diff --git a/login_provider/app.py b/login_provider/app.py
index 36a5a2abf0462239073cd3cbec347855454e731b..e6d24eb3c8cd3f443969425904b331e436e59b8f 100644
--- a/login_provider/app.py
+++ b/login_provider/app.py
@@ -63,7 +63,11 @@ def login():
"Login denied",
error_description="Login request was denied due to an internal server error"))
if user.authenticate(login_form.password.data):
- redirect_to = login_request.accept(user.username)
+ redirect_to = login_request.accept(
+ user.username,
+ remember=login_form.remember.data,
+ # Remember session for 12h
+ remember_for=60*60*12)
app.logger.info("{0} logged in successfully".format(user.username))
else:
redirect_to = login_request.reject(
@@ -76,14 +80,14 @@ def login():
# the user. we don't need to check anything and we can accept the request right away.
elif login_request.skip:
app.logger.info("{0} is already logged in. Skip authentication".format(login_request.subject))
- return redirect(login_request(challenge).accept(login_request.subject))
+ return redirect(login_request.accept(login_request.subject))
# If Skip is not true and the user has not submitted any data via a form, we need
# to display a login form for the user to type in their username and password.
# as a reference we save the challenge id in a hidden field of the form.
else:
login_form.challenge.data = challenge
- return render_template('login.html', login_form=login_form)
+ return render_template('login.html', login_form=login_form, logo=login_request.client.logo_uri, application_name=login_request.client.client_name)
if __name__ == '__main__':
app.run()
diff --git a/login_provider/forms.py b/login_provider/forms.py
index bc28bc63bb01d4ffb57a39549e146b55bd0547a9..ed80ed06dcce4140c6b0efb82043fa5df016b4da 100644
--- a/login_provider/forms.py
+++ b/login_provider/forms.py
@@ -1,9 +1,10 @@
-from wtforms import SubmitField, StringField, PasswordField, HiddenField, validators
+from wtforms import SubmitField, StringField, PasswordField, BooleanField, HiddenField, validators
from flask_wtf import FlaskForm
class LoginForm(FlaskForm):
- username = StringField("username", validators=[validators.input_required()])
- password = PasswordField("password", validators=[validators.input_required()])
+ username = StringField("Username", validators=[validators.input_required()],)
+ password = PasswordField("Password", validators=[validators.input_required()])
challenge = HiddenField("challenge")
+ remember = BooleanField("Remember me")
submit = SubmitField("Sign in")
diff --git a/login_provider/templates/login.html b/login_provider/templates/login.html
index 2f88a2f399ce0df93607dab6f7853e87c5196f04..8990f1806490d53872b05172e46a27587015dd7e 100644
--- a/login_provider/templates/login.html
+++ b/login_provider/templates/login.html
@@ -1,10 +1,18 @@
<!doctype html>
<title>OAS authentication service</title>
-<h1>Login</h1>
-<form method="POST" action="/login">
+<div style='margin: 0 auto ; width: 350px; padding:20px; border-style:solid; border-color:#6c757d; border-width: 1px; background-color: #f8f9fa; font-family: "Segoe UI", Roboto; font-family: "Helvetica Neue", Arial; font-family: "Noto Sans", sans-serif;'>
+ {% if logo %}
+ <div style="position:relative; width: 350px; height:100px">
+ <img style="overflow: auto; top: 0; left: 0; bottom: 0; right: 0; position: absolute; margin: auto;max-width: 300px; max-height: 100px" src="{{logo}}" alt="Logo of application"></img>
+ </div>
+ {% endif %}
+ <h1>Log in to {{ application_name }}</h1>
+ <form method="POST" action="/login">
{{ login_form.csrf_token }}
{{ login_form.challenge }}
- {{ login_form.username }}
- {{ login_form.password }}
- {{ login_form.submit }}
-</form>
+ {{ login_form.username(placeholder="Username") }}<br>
+ <div style="margin-top:5px">{{ login_form.password(placeholder="Password") }}</div> <br>
+ {{ login_form.remember }}{{ login_form.remember.label }} <br>
+ <div style="margin-top:5px">{{ login_form.submit }}</div>
+ </form>
+</div>