Prompt for a password in a niver popup

Fix #97

public/js/vroom.js

@@ -648,6 +648,55 @@ function initAdminRooms(){
 }
 
 function initJoin(room){
+  // Auth input if access is protected
+  $('#authBeforeJoinPass').on('input', function() {
+    var pass = $('#authBeforeJoinPass').val();
+    if (pass.length > 0 && pass.length < 200){
+      $('#authBeforeJoinButton').removeClass('disabled');
+      $('#authBeforeJoinPass').parent().removeClass('has-error');
+    }
+    else{ 
+      $('#authBeforeJoinButton').addClass('disabled');
+      $('#authBeforeJoinPass').parent().addClass('has-error');
+      if (pass.length < 1){
+        $('#authBeforeJoinPass').notify(localize('PASSWORD_REQUIRED'), 'error');
+      }
+      else{
+        $('#authBeforeJoinPass').notify(localize('PASSWORD_TOO_LONG'), 'error');
+      }
+    }
+  });
+
+  $('#authBeforeJoinForm').submit(function(event){
+    event.preventDefault();
+    var pass = $('#authBeforeJoinPass').val();
+    if (pass.length > 0 && pass.length < 200){
+      $('#auth-before-join').slideUp();
+      try_auth(pass, true);
+    }
+  });
+
+
+  function try_auth(pass, hideErrorMsg){
+    $.ajax({
+      data: {
+        req: JSON.stringify({
+          action: 'authenticate',
+          param: {
+            room: room,
+            password: pass
+          }
+        })
+      },
+      error: function(data){
+        if (data.status === 401){
+          $('#auth-before-join').slideDown();
+        }
+        if (hideErrorMsg){
+          showApiError(data);
+        }
+      },
+      success: function(data){
         $.ajax({
           data: {
             req: JSON.stringify({
@@ -669,6 +718,10 @@ function initJoin(room){
             initVroom(room);
           }
         });
+      }
+    });
+  }
+  try_auth('', false);
 }
 
 // This is the main function called when you join a room

templates/default/join.html.ep

@@ -236,6 +236,31 @@
                 </a>
               </p>
             </div>
+            <div id="auth-before-join" class="connecting-msg" style="display: none">
+              <form role="form" class="form-horizontal" id="authBeforeJoinForm">
+                <p class="text-center">
+                  <%=l 'A_PASSWORD_IS_NEEDED_TO_JOIN' %>
+                </p>
+                <div class="form-group">
+                  <label for="authBeforJoinPass" class="col-sm-4 control-label">
+                    <%=l 'PASSWORD' %>
+                  </label>
+                  <div class="col-sm-4">
+                    <input type="password" class="form-control" id="authBeforeJoinPass" placeholder="<%=l 'PASSWORD' %>">
+                  </div>
+                </div>
+                <div class="form-group">
+                  <div class="col-sm-offset-4 col-sm-8">
+                    <button id="authBeforeJoinButton" class="btn btn-primary disabled" type="submit">
+                      <%=l 'SUBMIT' %>
+                    </button>
+                    <a class="btn btn-default" href="<%= $self->url_for('/') %>">
+                      <%=l 'CANCEL' %>
+                    </a>
+                  </div>
+                </div>
+              </form>
+            </div>
             <div id="display-name-pre" class="connecting-msg" style="display: none">
               <form role="form" class="form-horizontal" id="displayNamePreForm">
                 <p class="text-center">

vroom.pl

@@ -1514,10 +1514,9 @@ any '/api' => sub {
 
   # Ok, now, we don't have to bother with authorization anymore
   if ($req->{action} eq 'authenticate'){
-    my $pass = $req->{param}->{pass};
+    my $pass = $req->{param}->{password};
     # Is this peer already authenticated ?
     my $role = $self->get_key_role($token, $room->{name});
-    $self->app->log->debug("Checking pass $pass");
     if ($room->{owner_password} && Crypt::SaltedHash->validate($room->{owner_password}, $pass)){
       $role = 'owner';
     }
@@ -1526,6 +1525,9 @@ any '/api' => sub {
     }
     if ($role){
       $self->session($room->{name}, {role => $role});
+      if ($ec && !$self->session($room->{name})->{etherpadSession}){
+        $self->create_etherpad_session();
+      }
       $self->set_peer_role({
         room    => $room->{name},
         peer_id => $self->session('peer_id'),
@@ -1545,7 +1547,7 @@ any '/api' => sub {
     }
     return $self->render(
       json => {
-        msg => $self->l('AUTH_NEEDED')
+        msg => $self->l('WRONG_PASSWORD')
       },
       status => '401'
     );
@@ -2089,33 +2091,12 @@ get '/:room' => sub {
       room => $room,
     );
   }
-  # Now, if the room is password protected and we're not a participant, nor the owner, lets prompt for the password
-  # Email invitation have a token which can be used instead of password
-  if ($data->{join_password} &&
-     (!$self->session($room) ||
-      $self->session($room)->{role} !~ m/^participant|owner$/) &&
-     !$self->check_invite_token($room,$token)){
-    return $self->redirect_to($self->url_for('/password/') . $room);
-  }
-  # Set this peer as a simple participant if he has no role yet (shouldn't happen)
-  if (!$self->session($room) || !$self->session($room)->{role}){
-    $self->session($room => {role => 'participant'});
-    $self->associate_key_to_room(
-      room => $room,
-      key  => $self->session('key'),
-      role => 'participant'
-    );
-  }
-  # Create etherpad session if needed
-  if ($ec && !$self->session($room)->{etherpadSession}){
   # pad doesn't exist yet ?
-    if (!$data->{etherpad_group}){
+  if ($ec && !$data->{etherpad_group}){
     $self->create_pad($room);
     # Reload data so we get the etherpad_group
     $data = $self->get_room_by_name($room);
   }
-    $self->create_etherpad_session($room);
-  }
   # Now display the room page
   return $self->render('join',
     page          => 'room',