Evolution #414: Navigation en mode non inscrit

app/Resources/translations/navigationui.en.yml

@@ -10,6 +10,8 @@ container_menu:
 top_bar:
   my_account:           My account
   logout:               Logout
+  subscribe:            Subscribe
+  login:                Connexion
   
 network:
   mygroups:             My groups

app/Resources/translations/navigationui.fr.yml

@@ -10,6 +10,8 @@ container_menu:
 top_bar:
   my_account:           Mon compte
   logout:               Déconnexion
+  subscribe:            Devenir membre
+  login:                Connexion
   
 network:
   mygroups:             Mes groupes

src/Muzich/CoreBundle/Resources/config/security.yml

@@ -11,7 +11,7 @@ security:
             algorithm: sha512
             encode_as_base64: false
             iterations: 10
-
+    
     firewalls:
         main:
             pattern:      .*
@@ -22,10 +22,12 @@ security:
                 check_path:     /login_check
                 failure_path:   null
                 default_target_path: home
+                success_handler: security.authentication.success_handler
+                failure_handler: security.authentication.failure_handler
                 
             logout:
                 path:   /logout
-                target: /home
+                target: /
             anonymous:  ~
             remember_me:
               key:      %secret%

src/Muzich/CoreBundle/Resources/public/js/muzich.js

@@ -2879,24 +2879,10 @@ $(document).ready(function(){
   
   /* HELPBOX */
   $('.helpbox').live('click', function(){
-    $('body').append(
-      '<div id="helpbox" class="popin_block"><img src="/bundles/muzichcore/img/ajax-loader.gif" alt="loading..." /></div>'
-    );
-    open_popin_dialog('helpbox');
-    JQueryJson($(this).attr('href'), {}, function(response){
-      if (response.status == 'success')
-      {
-        $('div#helpbox').html(
-          '<a href="javascript:void(0);" id="helpbox_close" >'+
-            '<img src="/bundles/muzichcore/img/1317386146_cancel.png" alt="close" />'+
-          '</a>'+
-          response.data
-        );
-      }
-    });
-    
+    open_ajax_popin($(this).attr('href'));
     return false;
   });
+  
   $('a#helpbox_close').live('click', function(){
     // Fond gris
     $('#fade').fadeOut(1000, function(){$('#fade').remove();});
@@ -2918,14 +2904,72 @@ $(document).ready(function(){
     $('a.mustbeconnected').off('click').on('click',function(){
       open_connection_or_subscription_window();
     });
+    
+    $('a.open_login').click(function(){
+      open_connection_or_subscription_window(true);
+    });
    
 });
 
-function open_connection_or_subscription_window()
+function open_ajax_popin(url, callback)
+{
+  $('body').append(
+    '<div id="helpbox" class="popin_block"><img src="/bundles/muzichcore/img/ajax-loader.gif" alt="loading..." /></div>'
+  );
+  open_popin_dialog('helpbox');
+  JQueryJson(url, {}, function(response){
+    if (response.status == 'success')
+    {
+      $('div#helpbox').html(
+        '<a href="javascript:void(0);" id="helpbox_close" >'+
+          '<img src="/bundles/muzichcore/img/1317386146_cancel.png" alt="close" />'+
+        '</a>'+
+        response.data
+      );
+      
+      if (callback)
+      {
+        callback();
+      }
+    }
+  });
+}
+
+function open_connection_or_subscription_window(open_login_part)
 {
   if (window_login_or_subscription_opened == false)
   {
     window_login_or_subscription_opened = true;
-    alert('must be connected');
+    open_ajax_popin(url_subscription_or_login, function(){
+      if (open_login_part)
+      {
+        $('div#helpbox div#login_box').show();
+      }
+      else
+      {
+        $('div#helpbox div#registration_box').show();
+      }
+      
+      $('a#helpbox_close').click(function(){
+        window_login_or_subscription_opened = false;
+      });
+      
+      $('div.login form').ajaxForm(function(response) {
+        if (response.status == 'success')
+        {
+          $(location).attr('href', url_home);
+        }
+        else if (response.status == 'error')
+        {
+          $('div.login form').prepend('<ul class="error_list"><li>'+response.data.error+'</li></ul>');
+          $('div.login form input#password').val('');
+        }
+      });
+      
+      $('div.register form.fos_user_registration_register').ajaxForm(function(response) {
+        
+      });
+      
+    });
   }
 }

src/Muzich/CoreBundle/Resources/views/Layout/head_js.html.twig

@@ -108,6 +108,7 @@
   string_removefromgroup_confirm_no = "{{ 'element.group.remove_from.confirm.no'|trans({}, 'elements') }}";
 
   url_index = "{{ path('index') }}";
+  url_home = "{{ path('home') }}";
   url_search_tag = "{{ path('search_tag') }}";
   url_get_favorites_tags = "{{ path('ajax_get_favorites_tags') }}";
   url_add_tag = "{{ path('ajax_add_tag') }}";
@@ -121,6 +122,8 @@
   url_img_ajax_loader = "{{ asset('/bundles/muzichcore/img/ajax-loader.gif') }}";
   url_get_embed_for_element = "{{ path('url_get_embed_for_element') }}";
   
+  url_subscription_or_login = "{{ path('subscribe_or_login') }}";
+  
   config_player_youtube_width = "{{ player_config_youtube_width }}";
   config_player_youtube_height = "{{ player_config_youtube_height }}";
 </script>

src/Muzich/CoreBundle/Resources/views/Menu/access.html.twig

@@ -1,6 +1,15 @@
 <ul id="register_and_login">
   {% if not app.user %}
-    
+    <li>
+      <a href="#" class="left mustbeconnected">
+        {{ 'top_bar.subscribe'|trans({}, 'navigationui') }}
+      </a>
+    </li>
+    <li>
+      <a class="right open_login" href="#">
+          {{ 'top_bar.login'|trans({}, 'navigationui') }}
+      </a>
+    </li>
   {% else %}
     <li>
       <a href="{{ path('my_account') }}" class="left">

src/Muzich/CoreBundle/Security/Http/Authentication/AuthenticationFailureHandler.php

@@ -0,0 +1,60 @@
+<?php
+
+namespace Muzich\CoreBundle\Security\Http\Authentication;
+
+use Symfony\Component\Security\Core\Exception\AuthenticationException;
+use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\Security\Http\Authentication\AuthenticationFailureHandlerInterface;
+use Symfony\Component\HttpFoundation\RedirectResponse;
+use Symfony\Component\Routing\RouterInterface;
+use Symfony\Component\HttpFoundation\Response;
+use Symfony\Bundle\FrameworkBundle\Translation\Translator;
+use Doctrine\ORM\EntityManager;
+use Muzich\CoreBundle\Entity\User;
+
+/**
+ * Custom authentication success handler
+ */
+class AuthenticationFailureHandler implements AuthenticationFailureHandlerInterface
+{
+
+   private $router;
+   private $em;
+   private $translator;
+
+   /**
+    * Constructor
+    * @param RouterInterface   $router
+    * @param EntityManager     $em
+    */
+   public function __construct(RouterInterface $router, EntityManager $em, Translator $translator)
+   {
+      $this->translator = $translator;
+      $this->router = $router;
+      $this->em = $em;
+   }
+
+   function onAuthenticationFailure(Request $request, AuthenticationException $exception)
+   {
+      if ($request->isXmlHttpRequest())
+      {
+        $response = new Response(json_encode($this->getResponseParameters($request)));
+        $response->headers->set('Content-Type', 'application/json; charset=utf-8');
+        return $response;
+      }
+      
+      return new RedirectResponse($this->router->generate('index'));
+   }
+   
+   protected function getResponseParameters(Request $request)
+   {
+    $session = $request->getSession();
+    return array(
+      'status' => 'error',
+      'data'   => array(
+        'error' => $this->translator->trans('login.fail', array(), 'users')
+      )
+    );
+   }
+   
+}

src/Muzich/CoreBundle/Security/Http/Authentication/AuthenticationSuccessHandler.php

@@ -0,0 +1,52 @@
+<?php
+
+namespace Muzich\CoreBundle\Security\Http\Authentication;
+
+use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
+use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\Security\Http\Authentication\AuthenticationSuccessHandlerInterface;
+use Symfony\Component\HttpFoundation\RedirectResponse;
+use Symfony\Component\Routing\RouterInterface;
+use Symfony\Component\HttpFoundation\Response;
+use Doctrine\ORM\EntityManager;
+use Muzich\CoreBundle\Entity\User;
+
+/**
+ * Custom authentication success handler
+ */
+class AuthenticationSuccessHandler implements AuthenticationSuccessHandlerInterface
+{
+
+   private $router;
+   private $em;
+
+   /**
+    * Constructor
+    * @param RouterInterface   $router
+    * @param EntityManager     $em
+    */
+   public function __construct(RouterInterface $router, EntityManager $em)
+   {
+      $this->router = $router;
+      $this->em = $em;
+   }
+
+   /**
+    * This is called when an interactive authentication attempt succeeds. This
+    * is called by authentication listeners inheriting from AbstractAuthenticationListener.
+    * @param Request        $request
+    * @param TokenInterface $token
+    * @return Response The response to return
+    */
+   function onAuthenticationSuccess(Request $request, TokenInterface $token)
+   {
+      if ($request->isXmlHttpRequest())
+      {
+        $response = new Response(json_encode(array('status' => 'success')));
+        $response->headers->set('Content-Type', 'application/json; charset=utf-8');
+        return $response;
+      }
+      
+      return new RedirectResponse($this->router->generate('home'));
+   }
+}

src/Muzich/IndexBundle/Controller/IndexController.php

@@ -14,7 +14,6 @@ class IndexController extends Controller
   
   /**
    * 
-   * @Template()
    */
   public function indexAction()
   {
@@ -28,10 +27,10 @@ class IndexController extends Controller
     $vars = $this->proceedLogin();
     $form = $this->container->get('fos_user.registration.form');
     
-    return array_merge($vars, array(
+    return $this->render('MuzichIndexBundle:Index:index.html.twig', array_merge($vars, array(
       'form' => $form->createView(),
       'presubscription_form' => $this->getPreSubscriptionForm()->createView()
-    ));
+    )));
   }
   
   /**
@@ -57,7 +56,6 @@ class IndexController extends Controller
     }
 
     if ($error) {
-        // TODO: this is a potential security risk (see http://trac.symfony-project.org/ticket/9523)
         $error = $this->trans('login.fail', array(), 'users');
     }
     // last username entered by the user

src/Muzich/UserBundle/Controller/UserController.php

@@ -606,4 +606,14 @@ class UserController extends Controller
     ));
   }
   
+  public function subscribeOrLoginAction(Request $request)
+  {
+    return $this->jsonResponse(array(
+      'status' => 'success',
+      'data'   => $this->render('MuzichUserBundle:Account:subscribe_or_login.html.twig', array(
+        'form' => $this->container->get('fos_user.registration.form')->createView()
+      ))->getContent()
+    ));
+  }
+  
 }

src/Muzich/UserBundle/Resources/config/routing.yml

@@ -59,4 +59,8 @@ user_hide_help:
   pattern: /account/update-help/hide/{help_id}/{token}
   defaults: { _controller: MuzichUserBundle:User:updateHelpViewed }
   requirements:
-    _method:  POST
+    _method:  POST
+
+subscribe_or_login:
+  pattern: /ajax/subscribe-or-login
+  defaults: { _controller: MuzichUserBundle:User:subscribeOrLogin }

src/Muzich/UserBundle/Resources/views/Account/subscribe_or_login.html.twig

@@ -0,0 +1,13 @@
+<div id="login_box" style="display: none;">
+  
+  {% include "MuzichUserBundle:Security:login.html.twig" %}
+  
+</div>
+
+<div id="registration_box" style="display: none;">
+  
+  <h1>{{ 'register.title'|trans({}, 'userui') }}</h1>
+  
+  {% include "MuzichUserBundle:Registration:register.html.twig" %}
+  
+</div>

src/Muzich/UserBundle/Resources/views/Registration/register.html.twig

@@ -1,3 +1,7 @@
+{% if registration_errors_pers is not defined %}
+  {% set registration_errors_pers = null %}
+{% endif %}
+
 <div class="register">
   <form action="{{ path('register') }}" {{ form_enctype(form) }} 
     method="POST" 

src/Muzich/UserBundle/Resources/views/Security/login.html.twig

@@ -1,3 +1,10 @@
+{% if error is not defined %}
+  {% set error = null %}
+{% endif %}
+{% if last_username is not defined %}
+  {% set last_username = null %}
+{% endif %}
+
 <div class="login">
   {% if error %}
       <ul class="error_list"><li>{{ error|trans({}, 'validators') }}</li></ul>