Skip to content

aa.gusti / opensipkd-base

Go to a project
Commit b4a33dce by aagusti
Options

perbaikan user login dan csrf

1 parent be1cb753
Inline Side-by-side
Showing 13 changed files with 315 additions and 282 deletions
README.md
......@@ -197,8 +197,30 @@ Tambahkan blok berikut ini dibawah ini file
proxy_set_header X-Forwarded-Host $host:$server_port;
proxy_set_header X-Forwarded-Port $server_port;
client_max_body_size 10m;
client_body_buffer_size 128k;
proxy_connect_timeout 60s;
proxy_send_timeout 90s;
proxy_read_timeout 90s;
proxy_buffering off;
proxy_temp_file_write_size 64k;
proxy_pass http://127.0.0.1:6543/;
proxy_redirect off;
}
```
Other Configuration
```
[server:main]
use = egg:waitress#main
host = 0.0.0.0
port = 6543
;port = %(http_port)s digunakan jika port akan menggunakan parameter
trusted_proxy = 10.8.50.23
trusted_proxy_count = 1
trusted_proxy_headers = x-forwarded-for x-forwarded-host x-forwarded-proto x-forwarded-port
clear_untrusted_proxy_headers = yes
url_scheme = https # HTTP or https
```
opensipkd/base/__init__.py
......@@ -456,7 +456,7 @@ def main(global_config, **settings):
config = Configurator(settings=settings,
root_factory='opensipkd.models.RootFactory',
session_factory=session_factory)
config.set_default_csrf_options(require_csrf=True)
config.set_default_csrf_options(require_csrf=False)
modules = get_modules(settings)
from importlib import import_module
for module in modules:
......@@ -499,7 +499,7 @@ def main(global_config, **settings):
config.add_request_method(get_ini, 'get_ini', reify=True)
config.add_request_method(get_csrf_token, 'get_csrf_token', reify=True)
config.add_translation_dirs('opensipkd.base:locale/')
# config.add_translation_dirs('opensipkd.base:locale/')
config.add_static_view('static', 'opensipkd.base:static',
cache_max_age=3600)
......
opensipkd/base/views/__init__.py
......@@ -22,11 +22,13 @@ from .base_views import BaseView
from opensipkd.models import (
DBSession, UserService, )
from .common import DataTables, ColumnDT
from pyramid.csrf import new_csrf_token
_ = TranslationStringFactory('login')
log = logging.getLogger(__name__)
@view_config(context=HTTPNotFound, renderer='templates/404.pt')
def not_found(request):
path = request.path
......@@ -150,3 +152,5 @@ two_minutes = timedelta(1.0 / 24 / 60)
def deferred_jenis(node, kw):
values = kw.get('daftar_jenis', [])
return widget.RadioChoiceWidget(values=values)
opensipkd/base/views/base_views.py
......@@ -2,31 +2,25 @@ import logging
import os
import re
from datetime import datetime
from email.utils import parseaddr
import colander
from datatables import ColumnDT
from dateutil.relativedelta import relativedelta
from opensipkd.base.views.upload import tmpstore
from opensipkd.tools.captcha import get_captcha
from opensipkd.tools.report import csv_response, file_response
from deform import (widget, Form, ValidationFailure, FileData, )
from pyramid.httpexceptions import HTTPFound, HTTPNotFound
from .common import DataTables
from .. import DBSession, get_params, get_urls
from opensipkd.tools import dmy, date_from_str, get_settings, get_ext, \
from opensipkd.base.views.upload import tmpstore
from opensipkd.tools import dmy, get_settings, get_ext, \
date_from_str, get_random_string
import colander
from deform import (widget, Form, ValidationFailure, Button, FileData, )
from email.utils import parseaddr
from opensipkd.tools.buttons import btn_save, btn_cancel, btn_close, btn_delete, \
btn_view, btn_add, btn_edit, btn_csv, \
btn_add, btn_csv, \
btn_pdf
from opensipkd.models import User, Menus
from opensipkd.tools.captcha import get_captcha
from opensipkd.tools.report import csv_response, file_response
from .common import DataTables
from .. import DBSession, get_params, get_urls
from ..scripts.initializedb import append_csv
from ..tools.api import auth_from_rpc
from ...detable import DeTable
log = logging.getLogger(__name__)
......@@ -71,7 +65,7 @@ class BaseView(object):
dt_awal = date_from_str(
'{d}-{m}-{y}'.format(y=self.tahun, m=self.bulan, d='01'))
dt_akhir = dt_awal + \
relativedelta(months=1) - relativedelta(days=1)
relativedelta(months=1) - relativedelta(days=1)
self.ses['awal'] = dmy(dt_awal)
self.ses['akhir'] = dmy(dt_akhir)
......@@ -82,7 +76,7 @@ class BaseView(object):
if 'posted' in self.params and self.params['posted']:
posted = self.params['posted']
self.posted = ((posted == 'true' or posted == '1') and 1) or (
(posted == 'false' or posted == '0') and 0) or 0
(posted == 'false' or posted == '0') and 0) or 0
self.ses['posted'] = self.posted
self.awal = 'awal' in self.ses and self.ses['awal'] or dmy(now)
......
opensipkd/base/views/templates/login.pt
<!DOCTYPE html>
<html lang="en"
tal:define="home request._host;">
tal:define="home request._host;">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="description" content="">
<meta name="author" content="">
<meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no">
<!--? <meta tal:condition="request.google_signin_client_id"-->
<!--? name="google-signin-client_id"-->
<!--? content="${request.google_signin_client_id}">-->
<link rel="shortcut icon" href="${home}/static/img/favicon.png">
<title tal:content="request.title" />
<!-- Basic Styles -->
<link rel="stylesheet" type="text/css" media="screen" href="${home}/static/v3/css/bootstrap.min.css">
<link rel="stylesheet" type="text/css" media="screen" href="${home}/static/v3/css/font-awesome.min.css">
<!-- SmartAdmin Styles : Caution! DO NOT change the order -->
<link rel="stylesheet" type="text/css" media="screen"
href="${home}/static/v3/css/smartadmin-production-plugins.min.css">
<link rel="stylesheet" type="text/css" media="screen" href="${home}/static/v3/css/smartadmin-production.min.css">
<link rel="stylesheet" type="text/css" media="screen" href="${home}/static/v3/css/smartadmin-skins.min.css">
<!-- SmartAdmin RTL Support -->
<link rel="stylesheet" type="text/css" media="screen" href="${home}/static/v3/css/smartadmin-rtl.min.css">
<link rel="stylesheet" type="text/css" href="${home}/static/css/custom.css">
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="description" content="">
<meta name="author" content="">
<meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no">
<!--? <meta tal:condition="request.google_signin_client_id"-->
<!--? name="google-signin-client_id"-->
<!--? content="${request.google_signin_client_id}">-->
<link rel="shortcut icon" href="${home}/static/img/favicon.png">
<title tal:content="request.title" />
<!-- Basic Styles -->
<link rel="stylesheet" type="text/css" media="screen" href="${home}/static/v3/css/bootstrap.min.css">
<link rel="stylesheet" type="text/css" media="screen" href="${home}/static/v3/css/font-awesome.min.css">
<!-- SmartAdmin Styles : Caution! DO NOT change the order -->
<link rel="stylesheet" type="text/css" media="screen"
href="${home}/static/v3/css/smartadmin-production-plugins.min.css">
<link rel="stylesheet" type="text/css" media="screen" href="${home}/static/v3/css/smartadmin-production.min.css">
<link rel="stylesheet" type="text/css" media="screen" href="${home}/static/v3/css/smartadmin-skins.min.css">
<!-- SmartAdmin RTL Support -->
<link rel="stylesheet" type="text/css" media="screen" href="${home}/static/v3/css/smartadmin-rtl.min.css">
<link rel="stylesheet" type="text/css" href="${home}/static/css/custom.css">
</head>
<body>
<div id="content" class="container">
<div class="row">
<div class="col-xs-12 col-sm-12 col-md-6 col-md-offset-3 col-lg-4 col-lg-offset-4" style="margin-top:50px">
<div class="well no-padding">
<form id="deform" method="POST" enctype="multipart/form-data" accept-charset="utf-8"
class="smart-form client-form panel form-signin" style="border:0px;">
<header class="bg-color-blue">
<h1 class="txt-color-white login-header-big" align="center"
style="letter-spacing:1px;">${request.app_name}</h1>
</header>
<fieldset class="deformFormFieldset">
<input type="hidden" name="_charset_"/>
<input type="hidden" name="__formid__" value="deform"/>
<div tal:condition="request.session.peek_flash()">
<div class="alert alert-success" tal:repeat="message request.session.pop_flash()"><i
class="fa fa-fw fa-lg fa-check-circle"></i>&nbsp;${message}
</div>
</div>
<div tal:condition="request.session.peek_flash('error')">
<div class="alert alert-danger" tal:repeat="message request.session.pop_flash('error')"><i
class="fa fa-fw fa-lg fa-times-circle"></i>&nbsp;${message}
</div>
</div>
<div class="col-md-12" align="center">
<img src="${home}/static/img/logo.png"
class="img-float img-thumbnail" style="height:auto;width:auto;border:none;"/>
</div>
<div class="clearfix"></div>
<section>
<label class="label">USERNAME</label>
<label class="input"> <i class="icon-append fa fa-user"></i>
<input id="username" type="text" name="username" class="form-control">
<b class="tooltip tooltip-top-right">
<i class="fa fa-user txt-color-teal"></i>
ISI DENGAN USERNAME ANDA</b></label>
</section>
<section>
<label class="label">PASSWORD</label>
<label class="input"> <i class="icon-append fa fa-lock"></i>
<input id="password" type="password" name="password" class="form-control">
<b class="tooltip tooltip-top-right"><i class="fa fa-lock txt-color-teal"></i> ISI
DENGAN PASSWORD ANDA</b> </label>
<div class="note">
<a id="lupa" name="lupa"
href="${home}/reset-password">Lupa Password?</a>
</div>
</section>
</fieldset>
<footer>
<section>
<div class="row" style="float:right">
<button type="submit" id="login-btn" name="login"
class="btn btn-primary" style="float:left"
value="Login">
Login
</button>
<button tal:condition="allow_register(request)"
id="register" name="register" class="btn btn-info"
value="Register" style="float:left">
Register
</button>
<!--? <div class="clearfix"></div>-->
</div>
</section>
</footer>
<footer>
<section>
<div class="row" tal:condition="request.google_signin_client_id and allow_register(request)">
<div id="g_id_onload"
data-client_id="${request.google_signin_client_id}"
data-callback="onSignIn">
</div>
<div class="g_id_signin" data-type="standard"></div>
</div>
</section>
<section>
<input id="provider_name" type="hidden" name="provider_name" class="form-control">
<input id="id_token" type="hidden" name="id_token" class="form-control">
</section>
</footer>
</form>
<div class="row">
<div class="col-xs-12 col-sm-12 col-md-6 col-md-offset-3 col-lg-4 col-lg-offset-4" style="margin-top:50px">
<div class="well no-padding">
<form id="deform" method="POST" enctype="multipart/form-data" accept-charset="utf-8"
class="smart-form client-form panel form-signin" style="border:0px;">
<header class="bg-color-blue">
<h1 class="txt-color-white login-header-big" align="center"
style="letter-spacing:1px;">${request.app_name}</h1>
</header>
<fieldset class="deformFormFieldset">
<input type="hidden" name="_charset_"/>
<input type="hidden" name="__formid__" value="deform"/>
<div tal:condition="request.session.peek_flash()">
<div class="alert alert-success" tal:repeat="message request.session.pop_flash()"><i
class="fa fa-fw fa-lg fa-check-circle"></i>&nbsp;${message}
</div>
</div>
</div>
<div tal:condition="request.session.peek_flash('error')">
<div class="alert alert-danger" tal:repeat="message request.session.pop_flash('error')"><i
class="fa fa-fw fa-lg fa-times-circle"></i>&nbsp;${message}
</div>
</div>
<div class="col-md-12" align="center">
<img src="${home}/static/img/logo.png"
class="img-float img-thumbnail" style="height:auto;width:auto;border:none;"/>
</div>
<div class="clearfix"></div>
<section>
<label class="label">USERNAME</label>
<label class="input"> <i class="icon-append fa fa-user"></i>
<input id="username" type="text" name="username" class="form-control">
<b class="tooltip tooltip-top-right">
<i class="fa fa-user txt-color-teal"></i>
ISI DENGAN USERNAME ANDA</b></label>
</section>
<section>
<label class="label">PASSWORD</label>
<label class="input"> <i class="icon-append fa fa-lock"></i>
<input id="password" type="password" name="password" class="form-control">
<b class="tooltip tooltip-top-right"><i class="fa fa-lock txt-color-teal"></i> ISI
DENGAN PASSWORD ANDA</b> </label>
<div class="note">
<a id="lupa" name="lupa"
href="${home}/reset-password">Lupa Password?</a>
</div>
</section>
<section>
<div tal:condition="'csrf_token' in form">
<div tal:define="field form['csrf_token']" style="display: none;">
${structure:field.serialize()}
</div>
</div>
</section>
</fieldset>
<footer>
<section>
<div class="row" style="float:right">
<button type="submit" id="login-btn" name="login"
class="btn btn-primary" style="float:left"
value="Login">
Login
</button>
<button tal:condition="allow_register(request)"
id="register" name="register" class="btn btn-info"
value="Register" style="float:left">
Register
</button>
<!--? <div class="clearfix"></div>-->
</div>
</section>
</footer>
<footer>
<section>
<div class="row" tal:condition="request.google_signin_client_id and allow_register(request)">
<div id="g_id_onload"
data-client_id="${request.google_signin_client_id}"
data-callback="onSignIn">
</div>
<div class="g_id_signin" data-type="standard"></div>
</div>
</section>
<section>
<input id="provider_name" type="hidden" name="provider_name" class="form-control">
<input id="id_token" type="hidden" name="id_token" class="form-control">
</section>
</footer>
</form>
</div>
</div>
</div>
</div>
<!-- Bootstrap core JavaScript
......@@ -133,51 +141,51 @@
<!--? <script tal:condition="request.google_signin_client_id"-->
<!--? src="https://apis.google.com/js/platform.js" async defer></script>-->
<script tal:condition="request.google_signin_client_id"
src="https://accounts.google.com/gsi/client" async defer></script>
src="https://accounts.google.com/gsi/client" async defer></script>
<script tal:condition="request.google_signin_client_id">
window.onload = function (e) {
const value = document.cookie;
const parts = value.split(`g_state=`);
if (parts.length === 2) {
document.cookie = document.cookie + ";max-age=0";
}
window.onload = function (e) {
const value = document.cookie;
const parts = value.split(`g_state=`);
if (parts.length === 2) {
document.cookie = document.cookie + ";max-age=0";
}
function onSignIn(googleUser) {
// var profile = googleUser.getBasicProfile();
// console.log('ID: ' + profile.getId()); // Do not send to your backend! Use an ID token instead.
// console.log('Name: ' + profile.getName());
// console.log('Image URL: ' + profile.getImageUrl());
// console.log('Email: ' + profile.getEmail()); // This is null if the 'email' scope is not present.
//getId(), getName(), getGivenName(), getFamilyName(), getImageUrl(), getEmail() methods, and
// console.log(googleUser);
// console.log(googleUser.getId());
// console.log(googleUser.getName());
// var id_token = googleUser.getAuthResponse().id_token;
document.getElementById('provider_name').value = "google";
document.getElementById('id_token').value = JSON.stringify(googleUser);
document.getElementById("deform").submit();
// var xhr = new XMLHttpRequest();
// xhr.open('POST', '/googlesignin');
// xhr.setRequestHeader('Content-Type', 'application/x-www-form-urlencoded');
// xhr.onload = function() {
// console.log('Signed in as: ' + xhr.responseText);
// };
// xhr.send('idtoken=' + id_token);
}
$(document).ready(function () {
$("form#deform").keypress(function (event) {
var keycode = (event.keyCode ? event.keyCode : event.which);
if (keycode == '13') {
event.preventDefault();
$("button#login-btn").click();
}
});
}
function onSignIn(googleUser) {
// var profile = googleUser.getBasicProfile();
// console.log('ID: ' + profile.getId()); // Do not send to your backend! Use an ID token instead.
// console.log('Name: ' + profile.getName());
// console.log('Image URL: ' + profile.getImageUrl());
// console.log('Email: ' + profile.getEmail()); // This is null if the 'email' scope is not present.
//getId(), getName(), getGivenName(), getFamilyName(), getImageUrl(), getEmail() methods, and
// console.log(googleUser);
// console.log(googleUser.getId());
// console.log(googleUser.getName());
// var id_token = googleUser.getAuthResponse().id_token;
document.getElementById('provider_name').value = "google";
document.getElementById('id_token').value = JSON.stringify(googleUser);
document.getElementById("deform").submit();
// var xhr = new XMLHttpRequest();
// xhr.open('POST', '/googlesignin');
// xhr.setRequestHeader('Content-Type', 'application/x-www-form-urlencoded');
// xhr.onload = function() {
// console.log('Signed in as: ' + xhr.responseText);
// };
// xhr.send('idtoken=' + id_token);
}
$(document).ready(function () {
$("form#deform").keypress(function (event) {
var keycode = (event.keyCode ? event.keyCode : event.which);
if (keycode == '13') {
event.preventDefault();
$("button#login-btn").click();
}
});
});
</script>
</body>
</html>
opensipkd/base/views/templates/upload.pt
......@@ -3,20 +3,17 @@
<!-- content -->
<div metal:fill-slot="content">
<div class="row">
<div class="row">
<div class="panel panel-default">
<div class="panel panel-default">
<div class="panel-body">
<div class="col-md-10 col-md-offset-1">
<blockquote>
<p>Untuk Background, beri nama background pada file<br>Untuk Logo beri nama logo pada file</p>
</blockquote>
<div tal:content="structure form"/>
</div>
</div>
<div class="panel-body">
<div class="col-md-10 col-md-offset-1">
<div tal:content="structure form"/>
</div>
</div>
</div>
</div>
</div>
<!-- end content -->
......
opensipkd/base/views/upload.py
import os
import colander
from deform import (
Form,
widget,
FileData,
)
from deform import (Form, widget, FileData, )
from deform.interfaces import FileUploadTempStore
from opensipkd.tools import (
get_ext,
dict_to_str,
)
from pyramid.httpexceptions import HTTPFound
from pyramid.view import view_config
from opensipkd.tools import (get_ext, dict_to_str, )
from .view_tools import CSRFSchema
from .. import get_urls
# from unggah import DbUpload
def route_list(request, p={}):
q = dict_to_str(p)
return HTTPFound(location=get_urls(request.route_url('upload-logo', _query=q)))
......@@ -43,46 +38,46 @@ def route_list(request, p={}):
tmpstore = FileUploadTempStore()
class AddSchema(colander.Schema):
class AddSchema(CSRFSchema):
upload = colander.SchemaNode(
FileData(),
widget=widget.FileUploadWidget(tmpstore),
title='Unggah')
typ = colander.SchemaNode(
image_for = colander.SchemaNode(
colander.String(),
widget=widget.SelectWidget(values=(('img', "Image"), ('icon', "Icon"))),
title='Jenis')
widget=widget.SelectWidget(values=(('oth', "Other"), ('logo', "Logo"),
('bg', "Background"))),
title='Peruntukan')
def get_form(schema_cls):
def get_form(request, schema_cls):
schema = schema_cls()
schema = schema.bind(request=request)
return Form(schema, buttons=('simpan', 'batal'))
@view_config(route_name='upload-logo',
renderer='templates/upload.pt',
permission='upload-logo')
permission='upload-logo', require_csrf=True)
def view_file(request):
form = get_form(AddSchema)
form = get_form(request, AddSchema)
if request.POST:
if 'simpan' in request.POST:
input_file = request.POST['upload'].file
filename = request.POST['upload'].filename.lower()
ext = get_ext(filename).lower()
if ext.lower() not in ['.png', '.ico']:
request.session.flash('File harus format png', 'error')
request.session.flash("File harus format 'png' atau 'ico'", 'error')
return dict(form=form.render())
_here = os.path.dirname(__file__)
static_path = os.path.join(os.path.dirname(_here), 'static')
if filename.startswith('logo'):
fname = filename
if request.POST["image_for"] == "logo":
fname = f"logo{ext}"
elif filename.startswith('background'):
elif request.POST["image_for"] == "bg":
fname = f"background{ext}"
else:
fname = filename
folder = os.path.join(static_path, request.POST['typ'])
typ = ext == '.png' and "img" or 'icon'
folder = os.path.join(static_path, typ)
if not os.path.exists(folder):
os.makedirs(folder)
......@@ -94,6 +89,7 @@ def view_file(request):
if not data:
break
output_file.write(data)
request.session.flash(f"Sukses upload {fname}")
return route_list(request)
return dict(form=form.render())
opensipkd/base/views/user_login.py
......@@ -42,11 +42,11 @@ from opensipkd.models import User, ExternalIdentity, Partner
from opensipkd.tools import create_now, set_user_log, get_settings
from opensipkd.tools.buttons import btn_cancel
from .. import get_urls
from .view_tools import CSRFSchema
log = __import__("logging").getLogger(__name__)
class Login(colander.Schema):
class Login(CSRFSchema):
username = colander.SchemaNode(
colander.String(),
widget=widget.TextInputWidget(
......@@ -57,18 +57,14 @@ class Login(colander.Schema):
password = colander.SchemaNode(
colander.String(), widget=widget.PasswordWidget())
# csrf_token = colander.SchemaNode(
# colander.String(),
# )
def after_bind(self, schema, kwargs):
request = kwargs["request"]
csrf_token = new_csrf_token(request)
log.error(csrf_token)
self["csrf_token"] = colander.SchemaNode(
colander.String(), widget=widget.HiddenWidget(),
default=csrf_token
)
# def after_bind(self, schema, kwargs):
# request = kwargs["request"]
# csrf_token = new_csrf_token(request)
# log.error(csrf_token)
# self["csrf_token"] = colander.SchemaNode(
# colander.String(), widget=widget.HiddenWidget(),
# default=csrf_token
# )
# http://deformdemo.repoze.org/interfield/
......@@ -172,7 +168,7 @@ def oauth2_login(request, params=None):
class ViewLogin(BaseView):
@view_config(route_name='login', renderer='templates/form.pt')
@view_config(route_name='login', renderer='templates/form.pt', require_csrf=True)
def view_login(self):
request = self.req
request.session["login"] = True
......@@ -247,7 +243,7 @@ class ViewLogin(BaseView):
request.session.flash(str(e), "error")
return render_to_response(
login_tpl, dict(
form=form.render(),
form=form,
message=message,
url=get_urls(request.route_url('login')),
next_url=next_url,
......@@ -260,17 +256,17 @@ class ViewLogin(BaseView):
return redirect_login(request, user)
# values = {"csrf_token": new_csrf_token(request)}
login = ""
if login_tpl == 'templates/login.pt':
return dict(form=form.render(),
message=message,
url=get_urls(request.route_url('login')),
next_url=next_url,
login=login, )
# if login_tpl == 'templates/login.pt':
# return dict(form=form.render(),
# message=message,
# url=get_urls(request.route_url('login')),
# next_url=next_url,
# login=login, )
return render_to_response(
renderer_name=login_tpl,
request=request,
value=dict(form=form.render(),
value=dict(form=form,
message=message,
url=get_urls(request.route_url('login')),
next_url=next_url,
......
opensipkd/base/views/view_tools.py 0 → 100644
import colander
from pyramid.csrf import new_csrf_token, get_csrf_token
from opensipkd.base.views import widget
class CSRFSchema(colander.Schema):
def after_bind(self, schema, kwargs):
request = kwargs["request"]
csrf_token = get_csrf_token(request)
if not csrf_token:
csrf_token = new_csrf_token(request)
self["csrf_token"] = colander.SchemaNode(
colander.String(), widget=widget.HiddenWidget(),
default=csrf_token
)
opensipkd/base/views/widgets/password.pt
......@@ -2,63 +2,62 @@
name name|field.name;
oid oid|field.oid;
">
<div class="input">
<input
type="password"
name="${name}"
value="${field.widget.redisplay and cstruct or ''}"
tal:attributes="style style|field.widget.style;
class string: form-control ${css_class|field.widget.css_class or ''};
attributes|field.widget.attributes|{};"
id="${oid}"/>
<!--? onkeyup="checkPasswordStrength${oid}();"-->
<div class="input">
<input
type="password"
name="${name}"
value="${field.widget.redisplay and cstruct or ''}"
tal:attributes="style style|field.widget.style;
class string: form-control ${css_class|field.widget.css_class or ''};
attributes|field.widget.attributes|{};"
id="${oid}"/>
<!--? onkeyup="checkPasswordStrength${oid}();"-->
<div class="checkbox">
<div class="checkbox">
<label>
<input type="checkbox" id="view${oid}">
<span>Show Password</span>
<input type="checkbox" id="view${oid}">
<span>Show Password</span>
</label>
</div>
<div id="${oid}-password-strength-status"></div>
</div>
<div id="${oid}-password-strength-status"></div>
</div>
<style>
#password-strength-status {
padding: 5px 10px;
border-radius: 4px;
margin-top: 5px;
}
</style>
<script type="text/javascript">
$('#view${oid}').change(function(){
if ($(this).prop('checked')==true){
$('#${oid}').attr('type','text');
}
else {
$('#${oid}').attr('type','password');
}
<style>
#password-strength-status {
padding: 5px 10px;
border-radius: 4px;
margin-top: 5px;
}
</style>
<script type="text/javascript">
$('#view${oid}').change(function () {
if ($(this).prop('checked') == true) {
$('#${oid}').attr('type', 'text');
} else {
$('#${oid}').attr('type', 'password');
}
});
function checkPasswordStrength${oid}() {
var number = /([0-9])/;
var alphabets = /([a-zA-Z])/;
var special_characters = /([~,!,@,#,$,%,^,&,*,-,_,+,=,?,>,<,\),\(,{,},\[,\]])/;
var password = $('#${oid}').val().trim();
if (password.length <= 8) {
$('#${oid}-password-strength-status').removeClass();
$('#${oid}-password-strength-status').addClass('label label-danger');
$('#${oid}-password-strength-status').html("Weak (should be atleast 8 characters.)");
var number = /([0-9])/;
var alphabets = /([a-zA-Z])/;
var special_characters = /([~,!,@,#,$,%,^,&,*,-,_,+,=,?,>,<,\),\(,{,},\[,\]])/;
var password = $('#${oid}').val().trim();
if (password.length <= 8) {
$('#${oid}-password-strength-status').removeClass();
$('#${oid}-password-strength-status').addClass('label label-danger');
$('#${oid}-password-strength-status').html("Weak (should be atleast 8 characters.)");
} else {
if (password.match(number) && password.match(alphabets) && password.match(special_characters)) {
$('#${oid}-password-strength-status').removeClass();
$('#${oid}-password-strength-status').addClass('label label-success');
$('#${oid}-password-strength-status').html("Strong");
} else {
if (password.match(number) && password.match(alphabets) && password.match(special_characters)) {
$('#${oid}-password-strength-status').removeClass();
$('#${oid}-password-strength-status').addClass('label label-success');
$('#${oid}-password-strength-status').html("Strong");
}
else {
$('#${oid}-password-strength-status').removeClass();
$('#${oid}-password-strength-status').addClass('label label-warning');
$('#${oid}-password-strength-status').html("Medium (should include alphabets, numbers and special characters.)");
}
$('#${oid}-password-strength-status').removeClass();
$('#${oid}-password-strength-status').addClass('label label-warning');
$('#${oid}-password-strength-status').html("Medium (should include alphabets, numbers and special characters.)");
}
}
}
</script>
</script>
</tal:block>
Markdown is supported
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!