Nick Clemens
e941dfdc99
This patch adds a new page opac-reset-password where a user cna enter their login (userid or carndumber), current password, and new password. If the user has a password expiration date and the current password is correct and the new passwords match and meet requirements their password will be updated and the expiration date reset A patron whose password does not expire will be reidrected to login to change their password To test: 1 - Apply patch, updatedatabase, enable new syspref EnableExpiredPasswordReset 2 - Set 'Password expiration' for a patron category Home->Administration->Patron categories->Edit 3 - Create a new patron in this category with a userid/password set, and an email 4 - Update the patron with an expiration to be expired UPDATE borrowers SET password_expiration='2022-01-01' WHERE borrowernumber=51; 5 - Give the borrower catalogue permission 6 - Attempt to log in to Straff interface 7 - Confirm you are signed out and notified that password must be reset 8 - Click 'Reset your password' link 9 - You should see the reset password page with fields for: login, current password, new password, conmfirm password 10 - enter invalid/incomplete credentials 11 - Confirm you are notified of invlaid credentials 12 - Fill in all fields, but enter current password as new password 13 - Confirm you are notified of no change 14 - Set minimum password length / strong password requirement for category 15 - Confirm you receive error if new password too short or not secure 16 - Enter a valid new password and submit and confirm update is successful 17 - Confirm you have buttons to go to OPAC or Staff and that both work 18 - Confirm you cna log in (i.e. expiration has been reset) 19 - Expire the users password 20 - Remove catalogue permission 21 - Reset password again and confirm only OPAC link Signed-off-by: Bob Bennhoff <bbennhoff@clicweb.org> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
196 lines
8 KiB
Text
196 lines
8 KiB
Text
[% USE raw %]
|
|
[% USE Asset %]
|
|
[% USE Koha %]
|
|
[% USE Branches %]
|
|
[% USE Desks %]
|
|
[% USE Categories %]
|
|
[% USE Registers %]
|
|
[% SET footerjs = 1 %]
|
|
[% INCLUDE 'doc-head-open.inc' %]
|
|
<title>
|
|
[% IF TwoFA_prompt %]Two-factor authentication[% END %]
|
|
[% IF ( loginprompt ) %]Log in to Koha[% END %]
|
|
[% IF too_many_login_attempts %]This account has been locked.
|
|
[% ELSIF invalid_username_or_password %]Invalid username or password[% END %]
|
|
[% IF ( different_ip ) %]IP address change[% END %]
|
|
[% IF ( timed_out ) %]Session timed out[% END %]
|
|
[% IF ( nopermission ) %]Access denied[% END %] › Koha
|
|
</title>
|
|
[% INCLUDE 'doc-head-close.inc' %]
|
|
</head>
|
|
<body id="main_auth" class="main_main-auth">
|
|
|
|
<div class="main container-fluid">
|
|
|
|
<div id="login">
|
|
<h1><a href="http://koha-community.org">Koha</a></h1>
|
|
[% IF (Koha.Preference('StaffLoginInstructions')) %]<div id="login_instructions">[% Koha.Preference('StaffLoginInstructions') | $raw %]</div>[% END %]
|
|
[% IF ( nopermission ) %]
|
|
<div id="login_error">
|
|
<strong>Error:</strong>
|
|
You do not have permission to access this page.
|
|
</div>
|
|
<p><strong>Log in as a different user</strong></p></h2>
|
|
[% END %]
|
|
|
|
[% IF ( timed_out ) %]
|
|
<div id="login_error"><strong>Error: </strong>Session timed out.<br /> Please log in again</div>
|
|
[% END %]
|
|
|
|
[% IF ( different_ip ) %]
|
|
<div id="login_error"><strong>Error: </strong>IP address has changed. Please log in again </div>
|
|
[% END %]
|
|
|
|
[% IF ( wrongip ) %]
|
|
<div id="login_error"><strong>Error: </strong>Autolocation is switched on and you are logging in with an IP address that doesn't match your library. </div>
|
|
[% END %]
|
|
|
|
[% IF too_many_login_attempts %]
|
|
<div id="login_error"><strong>Error: </strong>This account has been locked!</div>
|
|
[% IF Categories.can_any_reset_password && Koha.Preference('OpacBaseURL') %]
|
|
<a href="[% Koha.Preference('OpacBaseURL') | url %]/cgi-bin/koha/opac-password-recovery.pl">You must reset your password</a>.
|
|
[% END %]
|
|
[% ELSIF password_has_expired %]
|
|
<div id="login_error"><strong>Error: </strong>Your password has expired!</div>
|
|
[% IF Koha.Preference('EnableExpiredPasswordReset') && Koha.Preference('OpacBaseURL') %]
|
|
<a href="[% Koha.Preference('OpacBaseURL') | url %]/cgi-bin/koha/opac-reset-password.pl">You must reset your password</a>.
|
|
[% ELSIF Categories.can_any_reset_password && Koha.Preference('OpacBaseURL') %]
|
|
<a href="[% Koha.Preference('OpacBaseURL') | url %]/cgi-bin/koha/opac-password-recovery.pl">You must reset your password</a>.
|
|
[% ELSE %]
|
|
<p>You must contact the library to have your password reset</p>
|
|
[% END %]
|
|
[% ELSIF invalid_username_or_password %]
|
|
<div id="login_error"><strong>Error: </strong>Invalid username or password</div>
|
|
[% END %]
|
|
|
|
[% IF (shibbolethAuthentication) %]
|
|
<!-- This is what is displayed if shib login has failed -->
|
|
[% IF (invalidShibLogin ) %]
|
|
<div id="login_error"><Strong>Error: </strong>Shibboleth login failed</div>
|
|
[% END %]
|
|
<p><a href="[% shibbolethLoginUrl | $raw %]">Log in using a Shibboleth account</a>.</p>
|
|
[% END %]
|
|
|
|
[% IF !TwoFA_prompt && !Koha.Preference('staffShibOnly') %]
|
|
<!-- login prompt time-->
|
|
<form action="[% script_name | html %]" method="post" name="loginform" id="loginform">
|
|
<input type="hidden" name="koha_login_context" value="intranet" />
|
|
[% FOREACH INPUT IN INPUTS %]
|
|
<input type="hidden" name="[% INPUT.name | html %]" value="[% INPUT.value | html %]" />
|
|
[% END %]
|
|
<p><label for="userid">Username:</label>
|
|
<input type="text" name="userid" id="userid" class="input focus" value="[% userid | html %]" size="20" tabindex="1" autocomplete="off" />
|
|
</p>
|
|
<p><label for="password">Password:</label>
|
|
<input type="password" name="password" id="password" class="input" value="" size="20" tabindex="2" autocomplete="off" />
|
|
</p>
|
|
|
|
[% UNLESS IndependentBranches %]
|
|
<p>
|
|
<label for="branch">Library:</label>
|
|
<select name="branch" id="branch" class="input" tabindex="3">
|
|
<option value="">My library</option>
|
|
[% FOREACH l IN Branches.all( unfiltered => 1 ) %]
|
|
<option value="[% l.branchcode | html %]">[% l.branchname | html %]</option>
|
|
[% END %]
|
|
</select>
|
|
</p>
|
|
|
|
[% IF Koha.Preference('UseCirculationDesks') && Desks.all %]
|
|
<p>
|
|
<label for="desk">Desk:</label>
|
|
<select name="desk_id" id="desk_id" class="input" tabindex="3">
|
|
<option id="nodesk" value="">---</option>
|
|
[% FOREACH d IN Desks.all %]
|
|
<option class="[% d.branchcode | html %]" value="[% d.desk_id | html %]" disabled >[% d.desk_name | html %]</option>
|
|
[% END %]
|
|
</select>
|
|
</p>
|
|
[% END %]
|
|
|
|
[% IF Koha.Preference('UseCashRegisters') && Registers.all().size %]
|
|
<p>
|
|
<label for="register_id">Cash register:</label>
|
|
<select name="register_id" id="register_id" class="input" tabindex="4">
|
|
<option id="noregister" value="" selected="selected">Library default</option>
|
|
[% PROCESS options_for_registers registers => Registers.all() %]
|
|
</select>
|
|
</p>
|
|
[% END %]
|
|
|
|
[% END %]
|
|
|
|
<!-- <p><label><input name="rememberme" type="checkbox" id="rememberme" value="forever" tabindex="3" />Remember me</label></p> -->
|
|
|
|
<p class="submit"><input id="submit-button" type="submit" value="Log in" tabindex="4" /></p>
|
|
</form>
|
|
|
|
[% IF ( casAuthentication ) %]
|
|
<h4>Cas login</h4>
|
|
|
|
[% IF ( invalidCasLogin ) %]
|
|
<!-- This is what is displayed if cas login has failed -->
|
|
<p>Sorry, the CAS login failed.</p>
|
|
[% END %]
|
|
|
|
[% IF ( casServerUrl ) %]
|
|
<p><a href="[% casServerUrl | $raw %]">If you have a CAS account, please click here to login</a>.<p>
|
|
[% END %]
|
|
|
|
[% IF ( casServersLoop ) %]
|
|
<p>If you have a CAS account, please choose against which one you would like to authenticate:</p>
|
|
<ul>
|
|
[% FOREACH casServer IN casServersLoop %]
|
|
<li><a href="[% casServer.value | $raw %]">[% casServer.name | html %]</a></li>
|
|
[% END %]
|
|
[% END %]
|
|
[% END %]
|
|
[% ELSIF TwoFA_prompt %]
|
|
<form action="[% script_name | html %]" method="post" name="loginform" id="loginform">
|
|
<input type="hidden" name="koha_login_context" value="intranet" />
|
|
[% FOREACH INPUT IN INPUTS %]
|
|
<input type="hidden" name="[% INPUT.name | html %]" value="[% INPUT.value | html %]" />
|
|
[% END %]
|
|
[% IF invalid_otp_token %]
|
|
<div id="login_error">Invalid two-factor code</div>
|
|
[% END %]
|
|
|
|
<p>
|
|
<label for="otp_token">Two-factor authentication code:</label>
|
|
<input type="text" name="otp_token" id="otp_token" class="input focus" value="" size="20" tabindex="1" />
|
|
</p>
|
|
<p>
|
|
<input id="submit-button" type="submit" value="Verify code" />
|
|
<a class="cancel" id="logout" href="/cgi-bin/koha/mainpage.pl?logout.x=1">Cancel</a>
|
|
</p>
|
|
|
|
</form>
|
|
[% END %]
|
|
|
|
[% IF ( nopermission ) %]
|
|
<p><a id="previous_page" href="javascript:window.history.back()">[Previous page]</a>
|
|
<a id="mainpage" href="/">[Main page]</a></p>
|
|
[% END %]
|
|
|
|
|
|
<!--<ul> -->
|
|
<!-- <li><a href="/cgi-bin/koha/lostpassword.pl" title="Password lost and found">Lost your password?</a></li> -->
|
|
<!-- </ul> -->
|
|
|
|
</div>
|
|
|
|
[% MACRO jsinclude BLOCK %]
|
|
[% Asset.js("js/desk_selection.js") | $raw %]
|
|
[% Asset.js("js/register_selection.js") | $raw %]
|
|
<script>
|
|
$(document).ready( function() {
|
|
if ( document.location.hash ) {
|
|
$( '#loginform' ).append( '<input name="auth_forwarded_hash" type="hidden" value="' + document.location.hash + '"/>' );
|
|
}
|
|
// Clear last borrowers, rememberd sql reports, carts, etc.
|
|
logOut();
|
|
});
|
|
</script>
|
|
[% END %]
|
|
<!-- the main div is closed in intranet-bottom.inc -->
|
|
[% INCLUDE 'intranet-bottom.inc' %]
|