» JeaseCMS » Блог

как создать кастомную форму логина?

Jease uses per default an Ajax-based login page. The general disadvantage of all Ajax-based login pages is that browsers cannot detect the input fields for login and password and therefore cannot remember the combination of login / password.

If you want to use your own customized login page which is embedded directly into your website, you can create a custom login form easily.

  • Enter the CMS and create a Script with id=login and save it.
  • Copy & paste the following code into the Script.
  • Point your browser to http://localhost:8080/login

If you want, you can [./~/login view and try] the custom login form.

<%@page import="jease.cms.domain.*,jease.cms.service.*" %>
<%
  if (request.getParameter("auth") != null) {
    if (session.getAttribute(User.class.toString()) != null) {
       pageContext.forward("/cms/index.zul");
    } else {
       response.sendRedirect(request.getContextPath() + "/login");
    }
    return;
  }
  String login = request.getParameter("login");
  String password = request.getParameter("password");
  if (login != null && password != null) {
    User user = new Authenticator().identify(login, password);
    if(user != null) {
       session.setAttribute(User.class.toString(), user);
       response.sendRedirect(request.getContextPath() + "/login?file&auth");
    } else {
       response.sendRedirect(request.getContextPath() + "/login?error");  
    }
    return;
  }
%>
<h3>Login into Jease CMS</h3>
<form action="<%= request.getContextPath() %>/login" method="post">
  <input type="hidden" name="file" value="true" />
  <dl>
    <dt>Login:</dt>
    <dd><input type="text" size="30" name="login" /></dd>
    <dt>Password:</dt>
    <dd><input type="password" size="30" name="password" /></dd>
  </dl>
  <input type="submit" value="Submit" />  
  <% if(request.getParameter("error") != null) { %>
     <p><b>Login is not valid</b></p>
  <% } %>
</form>  
<p><a href="<%=request.getContextPath()%>/login_mail">Forgot your password?</a></p>

Dealing with lost passwords

But the best login form is of no use, if your users have forgotten their password. So we need something like a password reminder...

The following script creates a link and sends it to the user which allows to login without entering a password. This works because the user object is first stored in a temporary location in the session. Calling the link activates the user object by simply moving it into the "official" place in the session where the user authentication is checked.

Just create a second script with id=login_mail and enter the code below to create a "password reminder"-alike functionality for your Jease site.

<%@page import="jfix.servlet.*,jease.cms.domain.*,jease.cms.service.*" %>
<% 
  String file = request.getParameter("file");
  if(file != null) {
     if(file.equals(session.getAttribute("JEASE_LOGIN_UUID"))) {        
        session.setAttribute(User.class.toString(),
                      session.getAttribute("JEASE_LOGIN_USER"));
        session.removeAttribute("JEASE_LOGIN_UUID");
        session.removeAttribute("JEASE_LOGIN_USER");
        pageContext.forward("/cms/index.zul");
     } else {
        response.sendRedirect(request.getContextPath() + "/login");   
     }
     return;
  }
  String email = request.getParameter("email");
  if(email != null) { 
    User user = Users.queryByEmail(email);
    if(user!=null) {
      String uuid = java.util.UUID.randomUUID().toString();
      session.setAttribute("JEASE_LOGIN_UUID", uuid);
      session.setAttribute("JEASE_LOGIN_USER", user);
      Mails.send("[email protected]", email, "Login link for Jease",
          String.format("http://%s%s/login_mail?file=%s", 
                        Servlets.getHost(request), request.getContextPath(), uuid));
      out.println("<b>You've got an email with a login link.</b>");
      return;  
    } else {
      out.println("<b>The email address is unknown.</b>");
    }
  } 
%>
<h3>Forgot your password?</h3>
<form action="" method="post">
  <p>Please enter your email address:
    <br />
    <input type="text" size="30" name="email" />
    <input type="submit" value="Submit" />
  </p>    
</form>

Last modified on 2012-04-23 by Maik Jablonski