab3d5acbd
parent: f298a20d27701cf617c5b146a2d22c9c94d85bc3 (diff)
download: freeipa-1eab43d29244f6e0b8d6f3146317624715d84af7.tar.gz
freeipa-1eab43d29244f6e0b8d6f3146317624715d84af7.tar.xz
freeipa-1eab43d29244f6e0b8d6f3146317624715d84af7.zip
7 files changed, 251 insertions, 3 deletions
diff --git a/freeipa.spec.in b/freeipa.spec.in
index 7cda33c5f..38e353672 100644
--- a/freeipa.spec.in
+++ b/freeipa.spec.in
@@ -590,6 +590,7 @@ fi
 %{_usr}/share/ipa/ui/index.html
 %{_usr}/share/ipa/ui/login.html
 %{_usr}/share/ipa/ui/logout.html
+%{_usr}/share/ipa/ui/reset_password.html
 %{_usr}/share/ipa/ui/*.ico
 %{_usr}/share/ipa/ui/*.css
 %{_usr}/share/ipa/ui/*.js
@@ -717,6 +718,9 @@ fi
 %ghost %attr(0644,root,apache) %config(noreplace) %{_sysconfdir}/ipa/ca.crt
 
 %changelog
+* Fri Jun 21 2012 Petr Vobornik <pvoborni@redhat.com> - 2.99.0-34
+- Add Web UI reset password pages
+
 * Wed Jun 20 2012 Ondrej Hamada <ohamada@redhat.com> - 2.99.0-33
 - Set min for 389-ds-base to 1.2.11.5-1 on F17 to fix installation issue
 - Set min for 389-ds-base to 1.2.10.10-1 on F16 (and lower) to fix CN case persistence
diff --git a/install/ui/Makefile.am b/install/ui/Makefile.am
index e4256de91..ea3a20295 100644
--- a/install/ui/Makefile.am
+++ b/install/ui/Makefile.am
@@ -53,6 +53,8 @@ app_DATA =				\
 	overpass_regular-web.ttf	\
 	overpass_regular-web.woff	\
 	policy.js			\
+	reset_password.js			\
+	reset_password.html			\
 	rule.js 			\
 	search.js 			\
 	selinux.js 			\
diff --git a/install/ui/ipa.css b/install/ui/ipa.css
index c69fc80de..2ce8494ab 100644
--- a/install/ui/ipa.css
+++ b/install/ui/ipa.css
@@ -1569,6 +1569,10 @@ span.sshkey-status, a.sshkey-set {
     width: 450px;
 }
 
+.form-box {
+    padding: 1em 2em;
+}
+
 #error-box, .error-box {
     -moz-border-radius: 0.3em 0.3em 0.3em 0.3em;
     -webkit-border-radius: 0.3em 0.3em 0.3em 0.3em;
@@ -1578,6 +1582,15 @@ span.sshkey-status, a.sshkey-set {
     padding: 1em 2em;
 }
 
+#success-box, .success-box {
+    -moz-border-radius: 0.3em 0.3em 0.3em 0.3em;
+    -webkit-border-radius: 0.3em 0.3em 0.3em 0.3em;
+    background-color: #FFEB80;
+    border: 1px solid #FFDE2E;
+    margin: 0 2em 1em 2em;
+    padding: 1em 2em;
+}
+
 #formwindow h2 {
     background-color: #F0F0F0;
     font-size: 1.6em;
@@ -1619,7 +1632,7 @@ span.sshkey-status, a.sshkey-set {
     box-shadow: inset 0 1px 1px rgba(0, 0, 0, 0.2);
     margin-left: 15px;
     padding: 2px 10px;
-    width: 248px;
+    width: 210px;
 }
 
 #login li label, #modal li label {
diff --git a/install/ui/jsl.conf b/install/ui/jsl.conf
index 3eebda4e8..97789b2f0 100644
--- a/install/ui/jsl.conf
+++ b/install/ui/jsl.conf
@@ -159,3 +159,4 @@
 +process automember.js
 +process webui.js
 +process login.js
++process reset_password.js
diff --git a/install/ui/login.html b/install/ui/login.html
index 9902466a7..69e3dea7f 100644
--- a/install/ui/login.html
+++ b/install/ui/login.html
@@ -30,7 +30,7 @@
 
             <div id="expired" class="error-box" style="display:none">
                 <p><strong>Password expired</strong></p>
-                <p>Please run kinit to reset the password and then try to login again.</p>
+                <p>Please <a href="reset_password.html">reset the password</a> and then try to login again.</p>
                 <p>If the problem persists, contact your administrator.</p>
             </div>
 
@@ -52,7 +52,6 @@
             </form>
         </div>
     </div>
-
 </body>
 
 </html>
diff --git a/install/ui/reset_password.html b/install/ui/reset_password.html
new file mode 100644
index 000000000..423d8e8b2
--- /dev/null
+++ b/install/ui/reset_password.html
@@ -0,0 +1,66 @@
+<!DOCTYPE html>
+<html>
+<head>
+    <meta charset="utf-8">
+    <title>IPA: Identity Policy Audit</title>
+
+    <link rel="stylesheet" type="text/css" href="ipa.css" />
+
+    <script type="text/javascript" src="json2.js"></script>
+    <script type="text/javascript" src="jquery.js"></script>
+    <script type="text/javascript" src="reset_password.js"></script>
+</head>
+
+<body class="info-page login-page">
+
+    <div class="container_1">
+
+        <div class="header-logo">
+            <img src="images/ipa-logo.png" /><img src="images/ipa-banner.png" />
+        </div>
+
+        <div id="formwindow">
+            <h2>Reset password</h2>
+
+            <div id="invalid" class="error-box" style="display:none">
+                <p id="error-msg"></p>
+            </div>
+
+            <div id="success" class="success-box" style="display:none">
+                <p>Password reset was successful.
+                <a id="login-link" href="login.html">Return to login page.</a></p>
+            </div>
+
+            <form id="login">
+                <ul>
+                    <li>
+                        <label for="username">Username:</label>
+                        <input type="text" id="username" name="username" accesskey="u" />
+                    </li>
+                    <li>
+                        <label for="password">Current Password:</label>
+                        <input type="password" id="password" name="password" accesskey="p" />
+                    </li>
+                    <li>
+                        <label for="new_password">New Password:</label>
+                        <input type="password" id="new_password" name="new_password" accesskey="n" />
+                    </li>
+                    <li>
+                        <label for="verify_password">Verify Password:</label>
+                        <input type="password" id="verify_password" name="verify_password" accesskey="v" />
+                    </li>
+                </ul>
+
+                <div class="formbutton">
+                    <input name="submit" value="Reset" type="submit" />
+                </div>
+            </form>
+            <div style="display:none" class="form-box" id="reset_pwd_link">
+                <p><a href="#">Reset password again</a></p>
+            </div>
+        </div>
+    </div>
+
+</body>
+
+</html>
diff --git a/install/ui/reset_password.js b/install/ui/reset_password.js
new file mode 100644
index 000000000..5d828afac
--- /dev/null
+++ b/install/ui/reset_password.js
@@ -0,0 +1,163 @@
+/*  Authors:
+ *    Petr Vobornik <pvoborni@redhat.com>
+ *
+ * Copyright (C) 2010 Red Hat
+ * see file 'COPYING' for use and warranty information
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+var RP = {}; //Reset Password Page
+
+RP.reset_password = function(username, old_password, new_password) {
+
+    //possible results: 'ok', 'invalid-password', 'policy-error'
+
+    var status, result, reason, invalid, failure, data, request;
+
+    status = 'invalid';
+    result = {
+        status: status,
+        message: "Password reset was not successful."
+    };
+
+    function success_handler(data, text_status, xhr) {
+
+        result.status = xhr.getResponseHeader("X-IPA-Pwchange-Result") || status;
+
+        if (result.status === 'policy-error') {
+            result.message = xhr.getResponseHeader("X-IPA-Pwchange-Policy-Error");
+        } else if (result.status === 'invalid-password') {
+            result.message = "The password or username you entered is incorrect.";
+        }
+
+        return result;
+    }
+
+    function error_handler(xhr, text_status, error_thrown) {
+        return result;
+    }
+
+    data = {
+        user: username,
+        old_password: old_password,
+        new_password: new_password
+    };
+
+    request = {
+        url: '/ipa/session/change_password',
+        data: data,
+        contentType: 'application/x-www-form-urlencoded',
+        processData: true,
+        dataType: 'html',
+        async: false,
+        type: 'POST',
+        success: success_handler,
+        error: error_handler
+    };
+
+    $.ajax(request);
+
+    return result;
+};
+
+RP.verify_required = function(field, value) {
+
+    var valid = true;
+
+    if (!value || value === '') {
+        valid = false;
+        RP.show_error(field +" is required");
+    }
+
+    return valid;
+};
+
+
+RP.on_submit = function() {
+
+    var username = $('#username').val();
+    var current_password = $('#password').val();
+    var new_password = $('#new_password').val();
+    var verify_password = $('#verify_password').val();
+
+    if (!RP.verify_required('Username', username)) return;
+    if (!RP.verify_required('Current Password', current_password)) return;
+    if (!RP.verify_required('New Password', new_password)) return;
+    if (!RP.verify_required('Verify Password', verify_password)) return;
+
+    if (new_password !== verify_password) {
+        RP.show_error("Passwords must match");
+        return;
+    }
+
+    var result = RP.reset_password(username, current_password, new_password);
+
+    if (result.status !== 'ok') {
+        RP.show_error(result.message);
+    } else {
+        RP.reset_form();
+        $('#success').css('display', 'block');
+        $('#login-link').focus();
+        RP.hide_reset_form();
+    }
+};
+
+RP.reset_form = function() {
+    $('#invalid').css('display', 'none');
+    $('#success').css('display', 'none');
+    $('#password').val('');
+    $('#new_password').val('');
+    $('#verify_password').val('');
+};
+
+RP.show_error = function(message) {
+
+    $('#error-msg').text(message);
+    $('#invalid').css('display', 'block');
+    $('#success').css('display', 'none');
+};
+
+RP.hide_reset_form = function() {
+
+    RP.form.hide();
+    RP.reset_link.show();
+};
+
+RP.show_reset_form = function() {
+
+    RP.reset_form();
+    RP.form.show();
+    RP.reset_link.hide();
+};
+
+RP.init = function() {
+
+    RP.form = $('#login');
+    RP.reset_link = $('#reset_pwd_link');
+    RP.reset_link.click(function() {
+        RP.show_reset_form();
+        return false;
+    });
+
+    $('input[name=submit]', RP.form).click(function() {
+        RP.on_submit();
+        return false;
+    });
+};
+
+/* main (document onready event handler) */
+$(function() {
+    RP.init();
+});
author	Petr Vobornik <pvoborni@redhat.com>	2012-06-08 16:38:17 +0200
committer	Petr Vobornik <pvoborni@redhat.com>	2012-06-21 12:46:59 +0200
commit	1eab43d29244f6e0b8d6f3146317624715d84af7 (patch)
tree	3c5d8a1c981d569e92b439684a53409ab3d5acbd
parent	f298a20d27701cf617c5b146a2d22c9c94d85bc3 (diff)
download	freeipa-1eab43d29244f6e0b8d6f3146317624715d84af7.tar.gz freeipa-1eab43d29244f6e0b8d6f3146317624715d84af7.tar.xz freeipa-1eab43d29244f6e0b8d6f3146317624715d84af7.zip