From 21dca4755677c19a12514b9cbbc251b166d7825e Mon Sep 17 00:00:00 2001 From: Rhilip Date: Mon, 3 Jun 2019 19:37:44 +0800 Subject: [PATCH] fix(Auth): Fix Broken Auth page after frontend framework change 1. Remove old layui framework in auth page 2. Include a password strength indicator when register 3. Create the ability to make the password visible when login and register 4. Add Frontend library : dropbox/zxcvbn 5. Add Disclaimer in index page --- README.md | 15 +- apps/components/User/User.php | 1 + apps/components/User/UserTrait.php | 2 +- apps/models/form/UserRegisterForm.php | 3 +- apps/public/static/css/main.css | 27 ++-- apps/public/static/js/main.js | 56 +++++++- apps/views/auth/base.php | 102 +++++++++---- apps/views/auth/confirm_success.php | 4 +- apps/views/auth/error.php | 10 +- apps/views/auth/login.php | 138 +++++++++++------- apps/views/auth/register.php | 199 +++++++++++++++----------- apps/views/auth/register_pending.php | 4 +- apps/views/index.php | 11 ++ apps/views/layout/base.php | 5 - apps/views/layout/captcha.php | 5 +- apps/views/torrent/details.php | 7 + apps/views/torrents/list.php | 4 +- bower.json | 3 +- framework/View/Conversion.php | 13 +- 19 files changed, 407 insertions(+), 202 deletions(-) diff --git a/README.md b/README.md index bb9dae2..88706eb 100644 --- a/README.md +++ b/README.md @@ -145,8 +145,19 @@ So that tracker can record the peer's ip address. Some rule or Docs May help you when you rebuild this project, Or you can join our chat group on Telegram -- [@ridpt](https://t.me/ridpt) -| Name | Used As | Docs | -|:--|:--:|:--:| +### FrontEnd + +| Library | Docs | +|:--|:--| +| [Zui](https://github.com/easysoft/zui): an HTML5 front UI framework | http://zui.sexy/ | +| [FortAwesome](https://github.com/FortAwesome/Font-Awesome): The iconic SVG, font, and CSS toolkit | https://fontawesome.com/icons?d=gallery | +| [flag-css](https://github.com/7kfpun/flag-css): CSS for SVG country flags respecting the original ratio. | https://kfpun.com/flag-css/ | +| [zxcvbn](https://github.com/dropbox/zxcvbn): Low-Budget Password Strength Estimation | https://lowe.github.io/tryzxcvbn/ | + +### Backend Library + +| Library | Used As | Docs | +|:--|:--:|:--| | [MixPHP](https://github.com/mix-php/mix-framework/tree/v1) | Framework | https://www.kancloud.cn/onanying/mixphp1/379324 ( Chinese Version ) | | [siriusphp/validation](https://github.com/siriusphp/validation) | Validator | http://www.sirius.ro/php/sirius/validation/ | | [league/plates](https://github.com/thephpleague/plates) | Template system | http://platesphp.com/ | diff --git a/apps/components/User/User.php b/apps/components/User/User.php index e95718b..dc27653 100644 --- a/apps/components/User/User.php +++ b/apps/components/User/User.php @@ -31,6 +31,7 @@ class User extends Component implements UserInterface public function onRequestBefore() { parent::onRequestBefore(); + $this->class = 0; $this->anonymous = true; $this->bookmark_list = null; } diff --git a/apps/components/User/UserTrait.php b/apps/components/User/UserTrait.php index c79dbf4..6df5058 100644 --- a/apps/components/User/UserTrait.php +++ b/apps/components/User/UserTrait.php @@ -19,7 +19,7 @@ trait UserTrait private $username; private $email; private $status; - private $class; + private $class = 0; private $passkey; diff --git a/apps/models/form/UserRegisterForm.php b/apps/models/form/UserRegisterForm.php index 0cb2306..b06918d 100644 --- a/apps/models/form/UserRegisterForm.php +++ b/apps/models/form/UserRegisterForm.php @@ -84,7 +84,8 @@ public static function inputRules() ['Match', ['item' => 'password']] ], 'email' => 'required | email', - 'accept_tos' => 'required | Equal(value=yes)', + 'verify_tos' => 'required | Equal(value=yes)', + 'verify_age' => 'required | Equal(value=yes)', ]; } diff --git a/apps/public/static/css/main.css b/apps/public/static/css/main.css index 4f3db2f..2941721 100644 --- a/apps/public/static/css/main.css +++ b/apps/public/static/css/main.css @@ -23,21 +23,7 @@ body{background-color:#f6f6f6} .nowrap {white-space: nowrap;} /*-----------------------------------------------------------------------------------*/ -/* 2. Auth page with prefix `auth-` -/*-----------------------------------------------------------------------------------*/ - -.auth-nav{opacity:0.9;align-items:center} -.auth-container{width:100%;margin:0 auto;height:calc(100vh);background-image:url("/static/pic/background_auth.jpg");background-repeat:no-repeat;background-size:cover;background-position:left;position:relative;z-index:1} -.auth-main-panel{border:1px solid #8F8381;border-radius:8px;margin:60px 0 0 100px;width:40%;background:rgba(241,243,244,0.6);min-width:600px;min-height:500px;padding:15px 25px} -.auth-panel{padding:15px} -.auth-form-notify{margin-top:5px;margin-left:110px} -.auth-footer{bottom:0;margin-bottom:0;border-width:1px 0 0;position:fixed;right:0;z-index:1030;padding:10px 40px 10px 20px;background:rgba(241,243,244,0.6)} -.auth-footer-text{opacity:1} -.auth-form{min-height:20px;padding:19px;margin-top:20px;margin-bottom:20px;background-color:#f5f5f5;border:1px solid #e3e3e3;border-radius:4px;box-shadow:inset 0 1px 1px rgba(0,0,0,.05)} -.auth-login-return-msg{margin-top:5px} - -/*-----------------------------------------------------------------------------------*/ -/* 3. Layout of Header, Navigation & Menus +/* 2. Layout of Header, Navigation & Menus /*-----------------------------------------------------------------------------------*/ /* Top Menu */ @@ -82,12 +68,19 @@ body{background-color:#f6f6f6} #footer_menu a:hover{color:#E84807} /*-----------------------------------------------------------------------------------*/ -/* 4. Page of '/index' +/* 3. Page of '/auth' +/*-----------------------------------------------------------------------------------*/ + +.auth-password-help-btn{position:absolute;top:0;right:0;width:32px;height:32px;padding:0;text-align:center;filter:alpha(opacity=65);outline:0;opacity:.65;z-index:3} + + +/*-----------------------------------------------------------------------------------*/ +/* 3. Page of '/index' /*-----------------------------------------------------------------------------------*/ /*-----------------------------------------------------------------------------------*/ -/* 4. Page of '/torrent' +/* 3. Page of '/torrent' /*-----------------------------------------------------------------------------------*/ /* Common */ diff --git a/apps/public/static/js/main.js b/apps/public/static/js/main.js index b029073..d2e468b 100644 --- a/apps/public/static/js/main.js +++ b/apps/public/static/js/main.js @@ -20,6 +20,14 @@ const ext2Icon = { contract: [] }; +const paswordStrengthText = { + 0: "Worst ☹", // too guessable: risky password. (guesses < 10^3) + 1: "Bad ☹", // too guessable: risky password. (guesses < 10^3) + 2: "Weak ☹", // somewhat guessable: protection from unthrottled online attacks. (guesses < 10^8) + 3: "Good ☺", // safely unguessable: moderate protection from offline slow-hash scenario. (guesses < 10^10) + 4: "Strong ☻" // very unguessable: strong protection from offline slow-hash scenario. (guesses >= 10^10) +}; + function humanFileSize(bytes, fix, si) { let thresh = si ? 1000 : 1024; if (Math.abs(bytes) < thresh) { @@ -77,7 +85,19 @@ jQuery(document).ready(function() { }); } }); + + // Captcha Img Re-flush + let captcha_img_another = $('.captcha_img'); + captcha_img_another.on('click',function () { + $(this).attr('src','/captcha?t=' + Date.now()) // Change src to get another captcha image + .parent('.captcha_img_load').addClass('load-indicator loading'); // Add loading indicator in parent of img tag + }); + captcha_img_another.on('load',function () { + $(this).parent('.captcha_img_load').removeClass('load-indicator loading'); + }); + + // TODO Add Scroll to TOP fixbar @@ -92,6 +112,40 @@ jQuery(document).ready(function() { return new $.zui.Messager(text, option).show(); } + // Password strength checker + let password_strength = $('#password_strength'); + if (password_strength.length > 0) { + let strength_text = $('#password_strength_text'); + let strength_suggest = $('#password_strength_suggest'); + $('#password').on('input', function () { + let val = $(this).val(); + if (val !== "") { + try { + let result = zxcvbn(val); + password_strength.show(); + strength_text.html(paswordStrengthText[result.score]); + strength_suggest.html( (result.feedback.warning !== "" ? (result.feedback.warning + "
") : "") + result.feedback.suggestions); + } catch (e) { + } + } else { + password_strength.hide(); + strength_suggest.text(''); + } + }) + } + + $('#password_help_btn').click(function () { + let password_input = $(this).prev('input[name="password"]'); + let help_info = $(this).children('i'); + let old_type_is_password = password_input.attr('type') === 'password'; + password_input.attr('type', old_type_is_password ? 'text' : 'password'); + if (old_type_is_password) { + help_info.removeClass('fa-eye').addClass('fa-eye-slash'); + } else { + help_info.removeClass('fa-eye-slash').addClass('fa-eye'); + } + }); + // Torrent favour Add/Remove action $('.torrent-favour').click(function () { let that = $(this); @@ -164,7 +218,7 @@ jQuery(document).ready(function() { $('#torrent_structure div.dictionary,div.list').click(function () { $(this).next('ul').toggle(); }); - }; + } // Show Extend debug info of Database sql execute and Redis key hit if (typeof _extend_debug_info !== 'undefined' && _extend_debug_info) { diff --git a/apps/views/auth/base.php b/apps/views/auth/base.php index df959e4..b8e5719 100644 --- a/apps/views/auth/base.php +++ b/apps/views/auth/base.php @@ -7,6 +7,10 @@ * * @var League\Plates\Template\Template $this */ + +$css_tag = env('APP_DEBUG') ? time() : app()->config->get('base.site_css_update_date'); +$extend_debug_info = app()->config->get('base.enable_extend_debug') && + app()->user->getClass(true) > app()->config->get('authority.see_extend_debug_log'); ?> @@ -17,10 +21,16 @@ <?= app()->config->get('base.site_name') ?> :: Authorization Point -- Powered by RidPT - + + + + + + + - - + + section('css') ?> @@ -31,33 +41,71 @@ + +
-
-
- -
-
-
-
-
- section('panel') ?> -
+
+
-
- -

- CSS3, Javascript and Cookie support are required.
- See more Browsers we support on Browse Happy. -

-
+ +
+ + +
+ +
+ section('container') ?> +
+
- - - +
+
+
+

+ © config->get('base.site_name') ?> 2019-2020 Powered by RidPT +

+

+ [ Page created in request->start_at, 6) ?> sec + with e(memory_get_usage(),'format_bytes') ?> ram used, + pdo->getExecuteData()) ?> db queries, + redis->getCalledData())?> calls of Redis ] + + Debug info + + +

+
+
+
+ + + + + + + + + +section('script') ?> + diff --git a/apps/views/auth/confirm_success.php b/apps/views/auth/confirm_success.php index 81c9834..a4a6ef0 100644 --- a/apps/views/auth/confirm_success.php +++ b/apps/views/auth/confirm_success.php @@ -11,8 +11,8 @@ layout('auth/base') ?> -start('panel') ?> -
+start('container') ?> +

Your account is success Confirmed.

Click Login Page to login

diff --git a/apps/views/auth/error.php b/apps/views/auth/error.php index c71e89f..eec3e23 100644 --- a/apps/views/auth/error.php +++ b/apps/views/auth/error.php @@ -12,11 +12,9 @@ layout('auth/base') ?> -start('panel') ?> -
-
-

Opps~

-

-
+start('container') ?> +
+

Opps~

+

end(); ?> diff --git a/apps/views/auth/login.php b/apps/views/auth/login.php index e87e4a1..de493db 100644 --- a/apps/views/auth/login.php +++ b/apps/views/auth/login.php @@ -12,58 +12,98 @@ layout('auth/base') ?> -start('panel') ?> -

Authenticate

+start('container') ?> +
+
+
+
Authenticate
+
+
+ You have 3 ? $left_attempts : "$left_attempts" ?>/config->get('security.max_login_attempts') ?> attempts left, or your IP will be banned. +
+ +
+ Login failed: +
+ +
+
+ +
+ + +
+
- -
- -
- -
-
-
- -
- -
-
-
- -
- -
-

Your 2FA code, leave it blank if you haven't enable 2FA.

-
-
-
- -
- -
-
insert('layout/captcha') ?>
-

Case insensitive.

-
-
-
- - - -
-
+
+ +
Forget you password?
+
+ + + +
+
-
- -
+
+ +
+ + +
+
Your 2FA code, leave it blank if you haven't enable 2FA.
+
-
- You have 3 ? $left_attempts : "$left_attempts" ?>/config->get('security.max_login_attempts') ?> attempts left, or your IP will be banned. -
+
+ +
+
+
+ + +
+
Case insensitive.
+
+
+ insert('layout/captcha') ?> +
+
+
- -
-

Login failed:

+
+ Advanced Options +
+
+ +
+ Log me out after 15 minutes +
+
+
+ +
+ Restrict session to my IP +
+
+
+ +
+ Enable SSL +
+
+
+
+ +
+ +
+ +
- - +
+
end(); ?> diff --git a/apps/views/auth/register.php b/apps/views/auth/register.php index 4526560..07e58ce 100644 --- a/apps/views/auth/register.php +++ b/apps/views/auth/register.php @@ -7,101 +7,134 @@ * * @var League\Plates\Template\Template $this */ + +$register_type = app()->request->get('type', 'open') ?> layout('auth/base') ?> -start('panel') ?> -

Recruitment

+start('container') ?> +
+
+
+
Recruitment
+
+ config->get('base.enable_register_system') != true): ?> +

Sorry~

+

+ The register system is close. +

+ + + config->get('register.by_' . $register_type) != true): ?> +

Sorry ~

+

+ Our registration is currently disabled. If you are lucky you might have a friend who wants to invite + you :) We just wanna see how much cheaters will start respecting their accounts after they realize + they can't just come back in and get another one :). Keep this in mind, if you are already a member + and you invite a known cheater, and you knew about it in the first place, both yours and the person + you invited are disabled. You will have to come talk to us to get your account reenstated. If you + want an invite and you know someone who have one it's up to them to give you an invite. +

+ +
+ -request->get('type', 'open') ?> +
+ +
+ + +
+
Max Length 12 with those character: A-Za-z0-9_
+
-
- config->get('base.enable_register_system') != true): ?> -

Sorry~

-

- The register system is close. -

- - - config->get('register.by_' . $register_type) != true): ?> -

Sorry ~

-

- Our registration is currently disabled. If you are lucky you might have a friend who wants to invite - you :) We just wanna see how much cheaters will start respecting their accounts after they realize - they can't just come back in and get another one :). Keep this in mind, if you are already a member - and you invite a known cheater, and you knew about it in the first place, both yours and the person - you invited are disabled. You will have to come talk to us to get your account reenstated. If you - want an invite and you know someone who have one it's up to them to give you an invite. -

- - - -
- -
- -
-

Max Length 12 with those character: A-Za-z0-9_

-
-
- -
- -
-

- We only allow those Email: - config->get('register.email_white_list') ?> -

-
-
- -
- -
-
-
- -
- -
-
+
+ +
+ + +
+
We only allow those Email: config->get('register.email_white_list') ?>
+
- - request->get('invite_hash', '') ?> -
- -
- -
-
- +
+ + +
+ + + +
+
+
-
-
- -
- -
-
insert('layout/captcha') ?>
-

Case insensitive.

-
-
+
+ +
+ + +
+
-
- -
+ + request->get('invite_hash', '') ?> +
+ +
+ + +
+
+ -
+
+ +
+
+
+ + +
+
Case insensitive.
+
+
+ insert('layout/captcha') ?> +
+
+
-
- -
- - - - +
+
+ +
+
+ +
+
+
+ +
+ + + + +
+
+
+end(); ?> +start('script'); ?> + end(); ?> diff --git a/apps/views/auth/register_pending.php b/apps/views/auth/register_pending.php index 50b6ebd..1e73348 100644 --- a/apps/views/auth/register_pending.php +++ b/apps/views/auth/register_pending.php @@ -13,8 +13,8 @@ layout('auth/base') ?> -start('panel') ?> -
+start('container') ?> +

One more Step

Check your email : to confirm your account.

diff --git a/apps/views/index.php b/apps/views/index.php index 887c17e..82f3b17 100644 --- a/apps/views/index.php +++ b/apps/views/index.php @@ -56,6 +56,17 @@
+
+
Disclaimer
+
+ None of the files shown here are actually hosted on this server. The tracker only manages connections, it does + not have any knowledge of the contents of the files being distributed. The links are provided solely by this + site's users. The administrator of this site cannot be held responsible for what its users post, or any other + actions of its users. You may not use this site to distribute or download any material when you do not have the + legal rights to do so. It is your own responsibility to adhere to these terms. +
+
+

Navbar

diff --git a/apps/views/layout/base.php b/apps/views/layout/base.php index 47b3dc3..ca7fa90 100644 --- a/apps/views/layout/base.php +++ b/apps/views/layout/base.php @@ -5,11 +5,6 @@ * Date: 2019/2/22 * Time: 11:38 * - * Some Javascript Library Documents: - * - flag-css: https://kfpun.com/flag-css/ - * - fontAwesome : https://fontawesome.com/icons?d=gallery - * - Zui: http://zui.sexy/ - * * @var League\Plates\Template\Template $this * @var string $title */ diff --git a/apps/views/layout/captcha.php b/apps/views/layout/captcha.php index 0a80770..2f42152 100644 --- a/apps/views/layout/captcha.php +++ b/apps/views/layout/captcha.php @@ -6,4 +6,7 @@ * Time: 16:49 */ ?> -Captcha Image +
+ Captcha Image +
diff --git a/apps/views/torrent/details.php b/apps/views/torrent/details.php index 3767c27..39f28d8 100644 --- a/apps/views/torrent/details.php +++ b/apps/views/torrent/details.php @@ -67,6 +67,13 @@
 View Torrent's Structure
+
+
+  See Current Peers +
+
+  See Snatched Record +
diff --git a/apps/views/torrents/list.php b/apps/views/torrents/list.php index 484ceb2..5707e42 100644 --- a/apps/views/torrents/list.php +++ b/apps/views/torrents/list.php @@ -59,8 +59,8 @@
0 - e($torrent->getTorrentSize(),'format_bytes') ?> - getAddedAt() ?> + batch($torrent->getTorrentSize(),'format_bytes_compact') ?> + ',$torrent->getAddedAt()) ?> getComplete()) ?> getIncomplete()) ?> getDownloaded()) ?> diff --git a/bower.json b/bower.json index 2ff247c..7f5590a 100644 --- a/bower.json +++ b/bower.json @@ -19,6 +19,7 @@ "jqjquery-wysibb": "^1.5.1", "html5shiv": "^3.7.3", "respond": "^1.4.2", - "flag-css": "^0.0.12" + "flag-css": "^0.0.12", + "zxcvbn": "^4.4.2" } } diff --git a/framework/View/Conversion.php b/framework/View/Conversion.php index 08a676e..f217030 100644 --- a/framework/View/Conversion.php +++ b/framework/View/Conversion.php @@ -23,10 +23,12 @@ class Conversion implements ExtensionInterface public function register(Engine $engine) { $engine->registerFunction('format_bytes', [$this, 'format_bytes']); + $engine->registerFunction('format_bytes_compact', [$this, 'format_bytes_compact']); + $engine->registerFunction('format_bytes_loose', [$this, 'format_bytes_loose']); $engine->registerFunction('format_ubbcode', [$this, 'format_ubbcode']); } - public function format_bytes($bytes, $precision = 2) + public function format_bytes($bytes, $precision = 2, $separator = " ") { $units = array('B', 'KiB', 'MiB', 'GiB', 'TiB'); $bytes = max($bytes, 0); @@ -36,7 +38,14 @@ public function format_bytes($bytes, $precision = 2) // Uncomment one of the following alternatives $bytes /= pow(1024, $pow); - return round($bytes, $precision) . ' ' . $units[$pow]; + return round($bytes, $precision) . $separator . $units[$pow]; + } + + public function format_bytes_compact($bytes, $precision = 2) { + return $this->format_bytes($bytes, $precision , "
"); + } + public function format_bytes_loose($bytes, $precision = 2) { + return $this->format_bytes($bytes, $precision , " "); } public function format_ubbcode($string)