wip #6899 @1.5

diff --git a/app/Fluidbook/Compiler/Secure.php b/app/Fluidbook/Compiler/Secure.php
index 44464769cbc0fd11934743365f4c71b8da050361..3f5bc39fdf1889a9183795bc7d4ee4f55beadcac 100644 (file)
--- a/app/Fluidbook/Compiler/Secure.php
+++ b/app/Fluidbook/Compiler/Secure.php
@@ -21,17 +21,26 @@ trait Secure
     protected function _getSecureUsers()
     {
         $credentials = Text::explodeNewLines(trim($this->fluidbookSettings->secureClientSidePasswordCredentials));
-        $credentials[] = 'fluidbook:LatacaM4##*';
+        if ($this->fluidbookSettings->secureClientSideMode == '1') {
+            $credentials[] = 'fluidbook';
+        } else {
+            $credentials[] = 'fluidbook:LatacaM4##*';
+        }
         $users = [];
         foreach ($credentials as $credential) {
             $salt = bin2hex(random_bytes(5));
             $e = explode(':', $credential);
-            if (count($e) <= 1) {
+            if ($this->fluidbookSettings->secureClientSideMode == '0' && count($e) <= 1) {
                 continue;
             }
             $usersalt = bin2hex(random_bytes(5));
             $user = hash("sha256", $usersalt . '+' . mb_strtolower($e[0]));
-            $users[$user] = ['salt' => $salt, 'usersalt' => $usersalt, 'hash' => hash("sha256", $salt . '-' . Text::removeAccents($e[1]))];
+            $u = ['salt' => $salt, 'usersalt' => $usersalt];
+            if (count($e) > 1 && $this->fluidbookSettings->secureClientSideMode != '0') {
+                $u['hash'] = hash("sha256", $salt . '-' . Text::removeAccents($e[1]));
+            }
+            $users[$user] = $u;
+
         }
         return $users;
     }
@@ -89,7 +98,8 @@ trait Secure
         $variables['FORM_USERNAME'] = $locale['Username'] ?? 'Username';
         $variables['FORM_PASSWORD'] = $locale['Password'] ?? 'Password';
         $variables['FORM_SIGN_IN'] = $locale['Sign in'] ?? 'Sign in';
-        $variables['CODE'] = '
+        if ($this->fluidbookSettings->secureClientSideMode == '0') {
+            $variables['CODE'] = '
         $(function(){
             $(\'form\').on(\'submit\', function (e) {
                 e.preventDefault();
@@ -116,6 +126,30 @@ trait Secure
                 return false;
             });
         });';
+        } else {
+            $variables['CODE'] = '
+        $(function(){
+            $(\'form\').on(\'submit\', function (e) {
+                e.preventDefault();
+
+                var u = $("#username").val().toLowerCase();
+                var error = true;
+                $.each(CREDENTIALS, function (user, data) {
+                    let hu = forge_sha256(data.usersalt + \'+\' + u);
+
+                    if (hu === user) {
+                        error = false;
+                        window.sessionStorage.setItem(\'secureUsername\', u);
+                        window.location = \'index.html\';
+                    }
+                });
+                if (error) {
+                    $("#message").text(\'' . addcslashes($locale['User unknown'] ?? 'User unknown', "'") . '\');
+                }
+                return false;
+            });
+        });';
+        }
         $variables['CSS'] = $this->fluidbookSettings->secureClientSideStyles;
         $this->fluidbookSettings->secureClientSideFont = $this->fluidbookSettings->secureClientSideFont ?: 'OpenSans';
         $this->addFontKit($this->fluidbookSettings->secureClientSideFont);

diff --git a/app/Models/Traits/PublicationSettings.php b/app/Models/Traits/PublicationSettings.php
index 82b474942159b74cff251194065ba43f302a23f5..e51689cf8bbb5d0011d5fb0ea6abe3d23851c11d 100644 (file)
--- a/app/Models/Traits/PublicationSettings.php
+++ b/app/Models/Traits/PublicationSettings.php
@@ -1798,6 +1798,7 @@ trait PublicationSettings
     protected function _securePage()
     {
         $this->addSettingField('section_securepage', FormSection::class, $this->__('Sécurisation par une page de login'));
+        $this->addSettingField('secureClientSideMode', SelectFromArray::class, __('Mode de d\'authentification'), ['default' => '0', 'options' => ['0' => __('Nom d\'utilisateur et un mot de passe'), '1' => __('Nom d\'utilisateur uniquement')]]);
         $this->addSettingField('secureClientSidePassword', FilesOrURL::class, __('Template HTML'), [
             'v2' => '{"type":"freefile","label":"S\\u00e9curisation par mot de passe c\\u00f4t\\u00e9 client","editable":true,"default":"","grade":3,"fileFilter":{"name":"\\u00a7!\\u00a7Fichier HTML!\\u00a7! (*.html)","extensions":"*.html"}}',
             'accept' => self::$acceptHTML,