authenticator_class = $authenticatorClass; $customCSS = project() . '/css/member_login.css'; if (Director::fileExists($customCSS)) { Requirements::css($customCSS); } if ($controller->request->getVar('BackURL')) { $backURL = $controller->request->getVar('BackURL'); } else { $backURL = Session::get('BackURL'); } if ($checkCurrentUser && Member::currentUser() && Member::logged_in_session_exists()) { $fields = FieldList::create( HiddenField::create("AuthenticationMethod", null, $this->authenticator_class, $this) ); $actions = FieldList::create( FormAction::create("logout", _t('SilverStripe\\Security\\Member.BUTTONLOGINOTHER', "Log in as someone else")) ); } else { if (!$fields) { $fields = $this->getFormFields(); } if (!$actions) { $actions = $this->getFormActions(); } } if (isset($backURL)) { $fields->push(HiddenField::create('BackURL', 'BackURL', $backURL)); } // Reduce attack surface by enforcing POST requests $this->setFormMethod('POST', true); parent::__construct($controller, $name, $fields, $actions); $this->setValidator(RequiredFields::create(self::config()->get('required_fields'))); } /** * Build the FieldList for the login form * * @return FieldList */ protected function getFormFields() { $label = Member::singleton()->fieldLabel(Member::config()->unique_identifier_field); $fields = FieldList::create( HiddenField::create("AuthenticationMethod", null, $this->authenticator_class, $this), // Regardless of what the unique identifer field is (usually 'Email'), it will be held in the // 'Email' value, below: // @todo Rename the field to a more generic covering name $emailField = TextField::create("Email", $label, null, null, $this), PasswordField::create("Password", _t('SilverStripe\\Security\\Member.PASSWORD', 'Password')) ); $emailField->setAttribute('autofocus', 'true'); if (Security::config()->remember_username) { $emailField->setValue(Session::get('SessionForms.MemberLoginForm.Email')); } else { // Some browsers won't respect this attribute unless it's added to the form $this->setAttribute('autocomplete', 'off'); $emailField->setAttribute('autocomplete', 'off'); } if (Security::config()->autologin_enabled) { $fields->push( CheckboxField::create( "Remember", _t('SilverStripe\\Security\\Member.KEEPMESIGNEDIN', "Keep me signed in") )->setAttribute( 'title', sprintf( _t('SilverStripe\\Security\\Member.REMEMBERME', "Remember me next time? (for %d days on this device)"), RememberLoginHash::config()->uninherited('token_expiry_days') ) ) ); } return $fields; } /** * Build default login form action FieldList * * @return FieldList */ protected function getFormActions() { $actions = FieldList::create( FormAction::create('doLogin', _t('SilverStripe\\Security\\Member.BUTTONLOGIN', "Log in")), LiteralField::create( 'forgotPassword', '
' . _t('SilverStripe\\Security\\Member.BUTTONLOSTPASSWORD', "I've lost my password") . '
' ) ); return $actions; } public function restoreFormState() { parent::restoreFormState(); $forceMessage = Session::get('MemberLoginForm.force_message'); if (($member = Member::currentUser()) && !$forceMessage) { $message = _t( 'SilverStripe\\Security\\Member.LOGGEDINAS', "You're logged in as {name}.", array('name' => $member->{$this->loggedInAsField}) ); $this->setMessage($message, ValidationResult::TYPE_INFO); } // Reset forced message if ($forceMessage) { Session::set('MemberLoginForm.force_message', false); } return $this; } /** * The name of this login form, to display in the frontend * Replaces Authenticator::get_name() * * @return string */ public function getAuthenticatorName() { return _t('SilverStripe\\Security\\MemberLoginForm.AUTHENTICATORNAME', "E-mail & Password"); } }