This adds a toggle to allow operators to prevent user registration and login via username/password authentication, forcing the platform to only support login and registration using third-party auth such as SAML.
Co-authored-by: Umar Asghar <mrumarasghar@gmail.com>
This patch improves on the user locked
out logic by providing a helping message
near locked out. This would help reduce
retries by giving user the option to use
password reset flow to fix the issue.
PROD-1505
When a user comes in through an sso provider and arrives at the login
or registration page, there is a warning message that comes up to indicate
that the user has to take an action to sign in and register and thus
link their sso account to their edx account. However, it is confusing,
particularly for the enterpise context. This diff disables these messages
from being rendered if these pages are being shown in an enterprise context.
* Reorders form fields, and updates labels, placeholders, and tip text
* Increases clickable area for links and labels.
* Removes "*" markers from required fields, and instead adds
"(optional)" labels to visible optional fields.
* Updates font colors and sizes, and removes box shadows
* Adds custom drop-down styles
* Improves responsive design scaling for small screens
* Make Terms of Service and Honor Code open in new window to avoid losing form
field values.
Add querystring param "course_mode" to the login/registration
page so the user can skip track selection.
This supports upcoming changes to the course details page
that allow the user to choose the track when clicking
"enroll", which will replace the functionality of the track
selection page.
Makes logistration available at /login and /register as well as /accounts/login/ and /accounts/register/. In addition:
- Adds support for redirect URLs in third party auth for combined login/registration page
- Adds support for external auth on the combined login/registration page
- Removes old login and registration acceptance tests
- Adds deprecation warnings to old login and register views
- Moves third party auth util to student_account
- Adds exception for microsites (theming)
Ensure window.isExternal is loaded
Don't set a default for terms of service
For paid courses, add the course to the cart and redirect to the shopping cart view.
Don't send form method and url as form data.
Stub window.analytics in the access view test.
Includes several bug fixes caught during test writing, general clean-up, and adds js-url, a lightweight URL parser
Moved to setting ajaxType with passed in method for models and now handling form load fail errors
Added tests.
Change third party auth login failure code to a 401, to detect authentication
success with no linked account.
If already authenticated, redirect immediately to the dashboard.
Use "Location" header correctly for 302 redirects from student views.
Add utility functions for simulating a running third-party auth pipeline.
Add a utility function for checking whether third party auth is enabled.
Respect default values sent by the server
