From 5ed03619983169786ca1271aaa9431549c0a1677 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Stephan=20B=C3=B6sch-Plepelits?= <skunk@xover.mud.at>
Date: Sun, 3 Jan 2016 21:32:28 +0100
Subject: [PATCH 1/6] Authentication: login via username / password

---
 umap/templates/registration/login.html | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/umap/templates/registration/login.html b/umap/templates/registration/login.html
index de881055..1b86f481 100644
--- a/umap/templates/registration/login.html
+++ b/umap/templates/registration/login.html
@@ -1,5 +1,18 @@
 {% load i18n %}
 
+{% if True %} {# TODO: replace by check, whether local login is enabled #}
+<h5>{% trans "Please log in with your account" %}</h5>
+
+<div>
+    <form id='login_form' action="{% url 'login' %}" method="POST">
+        {% csrf_token %}
+        <input type="text" name="username" placeholder="{% trans 'Username' %}" autofocus />
+        <input type="password" name="password" placeholder="{% trans 'Password' %}" />
+        <input type="submit" value="{% trans 'Login' %}" />
+    </form>
+</div>
+{% endif %}
+
 <h5>{% trans "Please choose a provider" %}</h5>
 
 <div>

From 0d3046e711a9ca2cddc5b7944ddd8415c0467d10 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Stephan=20B=C3=B6sch-Plepelits?= <skunk@xover.mud.at>
Date: Sun, 3 Jan 2016 21:50:33 +0100
Subject: [PATCH 2/6] Authentication: hide block with OAuth providers, when no
 providers configured

---
 umap/templates/registration/login.html | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/umap/templates/registration/login.html b/umap/templates/registration/login.html
index 1b86f481..0835651e 100644
--- a/umap/templates/registration/login.html
+++ b/umap/templates/registration/login.html
@@ -13,6 +13,7 @@
 </div>
 {% endif %}
 
+{% if backends.backends|length %}
 <h5>{% trans "Please choose a provider" %}</h5>
 
 <div>
@@ -24,3 +25,4 @@
         {% endfor %}
     </ul>
 </div>
+{% endif %}

From 2f2e0f510dc5d47485f8cdbccc1f854f0ef9572e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Stephan=20B=C3=B6sch-Plepelits?= <skunk@xover.mud.at>
Date: Mon, 4 Jan 2016 20:43:08 +0100
Subject: [PATCH 3/6] Authentication: include a change password menu entry

---
 umap/templates/umap/navigation.html | 3 +++
 umap/urls.py                        | 3 +++
 2 files changed, 6 insertions(+)

diff --git a/umap/templates/umap/navigation.html b/umap/templates/umap/navigation.html
index 970d3c1b..3574e636 100644
--- a/umap/templates/umap/navigation.html
+++ b/umap/templates/umap/navigation.html
@@ -16,6 +16,9 @@
       <li><a href="{% url 'about' %}">{% trans "About" %}</a></li>
       <li class="mhide"><a href="{{ UMAP_FEEDBACK_LINK }}">{% trans "Feedback" %}</a></li>
       {% if user.is_authenticated %}
+        {% if user.has_usable_password %}
+          <li><a href="{% url 'password_change' %}" >{% trans "Change password" %}</a></li>
+        {% endif %}
         <li><a href="{% url 'logout' %}" class="logout">{% trans "Log out" %}</a></li>
       {% endif %}
     </ul>
diff --git a/umap/urls.py b/umap/urls.py
index 66a3702f..8915568e 100644
--- a/umap/urls.py
+++ b/umap/urls.py
@@ -5,6 +5,7 @@ from django.conf.urls import patterns, url, include
 from django.contrib.staticfiles.urls import staticfiles_urlpatterns
 from django.contrib import admin
 from django.views.decorators.cache import cache_page
+from django.contrib.auth import views as auth_views
 
 from leaflet_storage.views import MapShortUrl
 
@@ -18,6 +19,8 @@ urlpatterns = patterns(
     url('', include('social.apps.django_app.urls', namespace='social')),
     url(r'^m/(?P<pk>\d+)/$', MapShortUrl.as_view(), name='umap_short_url'),
     url(r'^ajax-proxy/$', cache_page(180)(views.ajax_proxy), name='ajax-proxy'),  # noqa
+    url(r'^change-password/', auth_views.password_change, name='password_change'),
+    url(r'^change-password-done/', auth_views.password_change_done, name='password_change_done'),
 )
 urlpatterns += i18n_patterns(
     '',

From 7477adec059fe49b34a6aae42ff9b43c1d2dd974 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Stephan=20B=C3=B6sch-Plepelits?= <skunk@xover.mud.at>
Date: Mon, 4 Jan 2016 22:00:01 +0100
Subject: [PATCH 4/6] Authentication: custom templates for password change

---
 umap/templates/umap/password_change.html      | 20 +++++++++++++++++++
 umap/templates/umap/password_change_done.html |  9 +++++++++
 umap/urls.py                                  |  4 ++--
 3 files changed, 31 insertions(+), 2 deletions(-)
 create mode 100644 umap/templates/umap/password_change.html
 create mode 100644 umap/templates/umap/password_change_done.html

diff --git a/umap/templates/umap/password_change.html b/umap/templates/umap/password_change.html
new file mode 100644
index 00000000..0f030247
--- /dev/null
+++ b/umap/templates/umap/password_change.html
@@ -0,0 +1,20 @@
+{% extends "umap/content.html" %}
+
+{% load leaflet_storage_tags i18n %}
+
+{% block content %}
+  <h2 class="section">{% trans "Password change" %}</h2>
+  <p>{% trans "Please enter your old password, for security's sake, and then enter your new password twice so we can verify you typed it in correctly." %}</p>
+
+  <form action="{% url 'password_change' %}" method="POST">
+    {% csrf_token %}
+    {{ form.old_password.errors }}
+    <input type='password' name='old_password' placeholder='{% trans "Old password" %}' autofocus />
+    {{ form.new_password1.errors }}
+    <input type='password' name='new_password1' placeholder='{% trans "New password" %}' />
+    {{ form.new_password2.errors }}
+    <input type='password' name='new_password2' placeholder='{% trans "New password confirmation" %}' />
+
+    <input type='submit' value='{% trans "Change my password" %}' />
+  </form>
+{% endblock content %}
diff --git a/umap/templates/umap/password_change_done.html b/umap/templates/umap/password_change_done.html
new file mode 100644
index 00000000..039e6121
--- /dev/null
+++ b/umap/templates/umap/password_change_done.html
@@ -0,0 +1,9 @@
+{% extends "umap/content.html" %}
+
+{% load leaflet_storage_tags i18n %}
+
+{% block content %}
+  <h2 class="section">{% trans "Password change successful" %}</h2>
+  <p>{% trans "Your password was changed." %}</p>
+  <p><a href="{% url 'home' %}">Home</a></p>
+{% endblock content %}
diff --git a/umap/urls.py b/umap/urls.py
index 8915568e..78ee6bd6 100644
--- a/umap/urls.py
+++ b/umap/urls.py
@@ -19,8 +19,8 @@ urlpatterns = patterns(
     url('', include('social.apps.django_app.urls', namespace='social')),
     url(r'^m/(?P<pk>\d+)/$', MapShortUrl.as_view(), name='umap_short_url'),
     url(r'^ajax-proxy/$', cache_page(180)(views.ajax_proxy), name='ajax-proxy'),  # noqa
-    url(r'^change-password/', auth_views.password_change, name='password_change'),
-    url(r'^change-password-done/', auth_views.password_change_done, name='password_change_done'),
+    url(r'^change-password/', auth_views.password_change, { 'template_name': 'umap/password_change.html' }, name='password_change'),
+    url(r'^change-password-done/', auth_views.password_change_done, { 'template_name': 'umap/password_change_done.html' }, name='password_change_done'),
 )
 urlpatterns += i18n_patterns(
     '',

From 8f5b59604e72852bd7f3afbd52c924561b5bcc5f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Stephan=20B=C3=B6sch-Plepelits?= <skunk@xover.mud.at>
Date: Thu, 14 Jan 2016 21:21:08 +0100
Subject: [PATCH 5/6] Authentication: show errors for username / password login
 failures

---
 umap/templates/registration/login.html | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/umap/templates/registration/login.html b/umap/templates/registration/login.html
index 0835651e..4281cf38 100644
--- a/umap/templates/registration/login.html
+++ b/umap/templates/registration/login.html
@@ -4,6 +4,14 @@
 <h5>{% trans "Please log in with your account" %}</h5>
 
 <div>
+    {% if form.non_field_errors %}
+        <ul class='form-errors'>
+            {% for error in form.non_field_errors %}
+                <li>{{ error }}</li>
+            {% endfor %}
+        </ul>
+    {% endif %}
+
     <form id='login_form' action="{% url 'login' %}" method="POST">
         {% csrf_token %}
         <input type="text" name="username" placeholder="{% trans 'Username' %}" autofocus />

From 5f63943458b1a75d8f5307d8e2b8a3e0bd414b2f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Stephan=20B=C3=B6sch-Plepelits?= <skunk@xover.mud.at>
Date: Wed, 3 Feb 2016 21:58:55 +0100
Subject: [PATCH 6/6] Authentication: configure availability of account login
 (default True)

---
 umap/context_processors.py             | 5 +++++
 umap/settings/base.py                  | 2 ++
 umap/settings/local.py.sample          | 4 ++++
 umap/templates/registration/login.html | 2 +-
 4 files changed, 12 insertions(+), 1 deletion(-)

diff --git a/umap/context_processors.py b/umap/context_processors.py
index 00d72b7f..3b0944a0 100644
--- a/umap/context_processors.py
+++ b/umap/context_processors.py
@@ -11,3 +11,8 @@ def version(request):
     return {
         'UMAP_VERSION': __version__
     }
+
+def authentication(request):
+    return {
+        'ENABLE_ACCOUNT_LOGIN': settings.ENABLE_ACCOUNT_LOGIN
+    }
diff --git a/umap/settings/base.py b/umap/settings/base.py
index 2bc90cc2..89fc0757 100644
--- a/umap/settings/base.py
+++ b/umap/settings/base.py
@@ -110,6 +110,7 @@ TEMPLATE_CONTEXT_PROCESSORS += (
     'social.apps.django_app.context_processors.login_redirect',
     'umap.context_processors.feedback_link',
     'umap.context_processors.version',
+    'umap.context_processors.authentication',
 )
 
 TEMPLATE_LOADERS = (
@@ -134,6 +135,7 @@ MIDDLEWARE_CLASSES = (
 # Auth / security
 # =============================================================================
 
+ENABLE_ACCOUNT_LOGIN = True
 AUTHENTICATION_BACKENDS += (
 )
 
diff --git a/umap/settings/local.py.sample b/umap/settings/local.py.sample
index 0bc52bdf..24d48fb0 100644
--- a/umap/settings/local.py.sample
+++ b/umap/settings/local.py.sample
@@ -37,6 +37,10 @@ COMPRESS_OFFLINE = True
 
 LANGUAGE_CODE = 'en'
 
+# Set to False if login into django account should not be possible. You can
+# administer accounts in the admin interface.
+ENABLE_ACCOUNT_LOGIN = True
+
 AUTHENTICATION_BACKENDS = (
     'social.backends.github.GithubOAuth2',
     'social.backends.bitbucket.BitbucketOAuth',
diff --git a/umap/templates/registration/login.html b/umap/templates/registration/login.html
index 4281cf38..3fc6dd88 100644
--- a/umap/templates/registration/login.html
+++ b/umap/templates/registration/login.html
@@ -1,6 +1,6 @@
 {% load i18n %}
 
-{% if True %} {# TODO: replace by check, whether local login is enabled #}
+{% if ENABLE_ACCOUNT_LOGIN %}
 <h5>{% trans "Please log in with your account" %}</h5>
 
 <div>