Koha-community/Koha
13
7
Fork 0
Code Issues Releases Wiki Activity
Koha/koha-tmpl/intranet-tmpl/prog/en/modules/auth.tt
Jonathan Druart 3d8ff90a8f
Bug 32010: Make sure the alert will be displayed after the ajax call 
There is a missing wait_for_ajax call at after we click but wait_for_ajax
is waiting for the return of success, and the alert is there.

22:01:57 koha_1       | STRACE:	/usr/share/perl5/Try/Tiny.pm:123 in Selenium::Remote::Driver::catch {...}
22:01:57 koha_1       | 	/usr/share/perl5/Selenium/Remote/Driver.pm:361 in Try::Tiny::try
22:01:57 koha_1       | 	(eval 541):1 in Selenium::Remote::Driver::__ANON__
22:01:57 koha_1       | 	(eval 543):2 in Selenium::Remote::Driver::__ANON__
22:01:57 koha_1       | 	/usr/share/perl5/Selenium/Remote/Driver.pm:654 in Selenium::Remote::Driver::_execute_command
22:01:57 koha_1       | 	t/db_dependent/selenium/authentication_2fa.t:282 in Selenium::Remote::Driver::get_alert_text
22:01:57 koha_1       | 	/usr/share/perl/5.32/Test/Builder.pm:334 in main::__ANON__
22:01:57 koha_1       | 	/usr/share/perl/5.32/Test/Builder.pm:334 in (eval)
22:01:57 koha_1       | 	/usr/share/perl/5.32/Test/More.pm:809 in Test::Builder::subtest
22:01:57 koha_1       | 	t/db_dependent/selenium/authentication_2fa.t:291 in Test::More::subtest
22:01:57 koha_1       |
22:01:57 koha_1       |     # Looks like you planned 7 tests but ran 4.
22:01:57 koha_1       |
22:01:57 koha_1       | #   Failed test 'Enforce 2FA setup on first login'
22:01:57 koha_1       | #   at t/db_dependent/selenium/authentication_2fa.t line 291.
22:01:57 koha_1       | Error while executing command: no such alert at /usr/share/perl5/Selenium/Remote/Driver.pm line 411.
22:01:57 koha_1       |  at /usr/share/perl5/Selenium/Remote/Driver.pm line 356.
22:01:57 koha_1       | # Looks like your test exited with 255 just after 4.
22:01:57 koha_1       | [20:59:37] t/db_dependent/selenium/authentication_2fa.t

Test plan:
Confirm that the test pass (execute it in a loop, hundreds of times)
Confirm that the behaviour of 2FA "enforced" (see bug 30588) is still
working as expected.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2022-11-18 12:04:28 -03:00

302 lines
13 KiB
Text
Raw Blame History

[% USE raw %]
[% USE Asset %]
[% USE Koha %]
[% USE Branches %]
[% USE Desks %]
[% USE Categories %]
[% USE Registers %]
[% USE AuthClient %]
[% SET footerjs = 1 %]
[% INCLUDE 'doc-head-open.inc' %]
<title>
[% IF TwoFA_prompt %]Two-factor authentication[% END %]
[% IF TwoFA_setup %]Two-factor authentication setup[% END %]
[% IF ( loginprompt ) %]Log in to Koha[% END %]
[% IF too_many_login_attempts %]This account has been locked.
[% ELSIF invalid_username_or_password %]Invalid username or password[% END %]
[% IF ( different_ip ) %]IP address change[% END %]
[% IF ( timed_out ) %]Session timed out[% END %]
[% IF ( nopermission ) %]Access denied[% END %]
[% IF ( auth_error ) %]Error authenticating in external provider[% END %] &rsaquo; Koha
</title>
[% INCLUDE 'doc-head-close.inc' %]
[% PROCESS 'auth-two-factor.inc' %]
</head>
<body id="main_auth" class="main_main-auth">
<div class="main container-fluid">
<div id="login">
<h1><a href="http://koha-community.org">Koha</a></h1>
[% IF (Koha.Preference('StaffLoginInstructions')) %]<div id="login_instructions">[% Koha.Preference('StaffLoginInstructions') | $raw %]</div>[% END %]
[% IF ( nopermission ) %]
<div id="login_error">
<strong>Error:</strong>
You do not have permission to access this page.
</div>
<p><strong>Log in as a different user</strong></p></h2>
[% END %]
[% IF ( timed_out ) %]
<div id="login_error"><strong>Error: </strong>Session timed out.<br /> Please log in again</div>
[% END %]
[% IF ( different_ip ) %]
<div id="login_error"><strong>Error: </strong>IP address has changed. Please log in again </div>
[% END %]
[% IF ( wrongip ) %]
<div id="login_error"><strong>Error: </strong>Autolocation is switched on and you are logging in with an IP address that doesn't match your library. </div>
[% END %]
[% IF too_many_login_attempts %]
<div id="login_error"><strong>Error: </strong>This account has been locked!</div>
[% IF Categories.can_any_reset_password && Koha.Preference('OpacBaseURL') %]
<a href="[% Koha.Preference('OpacBaseURL') | url %]/cgi-bin/koha/opac-password-recovery.pl">You must reset your password</a>.
[% END %]
[% ELSIF password_has_expired %]
<div id="login_error"><strong>Error: </strong>Your password has expired!</div>
[% IF Koha.Preference('EnableExpiredPasswordReset') && Koha.Preference('OpacBaseURL') %]
<a href="[% Koha.Preference('OpacBaseURL') | url %]/cgi-bin/koha/opac-reset-password.pl">You must reset your password</a>.
[% ELSIF Categories.can_any_reset_password && Koha.Preference('OpacBaseURL') %]
<a href="[% Koha.Preference('OpacBaseURL') | url %]/cgi-bin/koha/opac-password-recovery.pl">You must reset your password</a>.
[% ELSE %]
<p>You must contact the library to reset your password</p>
[% END %]
[% ELSIF invalid_username_or_password %]
<div id="login_error"><strong>Error: </strong>Invalid username or password</div>
[% END %]
[% IF auth_error %]
<div id="login_error" class="alert alert-danger">
<p>There was an error authenticating to external identity provider</p>
<p>[% auth_error | html %]</p>
</div>
[% END %]
[% IF (shibbolethAuthentication) %]
<!-- This is what is displayed if shib login has failed -->
[% IF (invalidShibLogin ) %]
<div id="login_error"><Strong>Error: </strong>Shibboleth login failed</div>
[% END %]
<p><a href="[% shibbolethLoginUrl | $raw %]">Log in using a Shibboleth account</a>.</p>
[% END %]
[% IF !TwoFA_prompt && !TwoFA_setup && !Koha.Preference('staffShibOnly') %]
<!-- login prompt time-->
[% SET identity_providers = AuthClient.get_providers('staff') %]
[% IF ( ! identity_providers.empty ) %]
[% FOREACH provider IN identity_providers %]
<p class="clearfix">
<a href="[% provider.url | url %]" class="btn btn-light col-xs-12" id="provider_[% provider.code | html %]">
[% IF provider.icon_url %]
<img src="[% provider.icon_url | url %]" style="max-height: 20px; max-width: 20px;"/>
[% ELSE %]
<i class="fa fa-user" aria-hidden="true"></i>
[% END %]
Log in with [% provider.description | html %]
</a>
</p>
[% END %]
<hr/>
<p>If you do not have an external account, but do have a local account, you can still log in: </p>
[% END # /IF identity_providers.size %]
<form action="[% script_name | html %]" method="post" name="loginform" id="loginform">
<input type="hidden" name="koha_login_context" value="intranet" />
[% FOREACH INPUT IN INPUTS %]
<input type="hidden" name="[% INPUT.name | html %]" value="[% INPUT.value | html %]" />
[% END %]
<p><label for="userid">Username:</label>
<input type="text" name="userid" id="userid" class="input focus" value="[% userid | html %]" size="20" tabindex="1" autocomplete="off" />
</p>
<p><label for="password">Password:</label>
<input type="password" name="password" id="password" class="input" value="" size="20" tabindex="2" autocomplete="off" />
</p>
[% UNLESS IndependentBranches %]
<p>
<label for="branch">Library:</label>
<select name="branch" id="branch" class="input" tabindex="3">
<option value="">My library</option>
[% FOREACH l IN Branches.all( unfiltered => 1 ) %]
<option value="[% l.branchcode | html %]">[% l.branchname | html %]</option>
[% END %]
</select>
</p>
[% IF Koha.Preference('UseCirculationDesks') && Desks.all %]
<p>
<label for="desk">Desk:</label>
<select name="desk_id" id="desk_id" class="input" tabindex="3">
<option id="nodesk" value="">---</option>
[% FOREACH d IN Desks.all %]
<option class="[% d.branchcode | html %]" value="[% d.desk_id | html %]" disabled >[% d.desk_name | html %]</option>
[% END %]
</select>
</p>
[% END %]
[% IF Koha.Preference('UseCashRegisters') && Registers.all().size %]
<p>
<label for="register_id">Cash register:</label>
<select name="register_id" id="register_id" class="input" tabindex="4">
<option id="noregister" value="" selected="selected">Library default</option>
[% PROCESS options_for_registers registers => Registers.all() %]
</select>
</p>
[% END %]
[% END %]
<!-- <p><label><input name="rememberme" type="checkbox" id="rememberme" value="forever" tabindex="3" />Remember me</label></p> -->
<p class="submit"><input id="submit-button" type="submit" class="btn btn-primary" value="Log in" tabindex="4" /></p>
</form>
[% IF ( casAuthentication ) %]
<h4>Cas login</h4>
[% IF ( invalidCasLogin ) %]
<!-- This is what is displayed if cas login has failed -->
<p>Sorry, the CAS login failed.</p>
[% END %]
[% IF ( casServerUrl ) %]
<p><a href="[% casServerUrl | $raw %]">If you have a CAS account, please click here to login</a>.<p>
[% END %]
[% IF ( casServersLoop ) %]
<p>If you have a CAS account, please choose against which one you would like to authenticate:</p>
<ul>
[% FOREACH casServer IN casServersLoop %]
<li><a href="[% casServer.value | $raw %]">[% casServer.name | html %]</a></li>
[% END %]
[% END %]
[% END %]
[% ELSIF TwoFA_prompt %]
<form action="[% script_name | html %]" method="post" name="loginform" id="loginform">
<input type="hidden" name="koha_login_context" value="intranet" />
[% FOREACH INPUT IN INPUTS %]
<input type="hidden" name="[% INPUT.name | html %]" value="[% INPUT.value | html %]" />
[% END %]
[% IF invalid_otp_token %]
<div id="login_error">Invalid two-factor code</div>
[% END %]
<div id="email_error" class="dialog alert" style="display: none;"></div>
<div id="email_success" class="dialog message" style="display: none;"></div>
<p>
<label for="otp_token">Two-factor authentication code:</label>
<input type="text" name="otp_token" id="otp_token" class="input focus" value="" size="20" tabindex="1" />
</p>
<p>
<input type="submit" id="submit-button" class="btn btn-primary" value="Verify code" />
<a class="send_otp" id="send_otp" href="#">Send the code by email</a>
<a class="cancel" id="logout" href="/cgi-bin/koha/mainpage.pl?logout.x=1">Cancel</a>
</p>
</form>
[% ELSIF TwoFA_setup %]
[% PROCESS registration_form %]
[% END %]
[% IF ( nopermission ) %]
<p><a id="previous_page" href="javascript:window.history.back()">[Previous page]</a>
<a id="mainpage" href="/">[Main page]</a></p>
[% END %]
<!--<ul> -->
<!-- <li><a href="/cgi-bin/koha/lostpassword.pl" title="Password lost and found">Lost your password?</a></li> -->
<!-- </ul> -->
</div>
[% MACRO jsinclude BLOCK %]
[% Asset.js("js/desk_selection.js") | $raw %]
[% Asset.js("js/register_selection.js") | $raw %]
<script>
$(document).ready( function() {
if ( document.location.hash ) {
$( '#loginform' ).append( '<input name="auth_forwarded_hash" type="hidden" value="' + document.location.hash + '"/>' );
}
// Clear last borrowers, rememberd sql reports, carts, etc.
logOut();
$("#send_otp").on("click", function(e){
e.preventDefault();
[% UNLESS notice_email_address %]
alert("Cannot send the notice, you don't have an email address defined.")
[% ELSE %]
$("#email_success").hide();
$("#email_error").hide();
$.ajax({
url: '/api/v1/auth/otp/token_delivery',
type: 'POST',
success: function(data){
let message = _("The code has been sent by email, please check your inbox.")
$("#email_success").show().html(message);
},
error: function(data){
let error = data.responseJSON && data.responseJSON.error == "email_not_sent"
? _("Email not sent, please contact the Koha administrator")
: _("Something wrong happened, please contact the Koha administrator");
$("#email_error").show().html(error);
}
});
[% END %]
});
if( $("#registration-form").length ) {
$.ajax({
data: {},
type: 'POST',
url: '/api/v1/auth/two-factor/registration',
success: function (data) {
$("#qr_code").attr('src', data.qr_code);
$("#secret32").val(data.secret32);
$("#issuer").html(data.issuer);
$("#key_id").html(data.key_id);
$("#registration-form").show();
},
error: function (data) {
alert(data);
},
});
};
$("#register-2FA").on("click", function(e){
e.preventDefault();
const data = {
secret32: $("#secret32").val(),
pin_code: $("#pin_code").val(),
};
if (!data.pin_code) return;
$.ajax({
data: data,
type: 'POST',
url: '/api/v1/auth/two-factor/registration/verification',
success: function (data) {
return;
},
error: function (data) {
const error = data.responseJSON.error;
if ( error == 'Invalid pin' ) {
$("#errors").html(_("Invalid PIN code")).show();
} else {
alert(error);
}
},
}).then(function(){
alert(_("Two-factor authentication correctly configured. You will be redirected to the login screen."));
window.location = "/cgi-bin/koha/mainpage.pl";
});
});
});
</script>
[% END %]
<!-- the main div is closed in intranet-bottom.inc -->
[% INCLUDE 'intranet-bottom.inc' %]
View git blame Copy permalink