aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJoey Hess <joey@gnu.kitenet.net>2010-02-11 17:26:09 -0500
committerJoey Hess <joey@gnu.kitenet.net>2010-02-11 17:26:09 -0500
commit046095552ac231366d71a3c7a84bdc6d46662212 (patch)
tree959e814144c3e92078960d37338958fa56e284b2
parentf2d6d4f6b24bb399481c40dc6eb6f3fe25190c5d (diff)
downloadikiwiki-046095552ac231366d71a3c7a84bdc6d46662212.tar
ikiwiki-046095552ac231366d71a3c7a84bdc6d46662212.tar.gz
httpauth: When cgiauthurl is configured, httpauth can now be used alongside other authentication methods (like openid or anonok). Rather than always redirect to the cgiauthurl for authentication, there is now a button on the login form to use it.
-rw-r--r--IkiWiki/Plugin/httpauth.pm35
-rw-r--r--IkiWiki/Plugin/openid.pm2
-rw-r--r--debian/changelog4
-rw-r--r--doc/bugs/anonok_vs._httpauth.mdwn2
-rw-r--r--doc/plugins/httpauth.mdwn9
5 files changed, 43 insertions, 9 deletions
diff --git a/IkiWiki/Plugin/httpauth.pm b/IkiWiki/Plugin/httpauth.pm
index a18f8ca54..d0d4da0b7 100644
--- a/IkiWiki/Plugin/httpauth.pm
+++ b/IkiWiki/Plugin/httpauth.pm
@@ -11,6 +11,8 @@ sub import {
hook(type => "auth", id => "httpauth", call => \&auth);
hook(type => "canedit", id => "httpauth", call => \&canedit,
last => 1);
+ hook(type => "formbuilder_setup", id => "httpauth",
+ call => \&formbuilder_setup);
}
sub getsetup () {
@@ -27,6 +29,14 @@ sub getsetup () {
rebuild => 0,
},
}
+
+sub redir_cgiauthurl ($$) {
+ my $cgi=shift;
+ my $params=shift;
+
+ IkiWiki::redirect($cgi, $config{cgiauthurl}.'?'.$params);
+ exit;
+}
sub auth ($$) {
my $cgi=shift;
@@ -43,14 +53,31 @@ sub canedit ($$$) {
my $session=shift;
if (! defined $cgi->remote_user() && defined $config{cgiauthurl}) {
- return sub {
- IkiWiki::redirect($cgi, $config{cgiauthurl}.'?'.$cgi->query_string());
- exit;
- };
+ return sub { redir_cgiauthurl($cgi, $cgi->query_string()) };
}
else {
return undef;
}
}
+sub formbuilder_setup (@) {
+ my %params=@_;
+
+ my $form=$params{form};
+ my $session=$params{session};
+ my $cgi=$params{cgi};
+ my $buttons=$params{buttons};
+
+ if ($form->title eq "signin" &&
+ ! defined $cgi->remote_user() && defined $config{cgiauthurl}) {
+ my $button_text="Login with HTTP auth";
+ push @$buttons, $button_text;
+
+ if ($form->submitted && $form->submitted eq $button_text) {
+ redir_cgiauthurl($cgi, "do=postsignin");
+ exit;
+ }
+ }
+}
+
1
diff --git a/IkiWiki/Plugin/openid.pm b/IkiWiki/Plugin/openid.pm
index b60740c0e..382d8286f 100644
--- a/IkiWiki/Plugin/openid.pm
+++ b/IkiWiki/Plugin/openid.pm
@@ -56,7 +56,7 @@ sub formbuilder_setup (@) {
# OpenID fieldset.
$form->fieldsets("OpenID");
- $form->field(
+ $form->field(
name => "openid_url",
label => gettext("Log in with")." ".htmllink("", "", "ikiwiki/OpenID", noimageinline => 1),
fieldset => "OpenID",
diff --git a/debian/changelog b/debian/changelog
index 358a5dc5c..3dd68558e 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -15,6 +15,10 @@ ikiwiki (3.20100123) UNRELEASED; urgency=low
* Fix color and format plugins to appear in the websetup interface.
* amazon_s3: Fix to support the EU S3 datacenter, which is more picky
about attempts to create already existing buckets.
+ * httpauth: When cgiauthurl is configured, httpauth can now be used
+ alongside other authentication methods (like openid or anonok). Rather
+ than always redirect to the cgiauthurl for authentication, there is now
+ a button on the login form to use it.
-- Joey Hess <joeyh@debian.org> Tue, 26 Jan 2010 22:25:33 -0500
diff --git a/doc/bugs/anonok_vs._httpauth.mdwn b/doc/bugs/anonok_vs._httpauth.mdwn
index b738e3b6c..bff37e18b 100644
--- a/doc/bugs/anonok_vs._httpauth.mdwn
+++ b/doc/bugs/anonok_vs._httpauth.mdwn
@@ -114,3 +114,5 @@ index 127c321..a18f8ca 100644
>> time that httpauth is redirecting to the cgiauthurl. As mentioned above,
>> the only way to deal with that would be to add a link to the signin page
>> that does the httpauth signin. --[[Joey]]
+
+>>> That's dealt with in final version. [[done]] --[[Joey]]
diff --git a/doc/plugins/httpauth.mdwn b/doc/plugins/httpauth.mdwn
index 77796a3d7..a7aac558b 100644
--- a/doc/plugins/httpauth.mdwn
+++ b/doc/plugins/httpauth.mdwn
@@ -14,10 +14,11 @@ signed into the wiki. This method is suitable only for private wikis.
## separate cgiauthurl
To use httpauth for a wiki where the content is public, and where
-the `ikiwiki.cgi` needs to be usable without authentication (for searching
-and so on), you can configure a separate url that is used for
-authentication, via the `cgiauthurl` option in the setup file. This
-url will then be redirected to whenever authentication is needed.
+the `ikiwiki.cgi` needs to be usable without authentication (for searching,
+or logging in using other methods, and so on), you can configure a separate
+url that is used for authentication, via the `cgiauthurl` option in the setup
+file. This url will then be redirected to when a user chooses to log in using
+httpauth.
A typical setup is to make an `auth` subdirectory, and symlink `ikiwiki.cgi`
into it. Then configure the web server to require authentication only for