Allow to not specify a password when signing up with openID

If the password field has a length of 0 and we have a valid
openID, then disable password login by generating a random
unknown password.

This still needs some warnings to indicate that not all services
such as trac, the forum or some editors are supported with
openid only via oauth.

diff --git a/app/controllers/user_controller.rb b/app/controllers/user_controller.rb
index fa82f62512346ac38eaa8e12bf359185b94ce795..7a4448e515337117aa951caae29059948a941b0a 100644 (file)
--- a/app/controllers/user_controller.rb
+++ b/app/controllers/user_controller.rb
@@ -47,6 +47,13 @@ class UserController < ApplicationController
                @user.openid_url = nil
 
                if (params[:user][:openid_url].length > 0)
                @user.openid_url = nil
 
                if (params[:user][:openid_url].length > 0)

+                 if @user.pass_crypt.length == 0 
+            #if the password is empty, but we have a openid 
+            #then generate a random passowrd to disable 
+            #loging in via password 
+            @user.pass_crypt = ActiveSupport::SecureRandom.base64(16) 
+            @user.pass_crypt_confirmation = @user.pass_crypt 
+          end

                  #Validate all of the other fields before
                  #redirecting to the openid provider
                  if !@user.valid?
                  #Validate all of the other fields before
                  #redirecting to the openid provider
                  if !@user.valid?