Merge branch '29-only-login-once-for-all-applications' into 'master'

Resolve "Only login once for all applications"

Closes #29

See merge request openappstack/single-sign-on!12

login_provider/app.py

@@ -63,7 +63,11 @@ def login():
                 "Login denied",
                 error_description="Login request was denied due to an internal server error"))
         if user.authenticate(login_form.password.data):
-            redirect_to = login_request.accept(user.username)
+            redirect_to = login_request.accept(
+                user.username,
+                remember=login_form.remember.data,
+                # Remember session for 12h
+                remember_for=60*60*12)
             app.logger.info("{0} logged in successfully".format(user.username))
         else:
             redirect_to = login_request.reject(
@@ -76,14 +80,14 @@ def login():
     # the user. we don't need to check anything and we can accept the request right away.
     elif login_request.skip:
         app.logger.info("{0} is already logged in. Skip authentication".format(login_request.subject))
-        return redirect(login_request(challenge).accept(login_request.subject))
+        return redirect(login_request.accept(login_request.subject))
 
     # If Skip is not true and the user has not submitted any data via a form, we need
     # to display a login form for the user to type in their username and password.
     # as a reference we save the challenge id in a hidden field of the form.
     else:
         login_form.challenge.data = challenge
-        return render_template('login.html', login_form=login_form)
+        return render_template('login.html', login_form=login_form, logo=login_request.client.logo_uri, application_name=login_request.client.client_name)
 
 if __name__ == '__main__':
     app.run()

login_provider/forms.py

-from wtforms import SubmitField, StringField, PasswordField, HiddenField, validators
+from wtforms import SubmitField, StringField, PasswordField, BooleanField,  HiddenField, validators
 from flask_wtf import FlaskForm
 
 
 class LoginForm(FlaskForm):
-    username = StringField("username", validators=[validators.input_required()])
-    password = PasswordField("password", validators=[validators.input_required()])
+    username = StringField("Username", validators=[validators.input_required()],)
+    password = PasswordField("Password", validators=[validators.input_required()])
     challenge = HiddenField("challenge")
+    remember = BooleanField("Remember me")
     submit = SubmitField("Sign in")

login_provider/templates/login.html

 <!doctype html>
 <title>OAS authentication service</title>
-<h1>Login</h1>
-<form method="POST" action="/login">
+<div style='margin: 0 auto ; width: 350px; padding:20px; border-style:solid; border-color:#6c757d; border-width: 1px; background-color: #f8f9fa; font-family: "Segoe UI", Roboto; font-family: "Helvetica Neue", Arial; font-family: "Noto Sans", sans-serif;'>
+  {% if logo %}
+  <div style="position:relative; width: 350px; height:100px">
+        <img style="overflow: auto; top: 0; left: 0; bottom: 0; right: 0; position: absolute; margin: auto;max-width: 300px; max-height: 100px" src="{{logo}}" alt="Logo of application"></img>
+  </div>
+  {% endif %}
+  <h1>Log in to {{ application_name }}</h1>
+  <form method="POST" action="/login">
     {{ login_form.csrf_token }}
     {{ login_form.challenge }}
-    {{ login_form.username }}
-    {{ login_form.password }}
-    {{ login_form.submit }}
-</form>
+    {{ login_form.username(placeholder="Username") }}<br>
+    <div style="margin-top:5px">{{ login_form.password(placeholder="Password") }}</div> <br>
+    {{ login_form.remember }}{{ login_form.remember.label }} <br>
+    <div style="margin-top:5px">{{ login_form.submit }}</div>
+  </form>
+</div>