diff --git a/IkiWiki/Plugin/emailauth.pm b/IkiWiki/Plugin/emailauth.pm new file mode 100644 index 000000000..62c9fe877 --- /dev/null +++ b/IkiWiki/Plugin/emailauth.pm @@ -0,0 +1,64 @@ +#!/usr/bin/perl +# Ikiwiki email address as login +package IkiWiki::Plugin::emailauth; + +use warnings; +use strict; +use IkiWiki 3.00; + +sub import { + hook(type => "getsetup", id => "emailauth", "call" => \&getsetup); + hook(type => "auth", id => "emailauth", call => \&auth); + IkiWiki::loadplugin("loginselector"); + IkiWiki::Plugin::loginselector::register_login_plugin( + "emailauth", + \&email_setup, + \&email_check_input, + \&email_auth, + ); +} + +sub getsetup () { + return + plugin => { + safe => 1, + rebuild => 0, + section => "auth", + }, +} + +sub email_setup ($$) { + my $q=shift; + my $template=shift; + + return 1; +} + +sub email_check_input ($) { + my $cgi=shift; + defined $cgi->param('do') + && $cgi->param("do") eq "signin" + && defined $cgi->param('Email_entry') + && length $cgi->param('Email_entry'); +} + +sub email_auth ($$$) { + my $cgi=shift; + my $session=shift; + my $errordisplayer=shift; + + unless ($cgi->param('Email_entry') =~ /.\@./) { + $errordisplayer->("Invalid email address."); + return; + } + + error "EMAIL AUTH"; +} + +sub auth ($$) { + # While this hook is not currently used, it needs to exist + # so ikiwiki knows that the wiki supports logins, and will + # enable the Preferences page. +} + +1 diff --git a/doc/plugins/emailauth.pm b/doc/plugins/emailauth.pm new file mode 100644 index 000000000..9ba26e40c --- /dev/null +++ b/doc/plugins/emailauth.pm @@ -0,0 +1,14 @@ +[[!template id=plugin name=emailauth core=1 author="[[Joey]]"]] +[[!tag type/auth]] + +This plugin lets users log into ikiwiki using any email address. To complete +the login, a one-time-use link is emailed to the user, and they can simply +open that link in their browser. + +It is enabled by default, but can be turned off if you want to only use +some other form of authentication, such as [[passwordauth]] or [[openid]]. + +Users who have logged in using emailauth will have their email address used as +their username. In places where the username is displayed, like the +RecentChanges page, the domain will be omitted, to avoid exposing the +user's email address.