diff -ruN -x Family -x Trash -x Sandbox -x 'log*.txt' -x 'warn*.txt' -x plucene -x '*parry.tmpl' -x '*.googleearth.tmpl' twiki.orig/data/TWiki/TWikiUserAuthentication.txt twiki/data/TWiki/TWikiUserAuthentication.txt
--- twiki.orig/data/TWiki/TWikiUserAuthentication.txt 2007-01-14 17:20:49.000000000 -0800
+++ twiki/data/TWiki/TWikiUserAuthentication.txt 2007-01-14 17:03:59.000000000 -0800
@@ -56,12 +56,13 @@
---+++ Template Login (select =TWiki::Client::TemplateLogin= in configure)
-Template Login asks for a username and password in a web page, and processes them using whatever Password Manager you choose. Users can log in and log out. Client Sessions are used to remember users.
+Template Login asks for a username and password in a web page, and processes them using whatever Password Manager you choose. Users can log in and log out. Client Sessions are used to remember users. Users can choose to have their session remembered so they will automatically be logged in the next time they start their browser.
---++++ Enabling Template Login
1 Use the [[%SCRIPTURLPATH{"configure"}%][configure]] interface to
1 select the =TWiki::Client::TemplateLogin= login manager (on the Security Settings pane).
1 select the appropriate password manager for your system, or provide your own.
+ 1 increase the ExpireAfter setting to a large value, such as 15552000 (180 days), so that remembered sessions will still be alive when users return.
1 Register yourself in the TWikiRegistration topic.
%H% Check that the password manager recognises the new user. If you are using =.htpasswd= files, check that a new line with the username and encrypted password is added to the =.htpasswd= file. If not, you probably got a path wrong, or the permissions may not allow the webserver user to write to that file.
1 Create a new topic to check if authentication works.
diff -ruN -x Family -x Trash -x Sandbox -x 'log*.txt' -x 'warn*.txt' -x plucene -x '*parry.tmpl' -x '*.googleearth.tmpl' twiki.orig/lib/TWiki/Client/TemplateLogin.pm twiki/lib/TWiki/Client/TemplateLogin.pm
--- twiki.orig/lib/TWiki/Client/TemplateLogin.pm 2007-01-11 22:46:00.000000000 -0800
+++ twiki/lib/TWiki/Client/TemplateLogin.pm 2007-01-14 17:56:28.000000000 -0800
@@ -45,6 +45,7 @@
my $this = bless( $class->SUPER::new($session), $class );
$session->enterContext( 'can_login' );
+ $session->enterContext( 'can_remember_login' );
return $this;
}
@@ -83,6 +84,10 @@
script. If there is no username in the query or the username/password is
invalid (validate returns non-zero) then it prompts again.
+If a flag to remember the login has been passed in the query, then the
+corresponding session variable will be set. This will result in the
+login cookie being preserved across browser sessions.
+
The password handler is expected to return a perl true value if the password
is valid. This return value is stored in a session variable called
VALIDATION. This is so that password handlers can return extra information
@@ -99,6 +104,7 @@
my $origurl = $query->param( 'origurl' );
my $loginName = $query->param( 'username' );
my $loginPass = $query->param( 'password' );
+ my $remember = $query->param( 'remember' );
my $tmpl = $twiki->{templates}->readTemplate(
'login', $twiki->getSkin() );
@@ -108,8 +114,9 @@
my $topic = $twiki->{topicName};
my $web = $twiki->{webName};
- my $cgisession = $this->{cgisession};
+ my $cgisession = $this->{_cgisession};
+ $cgisession->param( 'REMEMBER', $remember ) if $cgisession;
if( $cgisession && $cgisession->param( 'AUTHUSER' ) &&
$loginName ne $cgisession->param( 'AUTHUSER' )) {
$banner = $twiki->{templates}->expandTemplate( 'LOGGED_IN_BANNER' );
@@ -147,4 +154,29 @@
print $tmpl;
}
+=pod
+
+---++ ObjectMethod modifyHeader( \%header )
+Modify a HTTP header
+This override only differs in that it supports remembered cookies.
+ * =\%header= - header entries
+
+=cut
+
+sub modifyHeader {
+ my( $this, $hopts ) = @_;
+
+ return unless $this->{_cgisession};
+ return if $TWiki::cfg{Sessions}{MapIP2SID};
+
+ my $query = $this->{twiki}->{cgiQuery};
+ my $c = CGI::Cookie->new( -name => $CGI::Session::NAME,
+ -value => $this->{_cgisession}->id(),
+ -path => '/' );
+ $c->expires( '+'.$TWiki::cfg{Sessions}{ExpireAfter}.'s' ) if $this->getSessionValue( 'REMEMBER' );
+
+ push( @{$this->{_cookies}}, $c );
+ $hopts->{cookie} = $this->{_cookies};
+}
+
1;
diff -ruN -x Family -x Trash -x Sandbox -x 'log*.txt' -x 'warn*.txt' -x plucene -x '*parry.tmpl' -x '*.googleearth.tmpl' twiki.orig/templates/login.classic.tmpl twiki/templates/login.classic.tmpl
--- twiki.orig/templates/login.classic.tmpl 2006-12-05 14:31:50.000000000 -0800
+++ twiki/templates/login.classic.tmpl 2007-01-12 21:47:04.000000000 -0800
@@ -7,6 +7,8 @@
%TMPL:DEF{"NEW_USER_NOTE"}%Enter a new username and password to change identity%TMPL:END%
%TMPL:DEF{"UNRECOGNISED_USER"}%Unrecognised user and/or password.%TMPL:END%
+%TMPL:DEF{"rememberbox"}%