1 files changed, 38 insertions, 11 deletions

diff --git a/mediagoblin/auth/views.py b/mediagoblin/auth/views.py
index bb7bda77..109763ce 100644
--- a/mediagoblin/auth/views.py
+++ b/mediagoblin/auth/views.py
@@ -24,9 +24,11 @@ from mediagoblin.tools.translate import pass_to_ugettext as _
 from mediagoblin.tools.mail import email_debug_message
 from mediagoblin.auth import lib as auth_lib
 from mediagoblin.auth import forms as auth_forms
-from mediagoblin.auth.lib import send_fp_verification_email
-from mediagoblin.auth.tools import (send_verification_email, register_user,
+from mediagoblin.auth.tools import (send_verification_email,
+                                    register_user,
+                                    send_fp_verification_email,
                                     check_login_simple)
+from mediagoblin import auth
 
 
 def register(request):
@@ -35,15 +37,20 @@ def register(request):
     Note that usernames will always be lowercased. Email domains are lowercased while
     the first part remains case-sensitive.
     """
-    # Redirects to indexpage if registrations are disabled
-    if not mg_globals.app_config["allow_registration"]:
+    # Redirects to indexpage if registrations are disabled or no authentication
+    # is enabled
+    if not mg_globals.app_config["allow_registration"] or not mg_globals.app.auth:
         messages.add_message(
             request,
             messages.WARNING,
             _('Sorry, registration is disabled on this instance.'))
         return redirect(request, "index")
 
-    register_form = auth_forms.RegistrationForm(request.form)
+    if 'pass_auth' not in request.template_env.globals:
+        if 'openid' in request.template_env.globals:
+            return redirect(request, 'mediagoblin.plugins.openid.register')
+
+    register_form = auth.get_registration_form(request)
 
     if request.method == 'POST' and register_form.validate():
         # TODO: Make sure the user doesn't exist already
@@ -59,7 +66,9 @@ def register(request):
     return render_to_response(
         request,
         'mediagoblin/auth/register.html',
-        {'register_form': register_form})
+        {'register_form': register_form,
+         'focus': 'username',
+         'post_url': request.urlgen('mediagoblin.auth.register')})
 
 
 def login(request):
@@ -68,13 +77,24 @@ def login(request):
 
     If you provide the POST with 'next', it'll redirect to that view.
     """
-    login_form = auth_forms.LoginForm(request.form)
+    # Redirects to index page if no authentication is enabled
+    if not mg_globals.app.auth:
+        messages.add_message(
+            request,
+            messages.WARNING,
+            _('Sorry, authentication is disabled on this instance.'))
+        return redirect(request, 'index')
+
+    if 'pass_auth' not in request.template_env.globals:
+        if 'openid' in request.template_env.globals:
+            return redirect(request, 'mediagoblin.plugins.openid.login')
+
+    login_form = auth.get_login_form(request)
 
     login_failed = False
 
     if request.method == 'POST':
-
-        username = login_form.data['username']
+        username = login_form.username.data
 
         if login_form.validate():
             user = check_login_simple(username, login_form.password.data, True)
@@ -97,6 +117,8 @@ def login(request):
         {'login_form': login_form,
          'next': request.GET.get('next') or request.form.get('next'),
          'login_failed': login_failed,
+         'focus': 'username',
+         'post_url': request.urlgen('mediagoblin.auth.login'),
          'allow_registration': mg_globals.app_config["allow_registration"]})
 
 
@@ -188,13 +210,17 @@ def forgot_password(request):
     Sends an email with an url to renew forgotten password.
     Use GET querystring parameter 'username' to pre-populate the input field
     """
+    if not 'pass_auth' in request.template_env.globals:
+        return redirect(request, 'index')
+
     fp_form = auth_forms.ForgotPassForm(request.form,
                                         username=request.args.get('username'))
 
     if not (request.method == 'POST' and fp_form.validate()):
         # Either GET request, or invalid form submitted. Display the template
         return render_to_response(request,
-            'mediagoblin/auth/forgot_password.html', {'fp_form': fp_form})
+            'mediagoblin/auth/forgot_password.html', {'fp_form': fp_form,
+                                                      'focus': 'username'})
 
     # If we are here: method == POST and form is valid. username casing
     # has been sanitized. Store if a user was found by email. We should
@@ -290,7 +316,8 @@ def verify_forgot_password(request):
             return render_to_response(
                 request,
                 'mediagoblin/auth/change_fp.html',
-                {'cp_form': cp_form})
+                {'cp_form': cp_form,
+                 'focus': 'password'})
 
     # in case there is a valid id but no user with that id in the db
     # or the token expired