[Improve the pages used in the account upgrade process
Duncan Coutts <duncan@well-typed.com>**20130312224005
 Ignore-this: 83cb10ecd4d779c59b1eaec0b3f7ac03
] {
adddir ./datafiles/templates/LegacyPasswds
move ./datafiles/templates/account-upgrade.html.st ./datafiles/templates/LegacyPasswds/htpasswd-upgrade.html.st
hunk ./Distribution/Server/Features/LegacyPasswds.hs 8
+import Distribution.Server.Framework.Templating
hunk ./Distribution/Server/Features/LegacyPasswds.hs 33
-
+import Network.URI (URI(..), nullURI, uriToString)
hunk ./Distribution/Server/Features/LegacyPasswds.hs 167
-initLegacyPasswdsFeature ServerEnv{serverStateDir} users = do
+initLegacyPasswdsFeature env@ServerEnv{serverStateDir, serverTemplatesDir} users = do
hunk ./Distribution/Server/Features/LegacyPasswds.hs 172
-  let feature = legacyPasswdsFeature legacyPasswdsState users
+  -- Page templates
+  templates <- loadTemplates NormalMode {- use DesignMode when working on templates -}
+                 [serverTemplatesDir, serverTemplatesDir </> "LegacyPasswds"]
+                 ["htpasswd-upgrade.html", "htpasswd-upgrade-success.html"]
+
+  let feature = legacyPasswdsFeature env legacyPasswdsState templates users
hunk ./Distribution/Server/Features/LegacyPasswds.hs 181
-legacyPasswdsFeature :: StateComponent LegacyPasswdsTable
+legacyPasswdsFeature :: ServerEnv
+                     -> StateComponent LegacyPasswdsTable
+                     -> Templates
hunk ./Distribution/Server/Features/LegacyPasswds.hs 186
-legacyPasswdsFeature legacyPasswdsState UserFeature{..}
+legacyPasswdsFeature env legacyPasswdsState templates UserFeature{..}
hunk ./Distribution/Server/Features/LegacyPasswds.hs 207
-            resourceDesc = [ (POST, "Upgrade a user account with a legacy password") ],
+            resourceDesc = [ (GET, "Upgrade a user account with a legacy password") ],
+            resourceGet  = [ ("html", handleUserAuthUpgradeGet) ],
hunk ./Distribution/Server/Features/LegacyPasswds.hs 215
+    handleUserAuthUpgradeGet :: DynamicPath -> ServerPartE Response
+    handleUserAuthUpgradeGet _ = do
+        template <- getTemplate templates "htpasswd-upgrade.html"
+        ok $ toResponse $ template []
+
hunk ./Distribution/Server/Features/LegacyPasswds.hs 254
-        --TODO: return success result page?
-        seeOther ("/user/" ++ display (userName uinfo)) (toResponse ())
+        template <- getTemplate templates "htpasswd-upgrade-success.html"
+        ok $ toResponse $ template []
hunk ./Distribution/Server/Features/LegacyPasswds.hs 281
-        err = ErrorResponse 401 [] "Username or password incorrect" [MText msg]
-        msg = "Note: for users who had accounts on the old system, Hackage has been upgraded to use a more secure login system. "
-           ++ "Please go to /account-upgrade.html to re-enable your account and for more details about this change."
+        err = ErrorResponse 401 [] "Account needs to be re-enabled" msg
+        msg = [ MText $ "Hackage has been upgraded to use a more secure login "
+                     ++ "system. Please go to "
+              , MLink uri uri
+              , MText $ " to re-enable your account and for more details about "
+                     ++ "this change." ]
+        uri = uriToString id (nullURI {
+                uriScheme    = "http:",
+                uriAuthority = Just (serverHostURI env),
+                uriPath      = renderResource htpasswordUpgradeResource []
+              }) ""
+
hunk ./Distribution/Server/Framework/Templating.hs 39
+import System.FilePath ((<.>))
hunk ./Distribution/Server/Framework/Templating.hs 126
-      fail $ "Missing template files: " ++ intercalate ", " missing
+      fail $ "Missing template files: " ++ intercalate ", " (map (<.> "st") missing)
addfile ./datafiles/templates/LegacyPasswds/htpasswd-upgrade-success.html.st
hunk ./datafiles/templates/LegacyPasswds/htpasswd-upgrade-success.html.st 1
+<!DOCTYPE html>
+<html>
+<head>
+$hackageCssTheme()$
+<title>Hackage: Account upgrade successful</title>
+</head>
+
+<body>
+$hackagePageHeader()$
+
+<div id="content">
+<h2>Account upgrade successful</h2>
+<p>Your account has been re-enabled.
+</p>
+
+<h3>Technical details for the curious</h3>
+
+<p>The old hackage implementation used <a href="http://en.wikipedia.org/wiki/Basic_access_authentication">HTTP basic authentication</a>. The new system uses <a href="http://en.wikipedia.org/wiki/Digest_access_authentication">HTTP digest authentication</a>.
+
+<p>We could not transparently upgrade accounts to the new system because
+the password hash format is different for the new system. The old
+format was the
+<a href="http://httpd.apache.org/docs/2.2/misc/password_encryptions.html#basic">
+Apache basic auth 'CRYPT' format</a>, while the new format is
+equivalent to the
+<a href="http://httpd.apache.org/docs/2.2/misc/password_encryptions.html#digest">
+Apache digest authentication format</a>. It is not possible to generate
+the new format without access to the plaintext password &ndash; which
+was never stored. So by authenticating once using the old account
+information &ndash; using HTTP basic authentication &ndash; we can
+generate and store password digest for the new system.
+
+</div>
+</body></html>
hunk ./datafiles/templates/LegacyPasswds/htpasswd-upgrade.html.st 5
-<title>Hackage: User accounts</title>
+<title>Hackage: Account upgrade</title>
hunk ./hackage-server.cabal 28
+  templates/LegacyPasswds/*.st
}