refs #1419 - add 'Remember Me' to Login form; unchecked by default (which is safe by default); small change to core/Cookie.php to allow cookie to expire at end-of-session; shorten persistent cookie life to 14 days

Note: potential compat buster: logme() cookie is no longer persistent


git-svn-id: http://dev.piwik.org/svn/trunk@2901 59fd770c-687e-43c8-a1e3-f5a4ff64c105

5 files changed, 20 insertions, 14 deletions

diff --git a/plugins/Login/Auth.php b/plugins/Login/Auth.php
index 03614aee6c..2917727414 100644
--- a/plugins/Login/Auth.php
+++ b/plugins/Login/Auth.php
@@ -30,14 +30,9 @@ class Piwik_Login_Auth implements Piwik_Auth
 		$rootPassword = Zend_Registry::get('config')->superuser->password;
 		$rootToken = Piwik_UsersManager_API::getInstance()->getTokenAuth($rootLogin, $rootPassword);
 
-		if($this->login == $rootLogin
+		if(($this->login == $rootLogin || is_null($this->login))
 			&& $this->token_auth == $rootToken)
 		{
-			return new Piwik_Auth_Result(Piwik_Auth_Result::SUCCESS_SUPERUSER_AUTH_CODE, $this->login, $this->token_auth );
-		}
-
-		if($this->token_auth === $rootToken)
-		{
 			return new Piwik_Auth_Result(Piwik_Auth_Result::SUCCESS_SUPERUSER_AUTH_CODE, $rootLogin, $rootToken );
 		}
 
diff --git a/plugins/Login/Controller.php b/plugins/Login/Controller.php
index cd8ad8542c..c3ec296aa9 100644
--- a/plugins/Login/Controller.php
+++ b/plugins/Login/Controller.php
@@ -77,9 +77,10 @@ class Piwik_Login_Controller extends Piwik_Controller
 			{
 				$login = $form->getSubmitValue('form_login');
 				$password = $form->getSubmitValue('form_password');
+				$rememberMe = $form->getSubmitValue('form_rememberme') == '1';
 				$md5Password = md5($password);
 				try {
-					$this->authenticateAndRedirect($login, $md5Password, $urlToRedirect);
+					$this->authenticateAndRedirect($login, $md5Password, $rememberMe, $urlToRedirect);
 				} catch(Exception $e) {
 					$messageNoAccess = $e->getMessage();
 				}
@@ -122,7 +123,7 @@ class Piwik_Login_Controller extends Piwik_Controller
 		$urlToRedirect = Piwik_Common::getRequestVar('url', $currentUrl, 'string');
 		$urlToRedirect = htmlspecialchars_decode($urlToRedirect);
 
-		$this->authenticateAndRedirect($login, $password, $urlToRedirect);
+		$this->authenticateAndRedirect($login, $password, false, $urlToRedirect);
 	}
 
 	/**
@@ -130,13 +131,15 @@ class Piwik_Login_Controller extends Piwik_Controller
 	 *
 	 * @param string $login (user name)
 	 * @param string $md5Password (md5 hash of password)
+	 * @param bool $rememberMe Remember me?
 	 * @param string $urlToRedirect (URL to redirect to, if successfully authenticated)
 	 * @return string (failure message if unable to authenticate)
 	 */
-	protected function authenticateAndRedirect($login, $md5Password, $urlToRedirect)
+	protected function authenticateAndRedirect($login, $md5Password, $rememberMe, $urlToRedirect)
 	{
 		$info = array(	'login' => $login, 
 						'md5Password' => $md5Password,
+						'rememberMe' => $rememberMe,
 		);
 		Piwik_PostEvent('Login.initSession', $info);
 		Piwik_Url::redirectToUrl($urlToRedirect);
diff --git a/plugins/Login/FormLogin.php b/plugins/Login/FormLogin.php
index 0dfd83a661..94a24f3a23 100644
--- a/plugins/Login/FormLogin.php
+++ b/plugins/Login/FormLogin.php
@@ -31,6 +31,13 @@ class Piwik_Login_FormLogin extends Piwik_QuickForm2
 
 		$this->addElement('hidden', 'form_nonce');
 
+		$this->addElement('checkbox', 'form_rememberme');
+
 		$this->addElement('submit', 'submit');
+
+		// default values
+		$this->addDataSource(new HTML_QuickForm2_DataSource_Array(array(
+			'form_rememberme' => 0,
+		)));
 	}
 }
diff --git a/plugins/Login/Login.php b/plugins/Login/Login.php
index 0002029d82..f49965e639 100644
--- a/plugins/Login/Login.php
+++ b/plugins/Login/Login.php
@@ -67,7 +67,7 @@ class Piwik_Login extends Piwik_Plugin
 		}
 
 		$authCookieName = Zend_Registry::get('config')->General->login_cookie_name;
-		$authCookieExpiry = time() + Zend_Registry::get('config')->General->login_cookie_expire;
+		$authCookieExpiry = 0;
 		$authCookiePath = Zend_Registry::get('config')->General->login_cookie_path;
 		$authCookie = new Piwik_Cookie($authCookieName, $authCookieExpiry, $authCookiePath);
 		$defaultLogin = 'anonymous';
@@ -86,6 +86,7 @@ class Piwik_Login extends Piwik_Plugin
 		$info = $notification->getNotificationObject();
 		$login = $info['login'];
 		$md5Password = $info['md5Password'];
+		$rememberMe = $info['rememberMe'];
 		
 		$tokenAuth = Piwik_UsersManager_API::getInstance()->getTokenAuth($login, $md5Password);
 
@@ -103,7 +104,7 @@ class Piwik_Login extends Piwik_Plugin
 		unset($ns->referer);
 
 		$authCookieName = Zend_Registry::get('config')->General->login_cookie_name;
-		$authCookieExpiry = time() + Zend_Registry::get('config')->General->login_cookie_expire;
+		$authCookieExpiry = $rememberMe ? time() + Zend_Registry::get('config')->General->login_cookie_expire : 0;
 		$authCookiePath = Zend_Registry::get('config')->General->login_cookie_path;
 		$cookie = new Piwik_Cookie($authCookieName, $authCookieExpiry, $authCookiePath);
 		$cookie->set('login', $login);
diff --git a/plugins/Login/templates/login.tpl b/plugins/Login/templates/login.tpl
index f837ada5c3..7e781f8625 100644
--- a/plugins/Login/templates/login.tpl
+++ b/plugins/Login/templates/login.tpl
@@ -25,9 +25,9 @@
 		<label>{'Login_Password'|translate}:<br />
 		<input type="password" name="form_password" id="form_password" class="input" value="" size="20" tabindex="20" /></label>
 	</p>
-	{*
-		<p class="forgetmenot"><label><input name="rememberme" type="checkbox" id="rememberme" value="forever" tabindex="90" /> Remember Me</label></p>
-	*}
+	<p class="forgetmenot">
+		<label><input name="form_rememberme" type="checkbox" id="form_rememberme" value="1" tabindex="90" {if $form_data.form_rememberme.value}checked="checked" {/if}/> {'Login_RememberMe'|translate} </label>
+	</p>
 	<p class="submit">
 		<input type="submit" value="{'Login_LogIn'|translate}" tabindex="100" />
 	</p>