mirror of
https://github.com/moodle/moodle.git
synced 2025-01-17 13:38:32 +01:00
Merge branch 'MDL-78630-master' of https://github.com/cameron1729/moodle
This commit is contained in:
Ilya Tregubov
commit
e4a1ca2f34
@ -53,6 +53,8 @@ class login implements renderable, templatable {
|
||||
public $cookieshelpicon;
|
||||
/** @var string The error message, if any. */
|
||||
public $error;
|
||||
/** @var string The info message, if any. */
|
||||
public $info;
|
||||
/** @var moodle_url Forgot password URL. */
|
||||
public $forgotpasswordurl;
|
||||
/** @var array Additional identify providers, contains the keys 'url', 'name' and 'icon'. */
|
||||
@ -131,6 +133,15 @@ class login implements renderable, templatable {
|
||||
$this->error = $error;
|
||||
}
|
||||
|
||||
/**
|
||||
* Set the info message.
|
||||
*
|
||||
* @param string $info The info message.
|
||||
*/
|
||||
public function set_info(string $info): void {
|
||||
$this->info = $info;
|
||||
}
|
||||
|
||||
public function export_for_template(renderer_base $output) {
|
||||
|
||||
$identityproviders = \auth_plugin_base::prepare_identity_providers_for_output($this->identityproviders, $output);
|
||||
@ -142,6 +153,7 @@ class login implements renderable, templatable {
|
||||
$data->cansignup = $this->cansignup;
|
||||
$data->cookieshelpicon = $this->cookieshelpicon->export_for_template($output);
|
||||
$data->error = $this->error;
|
||||
$data->info = $this->info;
|
||||
$data->forgotpasswordurl = $this->forgotpasswordurl->out(false);
|
||||
$data->hasidentityproviders = !empty($this->identityproviders);
|
||||
$data->hasinstructions = !empty($this->instructions) || $this->cansignup;
|
||||
|
||||
@ -24,6 +24,8 @@
|
||||
|
||||
$string['accessdenied'] = 'Access denied';
|
||||
$string['accounts'] = 'Accounts';
|
||||
$string['accountunlocked'] = 'Your account has been unlocked successfully. You may now login below.';
|
||||
$string['accountlocked'] = 'Your account has been locked. An unlock link has been sent to the email address associated with your account.';
|
||||
$string['addcategory'] = 'Add a category';
|
||||
$string['additionalhtml'] = 'Additional HTML';
|
||||
$string['additionalhtml_heading'] = 'Additional HTML to be added to every page.';
|
||||
|
||||
@ -1018,12 +1018,18 @@ function login_lock_account($user) {
|
||||
* Unlock user account and reset timers.
|
||||
*
|
||||
* @param stdClass $user
|
||||
* @param bool $notify Notify the user their account has been unlocked.
|
||||
*/
|
||||
function login_unlock_account($user) {
|
||||
function login_unlock_account($user, bool $notify = false) {
|
||||
global $SESSION;
|
||||
|
||||
unset_user_preference('login_lockout', $user);
|
||||
unset_user_preference('login_failed_count', $user);
|
||||
unset_user_preference('login_failed_last', $user);
|
||||
|
||||
if ($notify) {
|
||||
$SESSION->logininfomsg = get_string('accountunlocked', 'admin');
|
||||
}
|
||||
// Note: do not clear the lockout secret because user might click on the link repeatedly.
|
||||
}
|
||||
|
||||
|
||||
@ -4246,7 +4246,7 @@ function guest_user() {
|
||||
* @return stdClass|false A {@link $USER} object or false if error
|
||||
*/
|
||||
function authenticate_user_login($username, $password, $ignorelockout=false, &$failurereason=null, $logintoken=false) {
|
||||
global $CFG, $DB, $PAGE;
|
||||
global $CFG, $DB, $PAGE, $SESSION;
|
||||
require_once("$CFG->libdir/authlib.php");
|
||||
|
||||
if ($user = get_complete_user_data('username', $username, $CFG->mnet_localhost_id)) {
|
||||
@ -4351,6 +4351,8 @@ function authenticate_user_login($username, $password, $ignorelockout=false, &$f
|
||||
$event->trigger();
|
||||
|
||||
error_log('[client '.getremoteaddr()."] $CFG->wwwroot Login lockout: $username ".$_SERVER['HTTP_USER_AGENT']);
|
||||
$SESSION->loginerrormsg = get_string('accountlocked', 'admin');
|
||||
|
||||
return false;
|
||||
}
|
||||
} else {
|
||||
|
||||
@ -26,6 +26,7 @@
|
||||
* cansignup - Signup allowed?,
|
||||
* cookieshelpicon - cookies help icon details
|
||||
* error - Any errors in the form?,
|
||||
* info - Info notification to display,
|
||||
* forgotpasswordurl - Forgot password url,
|
||||
* hasidentityproviders - Flag, set to true to hide identity providers,
|
||||
* hasinstructions - Flag, set to true to show instructions,
|
||||
@ -75,6 +76,7 @@
|
||||
"ltr": true
|
||||
},
|
||||
"error": "",
|
||||
"info": "",
|
||||
"forgotpasswordurl": "http://localhost/stable_master/login/forgot_password.php",
|
||||
"hasidentityproviders": false,
|
||||
"hasinstructions": true,
|
||||
@ -112,6 +114,10 @@
|
||||
<a href="#" id="loginerrormessage" class="sr-only">{{error}}</a>
|
||||
<div class="alert alert-danger" role="alert">{{error}}</div>
|
||||
{{/error}}
|
||||
{{#info}}
|
||||
<a href="#" id="logininfomessage" class="sr-only">{{info}}</a>
|
||||
<div class="alert alert-info" role="alert">{{info}}</div>
|
||||
{{/info}}
|
||||
{{#cansignup}}
|
||||
<a href="{{signupurl}}" class="sr-only">{{#str}} tocreatenewaccount {{/str}}</a>
|
||||
{{/cansignup}}
|
||||
|
||||
@ -52,6 +52,7 @@ $PAGE->set_pagelayout('login');
|
||||
|
||||
/// Initialize variables
|
||||
$errormsg = '';
|
||||
$infomsg = '';
|
||||
$errorcode = 0;
|
||||
|
||||
// login page requested session test
|
||||
@ -270,6 +271,7 @@ if ($frm and isset($frm->username)) { // Login WITH
|
||||
|
||||
// Discard any errors before the last redirect.
|
||||
unset($SESSION->loginerrormsg);
|
||||
unset($SESSION->logininfomsg);
|
||||
|
||||
// test the session actually works by redirecting to self
|
||||
$SESSION->wantsurl = $urltogo;
|
||||
@ -344,14 +346,17 @@ if (empty($frm->username) && $authsequence[0] != 'shibboleth') { // See bug 518
|
||||
$frm->password = "";
|
||||
}
|
||||
|
||||
if (!empty($SESSION->loginerrormsg)) {
|
||||
// We had some errors before redirect, show them now.
|
||||
$errormsg = $SESSION->loginerrormsg;
|
||||
if (!empty($SESSION->loginerrormsg) || !empty($SESSION->logininfomsg)) {
|
||||
// We had some messages before redirect, show them now.
|
||||
$errormsg = $SESSION->loginerrormsg ?? '';
|
||||
$infomsg = $SESSION->logininfomsg ?? '';
|
||||
unset($SESSION->loginerrormsg);
|
||||
unset($SESSION->logininfomsg);
|
||||
|
||||
} else if ($testsession) {
|
||||
// No need to redirect here.
|
||||
unset($SESSION->loginerrormsg);
|
||||
unset($SESSION->logininfomsg);
|
||||
|
||||
} else if ($errormsg or !empty($frm->password)) {
|
||||
// We must redirect after every password submission.
|
||||
@ -376,6 +381,7 @@ if (isloggedin() and !isguestuser()) {
|
||||
} else {
|
||||
$loginform = new \core_auth\output\login($authsequence, $frm->username);
|
||||
$loginform->set_error($errormsg);
|
||||
$loginform->set_info($infomsg);
|
||||
echo $OUTPUT->render($loginform);
|
||||
}
|
||||
|
||||
|
||||
@ -43,7 +43,7 @@ if (!$user = $DB->get_record('user', array('id'=>$userid, 'deleted'=>0, 'suspend
|
||||
$usersecret = get_user_preferences('login_lockout_secret', false, $user);
|
||||
|
||||
if ($secret === $usersecret) {
|
||||
login_unlock_account($user);
|
||||
login_unlock_account($user, true);
|
||||
if ($USER->id == $user->id) {
|
||||
redirect("$CFG->wwwroot/");
|
||||
} else {
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user