Revise the user login code.

* Remove user registration link and popup from the theme; this shouldn't be done in a popup. Use ajaxform to simplify the way that we load the login popup. * Create form.html.php, this is a template for Forge based forms. * Move user validation rules into User_Model and let forms populate the rules into their forms as useful. * Undo r18688's changes regarding the REST code. We should never accept a null resource, this breaks the REST abstraction. * Change login and user controllers to use Forge which lets us delete login.html.php and user.html.php since those now are generated by the theme-owned form template
author: Bharat Mediratta <bharat@menalto.com> 2008-11-15 06:23:09 +0000
committer: Bharat Mediratta <bharat@menalto.com> 2008-11-15 06:23:09 +0000
commit: ae7839ffaada72c522ffcd9b3f4f1cc04027a720 (patch)
tree: 50ce67306eace68cd23c294fc1aa40ba32c03bcc /modules/user/controllers
parent: 26c8772e16b0328358d23ee4c29f9b592e632b28 (diff)
3 files changed, 81 insertions, 44 deletions
diff --git a/modules/user/controllers/login.php b/modules/user/controllers/login.php
index 7c70bb0f..a0e9f403 100644
--- a/modules/user/controllers/login.php
+++ b/modules/user/controllers/login.php
@@ -19,38 +19,29 @@
  */
 class Login_Controller extends Controller {
   public function index() {
-    $form = new Forge();
-    $form->input("username")->rules("required|length[4,32]");
-    $form->password("password")->rules("required|length[5,40]");
-    $form->submit("Login");
-    print $form->render("login.html", true);
-  }
-
-  public function process() {
-    $form = new Forge("login.html", true);
-    $form->input("username")->rules("required|length[4,32]");
-    $form->password("password")->rules("required|length[5,40]");
-    $form->submit("Login");
+    $form = new Forge("login", "", "post", array("id" => "gLogin"));
+    $group = $form->group(_("Login"));
+    $group->input("name")->label(_("Name"))->id("gName")->class(null);
+    $group->password("password")->label(_("Password"))->id("gPassword")->class(null);
+    $group->submit(_("Login"));
+    $form->hidden("continue")->value($this->input->get("continue"));
+    $group->inputs["name"]->error_messages("invalid_login", _("Invalid name or password"));
 
-    $response = array();
     if ($form->validate()) {
-      // Load the user
-      $user = ORM::factory("user")->where("name", $form->username->value)->find();
-      if (!$user->loaded) {
-        $response["error_message"] = _("Invalid username or password");
-      } else {
-        if (user::is_correct_password($user, $form->password->value)) {
-          user::login($user);
-          $response["error_message"] = "";
-        } else {
-          $response["error_message"] = _("Invalid username or password");
+      $user = ORM::factory("user")->where("name", $group->inputs["name"]->value)->find();
+      if ($user->loaded &&
+          user::is_correct_password($user, $group->password->value)) {
+        user::login($user);
+        $continue = $form->hidden["continue"]->value;
+        if ($continue) {
+          url::redirect($form->hidden["continue"]->value);
         }
+        return;
+      } else {
+        $group->inputs["name"]->add_error("invalid_login", 1);
       }
-    } else {
-      $response["error_message"] = _("Invalid username or password");
     }
 
-    print json_encode($response);
+    print $form->render("form.html", false);
   }
-
 }
 \ No newline at end of file
diff --git a/modules/user/controllers/logout.php b/modules/user/controllers/logout.php
index 34f27fff..524c79f8 100644
--- a/modules/user/controllers/logout.php
+++ b/modules/user/controllers/logout.php
@@ -24,6 +24,8 @@ class Logout_Controller extends Controller {
     } catch (Exception $e) {
       Kohana::log("error", $e);
     }
-    print json_encode(array("logout" => true));
+    if ($this->input->get("continue")) {
+      url::redirect($this->input->get("continue"));
+    }
   }
 }
 \ No newline at end of file
diff --git a/modules/user/controllers/user.php b/modules/user/controllers/user.php
index 41cb9da5..a1085ae5 100644
--- a/modules/user/controllers/user.php
+++ b/modules/user/controllers/user.php
@@ -21,24 +21,58 @@ class User_Controller extends REST_Controller {
   protected $resource_type = "user";
 
   /**
+   * Return the form for creating / modifying users.
+   */
+  private function _get_form($user) {
+    $form = new Forge("user/{$user->id}", "", "post", array("id" => "gUser"));
+    $group = $form->group(_("User Info"));
+    $group->input("name")
+      ->label(_("Name"))
+      ->id("gName")
+      ->class(null)
+      ->value($user->name);
+    $group->input("display_name")
+      ->label(_("Display Name"))
+      ->id("gDisplayName")
+      ->class(null)
+      ->value($user->display_name);
+    $group->password("password")
+      ->label(_("Password"))
+      ->id("gPassword")
+      ->class(null);
+    $group->input("email")
+      ->label(_("Email"))
+      ->id("gEmail")
+      ->class(null)
+      ->value($user->email);
+    $group->submit(_("Modify"));
+    $form->hidden("continue")->value($this->input->get("continue"));
+
+    $this->_add_validation_rules(ORM::factory("user")->validation_rules, $form);
+
+    return $form;
+  }
+
+  /**
+   * @todo Refactor this into a more generic location
+   */
+  private function _add_validation_rules($rules, $form) {
+    foreach ($form->inputs as $name => $input) {
+      if (isset($input->inputs)) {
+        $this->_add_validation_rules($rules, $input);
+      }
+      if (isset($rules[$name])) {
+        $input->rules($rules[$name]);
+      }
+    }
+  }
+
+  /**
    * @see Rest_Controller::_get($resource)
    */
   public function _get($user) {
-    $userView = new View("user.html");
-    if (empty($user)) {
-      // @todo remove this when rest_controller is changed to handle a post with no id
-      $user = ORM::factory("user");
-      $user->save();
-      // @todo remove this when rest_controller is changed to handle a post with no id ^
-      $userView->user_id = $user->id;
-      $userView->action = _("User Registration");
-      $userView->button_text = _("Register");
-    } else {
-      $userView->user_id = $user->id;
-      $userView->action = _("User Modify");
-      $userView->button_text = _("Modify");
-    }
-    print $userView;
+    $form = $this->_get_form($user);
+    print $form->render("form.html", false);
   }
 
   /**
@@ -51,7 +85,17 @@ class User_Controller extends REST_Controller {
   /**
    *  @see Rest_Controller::_post($resource)
    */
-  public function _post($resource) {
+  public function _post($user) {
+    $form = $this->_get_form($user);
+    if ($form->validate()) {
+      // @todo if we use the Validation class here, the ORM can just read the inputs directly.  We
+      // need to investigate that.
+      //
+      // @todo
+      // Verify the user input, store it in the object.
+      // Show errors on validation failure.
+      // On success, redirect if there's a form->continue, else show an empty page.
+    }
     throw new Exception("@todo User_Controller::_post NOT IMPLEMENTED");
   }
author	Bharat Mediratta <bharat@menalto.com>	2008-11-15 06:23:09 +0000
committer	Bharat Mediratta <bharat@menalto.com>	2008-11-15 06:23:09 +0000
commit	ae7839ffaada72c522ffcd9b3f4f1cc04027a720 (patch)
tree	50ce67306eace68cd23c294fc1aa40ba32c03bcc /modules/user/controllers
parent	26c8772e16b0328358d23ee4c29f9b592e632b28 (diff)