Koha-community/Koha
13
7
Fork 0
Code Issues Releases Wiki Activity
Koha/koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-auth.tt
Owen Leonard c63337a12a Bug 29006: Make GoogleOpenIDConnect options consistent in the OPAC 
This patch makes modifications to OPAC templates to make the Google
login options more consistent.

To test, apply the patch and rebuild the OPAC CSS
(https://wiki.koha-community.org/wiki/Working_with_SCSS_in_the_OPAC_and_staff_client).

- In the staff interface, enable the GoogleOpenIDConnect preference, and
  populate the GoogleOAuth2ClientID the GoogleOAuth2ClientSecret with
  values (they don't need to be valid).
- On the OPAC main page you should see a "Log in with Google" button
  above the Koha login form.
- If you click the "Log in to your account" link at the top of the page
  you should see a "Log in with Google" button in the modal window
- If you navigate directly to /cgi-bin/koha/opac-user.pl when not logged
  in you should see the same "Log in with Google" button on that page.
- In each case the Google button should point to /cgi-bin/koha/svc/auth/googleopenidconnect
- If you disable GoogleOpenIDConnect the buttons should disappear.

Signed-off-by: David Nind <david@davidnind.com>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-10-05 10:58:14 +02:00

245 lines
15 KiB
Text
Raw Blame History

[% USE raw %]
[% USE Koha %]
[% USE Categories %]
[% USE AdditionalContents %]
[% PROCESS 'html_helpers.inc' %]
[% SET OpacLoginInstructions = AdditionalContents.get( location => "OpacLoginInstructions", lang => lang, library => branchcode ) %]
[% INCLUDE 'doc-head-open.inc' %]
<title>
[% IF Koha.Preference( 'opacuserlogin' ) == 1 %]
Log in to your account
[% ELSE %]
Catalog login disabled
[% END %] &rsaquo;
[% IF ( LibraryNameTitle ) %][% LibraryNameTitle | html %][% ELSE %]Koha online[% END %] catalog
</title>
[% INCLUDE 'doc-head-close.inc' %]
[% BLOCK cssinclude %][% END %]
</head>
[% INCLUDE 'bodytag.inc' bodyid='opac-login-page' bodyclass='scrollto' %]
[% INCLUDE 'masthead.inc' %]
<div class="main">
<nav aria-label="breadcrumb">
<ul class="breadcrumb">
<li class="breadcrumb-item">
<a href="/cgi-bin/koha/opac-main.pl">Home</a>
</li>
<li class="breadcrumb-item active" aria-current="page">
<a href="#">Log in</a>
</li>
</ul>
</nav>
<div class="container-fluid">
<div class="row justify-content-center">
<div class="col-md-10 col-lg-6">
<div id="opac-auth" class="maincontent">
<!--CONTENT-->
[% IF Koha.Preference( 'opacuserlogin' ) == 1 %]
[% IF ( nopermission ) %]
<!-- This is what is displayed if user doesn't have permission -->
<div class="alert alert-warning">
<h1>Access denied</h1>
<p>Sorry, the system doesn't think you have permission to access this page. </p>
[% IF SCO_login %]
<p><a href="/cgi-bin/koha/sco/sco-main.pl?logout.x=1">Log out and try again with a different user.</a></p>
[% ELSIF SCI_login %]
<p><a href="/cgi-bin/koha/sci/sci-main.pl?logout.x=1">Log out and try again with a different user.</a></p>
[% END %]
</div>
[% END %]
[% IF ( loginprompt ) %]
<!-- login prompt time-->
<h1>Log in to your account</h1>
[% IF ( timed_out ) %]
<!-- This is what is displayed if login has timed out -->
<div class="alert alert-info">
<p>Sorry, your session has timed out. Please log in again.</p>
</div>
[% END %]
[% IF ( different_ip ) %]
<!-- This is what is displayed if user doesn't have permission -->
<div class="alert alert-info">
<p>You are logging from a different IP address. Please log in again.</p>
</div>
[% END %]
[% IF invalid_username_or_password || too_many_login_attempts %]
<!-- This is what is displayed if user doesn't have permission or account is locked. (Do not expose more information than needed.) -->
<div class="alert alert-info">
<p>You entered an incorrect username or password. Please try again! But note that passwords are case sensitive[% IF Koha.Preference('FailedLoginAttempts') %] and that your account will be locked out after a fixed number of failed login attempts[% END %]. Please contact a library staff member if you continue to have problems.</p>
</div>
[% END %]
[% IF ( shibbolethAuthentication ) %]
[% IF ( invalidShibLogin ) %]
<!-- This is what is displayed if shibboleth login has failed to match a koha user -->
<div class="alert alert-info">
<p>Sorry, your Shibboleth identity does not match a valid library identity.</p>
[% UNLESS ( Koha.Preference('OPACShibOnly') ) %]
[% IF ( casAuthentication ) %]
[% IF ( invalidCasLogin ) %]
<!-- This is what is displayed if cas login has failed -->
<p>Sorry, the CAS login also failed. If you have a local login you may use that below.</p>
[% ELSE %]
<p>If you have a CAS account, you may use that below.</p>
[% END %]
[% ELSE %]
<p>If you have a local account, you may use that below.</p>
[% END %]
[% END %]
</div>
[% ELSE %]
<h2>Shibboleth Login</h2>
<p><a href="[% shibbolethLoginUrl | $raw %]">Log in using a Shibboleth account.</a></p>
[% END # /IF invalidShibLogin %]
[% UNLESS ( Koha.Preference('OPACShibOnly') ) %]
[% IF ( casAuthentication ) %]
<h2>CAS login</h2>
<p>If you do not have a Shibboleth account, but you do have a CAS account, you can use CAS.</p>
[% ELSE %]
<h2>Local login</h2>
<p>If you do not have a Shibboleth account, but you do have a local login, then you may login below.</p>
[% END %]
[% END %]
[% END # /IF shibbolethAuthentication %]
[% UNLESS ( Koha.Preference('OPACShibOnly') ) %]
[% IF ( casAuthentication ) %]
[% IF ( shibbolethAuthentication ) %]
[% IF ( casServerUrl ) %]
<p><a href="[% casServerUrl | $raw %]">Log in.</a><p>
[% END %]
[% IF ( casServersLoop ) %]
<p>Please choose against which one you would like to authenticate: </p>
<ul>
[% FOREACH casServer IN casServersLoop %]
<li><a href="[% casServer.value | $raw %]">[% casServer.name | html %]</a></li>
[% END %]
</ul>
[% END %]
[% ELSE %]
<h2>CAS login</h2>
[% IF ( invalidCasLogin ) %]
<!-- This is what is displayed if cas login has failed -->
<p>Sorry, the CAS login failed.</p>
[% END %]
[% IF ( casServerUrl ) %]
<p><a href="[% casServerUrl | $raw %]">Log in using a CAS account.</a><p>
[% END %]
[% IF ( casServersLoop ) %]
<p>If you have a CAS account, please choose against which one you would like to authenticate:</p>
<ul>
[% FOREACH casServer IN casServersLoop %]
<li><a href="[% casServer.value | $raw %]">[% casServer.name | html %]</a></li>
[% END %]
</ul>
[% END %]
[% END # /IF shibbolethAuthentication %]
[% IF ( shibbolethAuthentication ) %]
<p>Nothing</p>
[% ELSE %]
<h2>Local login</h2>
<p>If you do not have a CAS account, but do have a local account, you can still log in: </p>
[% END %]
[% END # / IF casAuthentication %]
[% IF ( Koha.Preference('GoogleOpenIDConnect') == 1 ) %]
[% IF ( invalidGoogleOpenIDConnectLogin ) %]
<h2>Google login</h2>
<p>Sorry, your Google login failed. <span class="error">[% invalidGoogleOpenIDConnectLogin | html %]</span></p>
<p>Please note that the Google login will only work if you are using the e-mail address registered with this library.</p>
<p>If you want to, you can try to <a href="/cgi-bin/koha/svc/auth/googleopenidconnect?reauthenticate=select_account">log in using a different account</a>
[% END %]
<a href="/cgi-bin/koha/svc/auth/googleopenidconnect" class="btn btn-light" id="openid_connect"><i class="fa fa-google" aria-hidden="true"></i> Log in with Google</a>
<p>If you do not have a Google account, but do have a local account, you can still log in: </p>
[% END # /IF GoogleOpenIDConnect %]
[% END # /UNLESS OPACShibOnly %]
[% IF !Koha.Preference('OPACShibOnly') or SCO_login or SCI_login %]
[% IF SCO_login %]
<form action="/cgi-bin/koha/sco/sco-main.pl" name="auth" id="auth" method="post" autocomplete="off">
[% ELSIF SCI_login %]
<form action="/cgi-bin/koha/sci/sci-main.pl" name="auth" id="auth" method="post" autocomplete="off">
[% ELSE %]
<form action="[% script_name | html %]" name="auth" id="auth" method="post" autocomplete="off">
[% END %]
<input type="hidden" name="koha_login_context" value="opac" />
<fieldset class="brief">
[% FOREACH INPUT IN INPUTS %]
[% NEXT IF INPUT.name == 'logout.x' %]
<input type="hidden" name="[% INPUT.name | html %]" value="[% INPUT.value | html %]" />
[% END %]
<div class="form-group">
<label for="userid">Login:</label>
<input class="form-control" type="text" size="25" id="userid" name="userid" />
</div>
<div class="form-group">
<label for="password">Password:</label>
<input class="form-control" type="password" size="25" id="password" name="password" />
</div>
<fieldset class="action">
<input type="submit" value="Log in" class="btn btn-primary" />
</fieldset>
</fieldset>
[% IF Koha.Preference('OpacPasswordChange') && Categories.can_any_reset_password %]
<div id="forgotpassword">
<a href="/cgi-bin/koha/opac-password-recovery.pl">Forgot your password?</a>
</div>
[% END %]
<div id="nologininstructions">
[% IF OpacLoginInstructions %]
[% PROCESS koha_news_block news => OpacLoginInstructions %]
[% ELSE %]
<h2>Don't have a password yet?</h2>
<p>If you don't have a password yet, stop by the circulation desk the next time you're in the library. We'll happily set one up for you.</p>
<h2>Don't have a library card?</h2>
<p>If you don't have a library card, stop by your local library to sign up.</p>
[% END # / IF OpacLoginInstructions %]
[% IF PatronSelfRegistration && PatronSelfRegistrationDefaultCategory %]
<span id="registrationinstructions">
<a href="/cgi-bin/koha/opac-memberentry.pl">You may register here.</a>
</span>
[% END %]
</div>
</form>
[% END # / IF !OPACShibOnly or SCO_login or SCI_login %]
[% END # / IF loginprompt %]
[% ELSE %]
<h1>Logging on to the catalog has not been enabled by the library.</h1>
<ul>
<li>To report this error, you can email the Koha Administrator.<a href="mailto:[% admin | uri %]">Email</a></li>
<li>Use top menu bar to navigate to another part of Koha.</li>
</ul>
[% END # / IF opacuserlogin %]
</div> <!-- /.opac-auth -->
</div> <!-- /.col-md-10 col-lg-6 -->
</div> <!-- /.row -->
</div> <!-- /.container-fluid -->
</div> <!-- /.main -->
[% INCLUDE 'opac-bottom.inc' %]
[% BLOCK jsinclude %]
<script>
// Hide circular 'Log in to Your Account' link in opac-auth.pl
$(document).ready(function() {
if ( $("#auth" ) ) { $("#members ul li a").hide(); }
});
</script>
[% END %]
View git blame Copy permalink