Rename script name and table name for

temporary users.
Updated message, after account reactivation.
Updated message, post account application.
Updated Form name, Registration instead of Registration Form.
Updated CMS_USER to have two optional features used for temporary users.
Updated CMS_AUTH_API to user CMS_USER instead of CMS_TEMPORAL_USER
Removed CMS_TEMPORAL_USER
Updateed CMS_AUTHENTICATION_MODULE, with new permission to enable
activate, reject or reactivate a pending user registration.
Updated User Storage and API to create a new user from a temporal user.

examples/demo/site/modules/auth/scripts/auth_temp_users.sql

@@ -1,6 +1,6 @@
 
-DROP TABLE IF EXISTS "auth_temp_user";
+DROP TABLE IF EXISTS "auth_temp_users";
-CREATE TABLE `auth_temp_user` (
+CREATE TABLE `auth_temp_users` (
   `uid` INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL,
   `name` VARCHAR(100) NOT NULL,
   `password` VARCHAR(100) NOT NULL,

examples/demo/site/modules/auth/templates/block_post_reactivate.tpl

@@ -1,3 +1,3 @@
 <div>
-    <p>We have send you a new activation code, check your email to activate your account.</p>
+    <p>We have send an email to the administrator, with a new activation code to activate the user account.</p>
 </div>

examples/demo/site/modules/auth/templates/block_post_register.tpl

@@ -1,3 +1,3 @@
 <div>
-    <p>Thanks for your application, we will review it to activate your account.</p>
+    <p>You have requested an account, we will let you know when you application is approved or rejected.</p>
 </div>

examples/demo/site/modules/auth/templates/block_register.tpl

@@ -1,7 +1,7 @@
  <div>
     <form action="{$site_url/}account/roc-register" method="post">
         <fieldset>
-            <legend>Register Form</legend>
+            <legend>Registration</legend>
             <div>
                 <input type="text" id="name" name="name"  value="{$name/}" required  autofocus />
                 <label for="name">Name</label>
@@ -24,7 +24,7 @@
                <textarea rows="4" cols="50" name="application" id="application" required>
 			   				{$application/}
 			   </textarea>
-			   <label for="application">Application Sentence</label>
+			   <label for="application">Tell us why you want to register an account</label>
                 {if isset="$error_application"}
                     <span><i>{$error_application/}</i></span> <br>
                 {/if}

library/model/src/user/cms_user.e

@@ -80,6 +80,11 @@ feature -- Access
 			--			active
 			--			trashed
 
+	application: detachable STRING_32
+			-- User application
+
+	salt: detachable STRING_32
+			-- User's password salt.		
 
 feature -- Access: helper
 
@@ -220,6 +225,24 @@ feature -- Change element
 			set_last_login_date (create {DATE_TIME}.make_now_utc)
 		end
 
+	feature -- Element change
+
+	set_application (an_application: like application)
+			-- Assign `application' with `an_application'.
+		do
+			application := an_application
+		ensure
+			application_assigned: application = an_application
+		end
+
+	set_salt (a_salt: like salt)
+			-- Assign `salt' with `a_salt'.
+		do
+			salt := a_salt
+		ensure
+			salt_assigned: salt = a_salt
+		end
+
 feature -- Element change: roles
 
 	set_roles (lst: like roles)
@@ -302,6 +325,6 @@ invariant
 	id_or_name_set: id > 0 or else not name.is_whitespace
 
 note
-	copyright: "2011-2015, Javier Velilla, Jocelyn Fiat, Eiffel Software and others"
+	copyright: "2011-2016, Javier Velilla, Jocelyn Fiat, Eiffel Software and others"
 	license: "Eiffel Forum License v2 (see http://www.eiffel.com/licensing/forum.txt)"
 end

modules/auth/cms_auth_api.e

@@ -49,7 +49,7 @@ feature -- Access
 
 feature -- Temp User
 
-	new_temp_user (a_user: CMS_TEMPORAL_USER)
+	new_temp_user (a_user: CMS_USER)
 			-- Add a new user `a_user'.
 		require
 			no_id: not a_user.has_id
@@ -73,7 +73,7 @@ feature -- Temp User
 			auth_storage.remove_activation (a_token)
 		end
 
-	delete_user (a_user: CMS_TEMPORAL_USER)
+	delete_user (a_user: CMS_USER)
 			-- Delete user `a_user'.
 		require
 			has_id: a_user.has_id

modules/auth/cms_authentication_module.e

@@ -7,6 +7,7 @@ class
 	CMS_AUTHENTICATION_MODULE
 
 inherit
+
 	CMS_MODULE
 		rename
 			module_api as auth_api
@@ -50,7 +51,6 @@ feature {NONE} -- Initialization
 			version := "1.0"
 			description := "Authentication module"
 			package := "authentication"
-
 			create root_dir.make_current
 			cache_duration := 0
 		end
@@ -64,6 +64,10 @@ feature -- Access
 		do
 			Result := Precursor
 			Result.force ("account register")
+			Result.force ("account activate")
+			Result.force ("account reject")
+			Result.force ("account reactivate")
+			Result.force ("admin registration")
 		end
 
 feature -- Access: docs
@@ -112,8 +116,7 @@ feature {CMS_API} -- Module Initialization
 			if attached api.storage.as_sql_storage as l_sql_storage then
 				if not l_sql_storage.sql_table_exists ("auth_temp_user") then
 						--| Schema
-					l_sql_storage.sql_execute_file_script (api.module_resource_location (Current, (create {PATH}.make_from_string ("scripts")).extended ("auth_temp_user.sql")), Void)
+					l_sql_storage.sql_execute_file_script (api.module_resource_location (Current, (create {PATH}.make_from_string ("scripts")).extended ("auth_temp_users.sql")), Void)
-
 					if l_sql_storage.has_error then
 						api.logger.put_error ("Could not initialize database for auth_module", generating_type)
 					end
@@ -134,6 +137,7 @@ feature -- Router
 			-- <Precursor>
 		do
 			configure_web (a_api, a_router)
+			configure_web_admin (a_api, a_router)
 		end
 
 	configure_web (a_api: CMS_API; a_router: WSF_ROUTER)
@@ -151,6 +155,13 @@ feature -- Router
 			a_router.handle ("/account/post-change-password", create {WSF_URI_AGENT_HANDLER}.make (agent handle_post_change_password(a_api, ?, ?)), a_router.methods_get)
 		end
 
+
+	configure_web_admin (a_api: CMS_API; a_router: WSF_ROUTER)
+			-- Configure router mapping for admin web interface.
+		do
+			a_router.handle ("/admin/pending-registrations/", create {WSF_URI_AGENT_HANDLER}.make (agent handle_admin_pending_registrations (?, ?, a_api)), a_router.methods_get)
+		end
+
 feature -- Hooks configuration
 
 	setup_hooks (a_hooks: CMS_HOOK_CORE_MANAGER)
@@ -159,6 +170,7 @@ feature -- Hooks configuration
 			auto_subscribe_to_hooks (a_hooks)
 			a_hooks.subscribe_to_block_hook (Current)
 			a_hooks.subscribe_to_value_table_alter_hook (Current)
+			a_hooks.subscribe_to_menu_system_alter_hook (Current)
 		end
 
 	value_table_alter (a_value: CMS_VALUE_TABLE; a_response: CMS_RESPONSE)
@@ -185,7 +197,11 @@ feature -- Hooks configuration
 				lnk.set_weight (98)
 				a_menu_system.primary_menu.extend (lnk)
 			end
-
+				 -- Add the link to the taxonomy to the main menu
+			if a_response.has_permission ("admin registration") then
+				create lnk.make ("Registration", "admin/pending-registrations/")
+				a_menu_system.management_menu.extend (lnk)
+			end
 		end
 
 feature -- Handler
@@ -195,7 +211,6 @@ feature -- Handler
 			r: CMS_RESPONSE
 		do
 			create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api)
-
 			if attached template_block ("account_info", r) as l_tpl_block then
 				if attached r.user as l_user then
 					r.set_value (api.user_api.user_roles (l_user), "roles")
@@ -237,7 +252,7 @@ feature -- Handler
 		local
 			r: CMS_RESPONSE
 			l_user_api: CMS_USER_API
-			u: CMS_TEMPORAL_USER
+			u: CMS_USER
 			l_exist: BOOLEAN
 			es: CMS_AUTHENTICATON_EMAIL_SERVICE
 			l_url_activate: STRING
@@ -246,19 +261,10 @@ feature -- Handler
 			l_captcha_passed: BOOLEAN
 		do
 			create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api)
-			if
+			if r.has_permission ("account register") and then attached auth_api as l_auth_api then
-				r.has_permission ("account register") and then
-			   	attached auth_api as l_auth_api
-			then
 				if req.is_post_request_method then
-					if
+					if attached {WSF_STRING} req.form_parameter ("name") as l_name and then attached {WSF_STRING} req.form_parameter ("password") as l_password and then attached {WSF_STRING} req.form_parameter ("email") as l_email and then attached {WSF_STRING} req.form_parameter ("application") as l_application then
-						attached {WSF_STRING} req.form_parameter ("name") as l_name and then
-						attached {WSF_STRING} req.form_parameter ("password") as l_password and then
-						attached {WSF_STRING} req.form_parameter ("email") as l_email and then
-						attached {WSF_STRING} req.form_parameter ("application") as l_application
-					then
 						l_user_api := api.user_api
-
 						if attached l_user_api.user_by_name (l_name.value) or else attached l_auth_api.user_by_name (l_name.value) then
 								-- Username already exist.
 							r.set_value ("User name already exists!", "error_name")
@@ -269,12 +275,8 @@ feature -- Handler
 							r.set_value ("An account is already associated with that email address!", "error_email")
 							l_exist := True
 						end
-
 						if attached recaptcha_secret_key (api) as l_recaptcha_key then
-							if
+							if attached {WSF_STRING} req.form_parameter ("g-recaptcha-response") as l_recaptcha_response and then is_captcha_verified (l_recaptcha_key, l_recaptcha_response.value) then
-								attached {WSF_STRING} req.form_parameter ("g-recaptcha-response") as l_recaptcha_response and then
-								is_captcha_verified (l_recaptcha_key, l_recaptcha_response.value)
-							then
 								l_captcha_passed := True
 							else
 									--| Bad or missing captcha
@@ -284,7 +286,6 @@ feature -- Handler
 								--| reCaptcha is not setup, so no verification
 							l_captcha_passed := True
 						end
-
 						if not l_exist then
 
 								-- New temp user
@@ -321,7 +322,6 @@ feature -- Handler
 				create {FORBIDDEN_ERROR_CMS_RESPONSE} r.make (req, res, api)
 				r.set_main_content ("You can also contact the webmaster to ask for an account.")
 			end
-
 			r.execute
 		end
 
@@ -335,18 +335,17 @@ feature -- Handler
 			if attached auth_api as l_auth_api then
 				l_user_api := api.user_api
 				create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api)
+				if r.has_permission ("account activate") then
 					if attached {WSF_STRING} req.path_parameter ("token") as l_token then
-
+						if attached {CMS_USER} l_auth_api.user_by_activation_token (l_token.value) as l_user then
-					if attached {CMS_TEMPORAL_USER} l_auth_api.user_by_activation_token (l_token.value) as l_user then
 								-- Delete temporal User
 							l_auth_api.delete_user (l_user)
 
 								-- Valid user_id
 							l_user.set_id (0)
 							l_user.mark_active
-						l_user_api.new_user (l_user)
+							l_user_api.new_user_from_temporal_user (l_user)
 							l_auth_api.remove_activation (l_token.value)
-
 							r.set_main_content ("<p> The account <i>" + l_user.name + "</i> has been activated</p>")
 								-- Send Email
 							if attached l_user.email as l_email then
@@ -364,14 +363,16 @@ feature -- Handler
 						create l_ir.make (req, res, api)
 						l_ir.execute
 					end
+				else
+					create {FORBIDDEN_ERROR_CMS_RESPONSE} r.make (req, res, api)
+					r.execute
+				end
 			else
 				create {INTERNAL_SERVER_ERROR_CMS_RESPONSE} r.make (req, res, api)
---				r.set_main_content ("...")
 				r.execute
 			end
 		end
 
-
 	handle_reject (api: CMS_API; req: WSF_REQUEST; res: WSF_RESPONSE)
 		local
 			r: CMS_RESPONSE
@@ -381,8 +382,9 @@ feature -- Handler
 		do
 			if attached auth_api as l_auth_api then
 				create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api)
+				if r.has_permission ("account reject") then
 					if attached {WSF_STRING} req.path_parameter ("token") as l_token then
-					if attached {CMS_TEMPORAL_USER} l_auth_api.user_by_activation_token (l_token.value) as l_user then
+						if attached {CMS_USER} l_auth_api.user_by_activation_token (l_token.value) as l_user then
 							l_auth_api.delete_user (l_user)
 							r.set_main_content ("<p> The temporal account for <i>" + l_user.name + "</i> has been removed</p>")
 								-- Send Email
@@ -401,6 +403,10 @@ feature -- Handler
 						create l_ir.make (req, res, api)
 						l_ir.execute
 					end
+				else
+					create {FORBIDDEN_ERROR_CMS_RESPONSE} r.make (req, res, api)
+					r.execute
+				end
 			else
 				create {INTERNAL_SERVER_ERROR_CMS_RESPONSE} r.make (req, res, api)
 				r.execute
@@ -418,12 +424,11 @@ feature -- Handler
 		do
 			if attached auth_api as l_auth_api then
 				create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api)
+				if r.has_permission ("account reactivate") then
 					if req.is_post_request_method then
-					if
+						if attached {WSF_STRING} req.form_parameter ("email") as l_email then
-						attached {WSF_STRING} req.form_parameter ("email") as l_email
-					then
 							l_user_api := api.user_api
-						if 	attached {CMS_TEMPORAL_USER} l_auth_api.user_by_email (l_email.value) as l_user then
+							if attached {CMS_USER} l_auth_api.user_by_email (l_email.value) as l_user then
 									-- User exist create a new token and send a new email.
 								if l_user.is_active then
 									r.set_value ("The asociated user to the given email " + l_email.value + " , is already active", "is_active")
@@ -448,6 +453,10 @@ feature -- Handler
 							end
 						end
 					end
+				else
+					create {FORBIDDEN_ERROR_CMS_RESPONSE} r.make (req, res, api)
+					r.execute
+				end
 			else
 				create {INTERNAL_SERVER_ERROR_CMS_RESPONSE} r.make (req, res, api)
 			end
@@ -482,9 +491,7 @@ feature -- Handler
 						r.set_status_code ({HTTP_CONSTANTS}.bad_request)
 					end
 				elseif attached {WSF_STRING} req.form_parameter ("username") as l_username then
-					if 	attached {CMS_USER} l_user_api.user_by_name (l_username) as l_user and then
+					if attached {CMS_USER} l_user_api.user_by_name (l_username) as l_user and then attached l_user.email as l_email then
-						attached l_user.email as l_email
-					then
 							-- User exist create a new token and send a new email.
 						l_token := new_token
 						l_user_api.new_password (l_token, l_user.id)
@@ -504,7 +511,6 @@ feature -- Handler
 			r.execute
 		end
 
-
 	handle_reset_password (api: CMS_API; req: WSF_REQUEST; res: WSF_RESPONSE)
 		local
 			r: CMS_RESPONSE
@@ -519,14 +525,8 @@ feature -- Handler
 					r.set_status_code ({HTTP_CONSTANTS}.bad_request)
 				end
 			end
-
 			if req.is_post_request_method then
-
+				if attached {WSF_STRING} req.form_parameter ("token") as l_token and then attached {WSF_STRING} req.form_parameter ("password") as l_password and then attached {WSF_STRING} req.form_parameter ("confirm_password") as l_confirm_password then
-				if
-					attached {WSF_STRING} req.form_parameter ("token") as l_token and then
-					attached {WSF_STRING} req.form_parameter ("password") as l_password and then
-					attached {WSF_STRING} req.form_parameter ("confirm_password") as l_confirm_password
-				then
 						-- Does the passwords match?
 					if l_password.value.same_string (l_confirm_password.value) then
 							-- is the token valid?
@@ -552,15 +552,10 @@ feature -- Handler
 		do
 			create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api)
 			l_user_api := api.user_api
-
 			if req.is_post_request_method then
 				if attached r.user as l_user then
 					r.set_value (api.user_api.user_roles (l_user), "roles")
-					if
+					if attached {WSF_STRING} req.form_parameter ("password") as l_password and then attached {WSF_STRING} req.form_parameter ("confirm_password") as l_confirm_password and then l_password.value.same_string (l_confirm_password.value) then
-						attached {WSF_STRING} req.form_parameter ("password") as l_password and then
-						attached {WSF_STRING} req.form_parameter ("confirm_password") as l_confirm_password and then
-						l_password.value.same_string (l_confirm_password.value)
-					then
 							-- Does the passwords match?
 						l_user.set_password (l_password.value)
 						l_user_api.update_user (l_user)
@@ -589,11 +584,21 @@ feature -- Handler
 			r.execute
 		end
 
+
+	handle_admin_pending_registrations (req: WSF_REQUEST; res: WSF_RESPONSE; api: CMS_API)
+		local
+			l_page: CMS_RESPONSE
+			lnk: CMS_LOCAL_LINK
+		do
+			create {GENERIC_VIEW_CMS_RESPONSE} l_page.make (req, res, api)
+			l_page.execute
+		end
+
 	block_list: ITERABLE [like {CMS_BLOCK}.name]
 		local
 			l_string: STRING
 		do
-			Result := <<"register", "reactivate", "new_password", "reset_password">>
+			Result := <<"register", "reactivate", "new_password", "reset_password", "registration">>
 			debug ("roc")
 				create l_string.make_empty
 				across
@@ -608,26 +613,16 @@ feature -- Handler
 
 	get_block_view (a_block_id: READABLE_STRING_8; a_response: CMS_RESPONSE)
 		do
-			if
+			if a_block_id.is_case_insensitive_equal_general ("register") and then a_response.location.starts_with ("account/roc-register") then
-				a_block_id.is_case_insensitive_equal_general ("register") and then
-				a_response.location.starts_with ("account/roc-register")
-			then
 				get_block_view_register (a_block_id, a_response)
-			elseif
+			elseif a_block_id.is_case_insensitive_equal_general ("reactivate") and then a_response.location.starts_with ("account/reactivate") then
-				a_block_id.is_case_insensitive_equal_general ("reactivate") and then
-				a_response.location.starts_with ("account/reactivate")
-			then
 				get_block_view_reactivate (a_block_id, a_response)
-			elseif
+			elseif a_block_id.is_case_insensitive_equal_general ("new_password") and then a_response.location.starts_with ("account/new-password") then
-				a_block_id.is_case_insensitive_equal_general ("new_password") and then
-				a_response.location.starts_with ("account/new-password")
-			then
 				get_block_view_new_password (a_block_id, a_response)
-			elseif
+			elseif a_block_id.is_case_insensitive_equal_general ("reset_password") and then a_response.location.starts_with ("account/reset-password") then
-				a_block_id.is_case_insensitive_equal_general ("reset_password") and then
-				a_response.location.starts_with ("account/reset-password")
-			then
 				get_block_view_reset_password (a_block_id, a_response)
+			elseif a_block_id.is_case_insensitive_equal_general ("registration") and then a_response.location.starts_with ("admin/pending-registrations") then
+				get_block_view_registration (a_block_id, a_response)
 			end
 		end
 
@@ -643,7 +638,10 @@ feature {NONE} -- Token Generation
 			create l_security
 			l_token := l_security.token
 			create l_encode
-			from until l_token.same_string (l_encode.encoded_string (l_token)) loop
+			from
+			until
+				l_token.same_string (l_encode.encoded_string (l_token))
+			loop
 					-- Loop ensure that we have a security token that does not contain characters that need encoding.
 					-- We cannot simply to an encode-decode because the email sent to the user will contain an encoded token
 					-- but the user will need to use an unencoded token if activation has to be done manually.
@@ -661,7 +659,6 @@ feature {NONE} -- Helpers
 		do
 			create p.make_from_string ("templates")
 			p := p.extended ("block_").appended (a_block_id).appended_with_extension ("tpl")
-
 			p := a_response.api.module_theme_resource_location (Current, p)
 			if p /= Void then
 				if attached p.entry as e then
@@ -674,27 +671,6 @@ feature {NONE} -- Helpers
 
 feature {NONE} -- Block views
 
---	get_block_view_login (a_block_id: READABLE_STRING_8; a_response: CMS_RESPONSE)
---		local
-----			vals: CMS_VALUE_TABLE
---		do
---			if attached template_block (a_block_id, a_response) as l_tpl_block then
-----				create vals.make (1)
-----					-- add the variable to the block
-----				value_table_alter (vals, a_response)
-----				across
-----					vals as ic
-----				loop
-----					l_tpl_block.set_value (ic.item, ic.key)
-----				end
---				a_response.put_required_block (l_tpl_block, "content")
---			else
---				debug ("cms")
---					a_response.add_warning_message ("Error with block [" + a_block_id + "]")
---				end
---			end
---		end
-
 	get_block_view_register (a_block_id: READABLE_STRING_8; a_response: CMS_RESPONSE)
 		do
 			if a_response.has_permission ("account register") then
@@ -843,6 +819,10 @@ feature {NONE} -- Block views
 			end
 		end
 
+	get_block_view_registration	(a_block_id: READABLE_STRING_8; a_response: CMS_RESPONSE)
+		do
+				-- TODO finish
+		end
 
 feature -- Recaptcha
 
@@ -852,10 +832,7 @@ feature -- Recaptcha
 			utf: UTF_CONVERTER
 		do
 			if attached api.module_configuration (Current, Void) as cfg then
-				if
+				if attached cfg.text_item ("recaptcha.secret_key") as l_recaptcha_key and then not l_recaptcha_key.is_empty then
-					attached cfg.text_item ("recaptcha.secret_key") as l_recaptcha_key and then
-					not l_recaptcha_key.is_empty
-				then
 					Result := utf.utf_32_string_to_utf_8_string_8 (l_recaptcha_key)
 				end
 			end
@@ -867,16 +844,12 @@ feature -- Recaptcha
 			utf: UTF_CONVERTER
 		do
 			if attached api.module_configuration (Current, Void) as cfg then
-				if
+				if attached cfg.text_item ("recaptcha.site_key") as l_recaptcha_key and then not l_recaptcha_key.is_empty then
-					attached cfg.text_item ("recaptcha.site_key") as l_recaptcha_key and then
-					not l_recaptcha_key.is_empty
-				then
 					Result := utf.utf_32_string_to_utf_8_string_8 (l_recaptcha_key)
 				end
 			end
 		end
 
-
 feature -- Response Alter
 
 	response_alter (a_response: CMS_RESPONSE)
@@ -897,13 +870,16 @@ feature {NONE} -- Implementation
 			if not Result and then attached api.errors as l_api_errors then
 				create l_errors.make_empty
 				l_errors.append_character ('%N')
-				across l_api_errors as ic loop
+				across
+					l_api_errors as ic
+				loop
 					l_errors.append (ic.item)
 					l_errors.append_character ('%N')
 				end
 				write_error_log (generator + ".is_captcha_verified api_errors [" + l_errors + "]")
 			end
 		end
+
 note
 	copyright: "Copyright (c) 1984-2013, Eiffel Software and others"
 	license: "Eiffel Forum License v2 (see http://www.eiffel.com/licensing/forum.txt)"
@@ -914,4 +890,5 @@ note
 		Website http://www.eiffel.com
 		Customer support http://support.eiffel.com
 	]"
+
 end

modules/auth/cms_authenticaton_email_service.e

@@ -101,7 +101,7 @@ feature -- Basic Operations
 		do
 			create l_message.make_from_string (parameters.account_rejected)
 			l_message.replace_substring_all ("$link", a_content)
-			send_message (contact_email, a_to, parameters.contact_subject_activate, l_message)
+			send_message (contact_email, a_to, parameters.contact_subject_rejected, l_message)
 		end
 
 

modules/auth/model/cms_temporal_user.e

@@ -1,32 +0,0 @@
-note
-	description: "Summary description for {CMS_TEMPORAL_USER}."
-	date: "$Date$"
-	revision: "$Revision$"
-
-class
-	CMS_TEMPORAL_USER
-
-inherit
-
-	CMS_USER
-
-create
-		make,
-		make_with_id
-
-feature -- Access
-
-	application: detachable STRING_32
-			-- User application
-
-feature -- Element change
-
-	set_application (an_application: like application)
-			-- Assign `application' with `an_application'.
-		do
-			application := an_application
-		ensure
-			application_assigned: application = an_application
-		end
-
-end

modules/auth/persistence/cms_auth_storage_i.e

@@ -58,14 +58,14 @@ feature -- New Temp User
 		deferred
 		end
 
-	new_temp_user (a_user: CMS_TEMPORAL_USER)
+	new_temp_user (a_user: CMS_USER)
 			-- New temp user `a_user'.
 		require
 			no_id: not a_user.has_id
 		deferred
 		end
 
-	delete_user (a_user: CMS_TEMPORAL_USER)
+	delete_user (a_user: CMS_USER)
 			-- Delete user `a_user'.
 		require
 			has_id: a_user.has_id

modules/auth/persistence/cms_auth_storage_null.e

@@ -48,12 +48,12 @@ feature -- Temp Users
 		do
 		end
 
-	new_temp_user (a_user: CMS_TEMPORAL_USER)
+	new_temp_user (a_user: CMS_USER)
 			-- <Precursor>
 		do
 		end
 
-	delete_user (a_user: CMS_TEMPORAL_USER)
+	delete_user (a_user: CMS_USER)
 			-- <Precursor>
 		do
 		end

modules/auth/persistence/cms_auth_storage_sql.e

@@ -101,7 +101,7 @@ feature -- Access User Outh
 
 feature {NONE} -- Implementation: User
 
-	fetch_user: detachable CMS_TEMPORAL_USER
+	fetch_user: detachable CMS_USER
 		local
 			l_id: INTEGER_64
 			l_name: detachable READABLE_STRING_32
@@ -125,7 +125,10 @@ feature {NONE} -- Implementation: User
 			if Result /= Void then
 				if attached sql_read_string (3) as l_password then
 						-- FIXME: should we return the password here ???
-					Result.set_password (l_password)
+					Result.set_hashed_password (l_password)
+				end
+				if attached sql_read_string (4) as l_salt then
+					Result.set_email (l_salt)
 				end
 				if attached sql_read_string (5) as l_email then
 					Result.set_email (l_email)
@@ -141,7 +144,7 @@ feature {NONE} -- Implementation: User
 
 feature -- New Temp User	
 
-	new_temp_user (a_user: CMS_TEMPORAL_USER)
+	new_temp_user (a_user: CMS_USER)
 			-- Add a new temp_user `a_user'.
 		local
 			l_parameters: STRING_TABLE [detachable ANY]
@@ -200,7 +203,7 @@ feature -- Remove Activation
 			sql_finalize
 		end
 
-	delete_user (a_user: CMS_TEMPORAL_USER)
+	delete_user (a_user: CMS_USER)
 			-- Delete user `a_user'.
 		local
 			l_parameters: STRING_TABLE [detachable ANY]

modules/auth/site/scripts/auth_temp_users.tpl

@@ -1,6 +1,6 @@
 
-DROP TABLE IF EXISTS "auth_temp_user";
+DROP TABLE IF EXISTS "auth_temp_users";
-CREATE TABLE `auth_temp_user` (
+CREATE TABLE `auth_temp_users` (
   `uid` INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL,
   `name` VARCHAR(100) NOT NULL,
   `password` VARCHAR(100) NOT NULL,

modules/auth/site/templates/block_register.tpl

@@ -1,7 +1,7 @@
  <div>
     <form action="{$site_url/}account/roc-register" method="post">
         <fieldset>
-            <legend>Register Form</legend>
+            <legend>Registration</legend>
             <div>
                 <input type="text" id="name" name="name"  value="{$name/}" required  autofocus />
                 <label for="name">Name</label>
@@ -20,8 +20,19 @@
                     <span><i>{$error_email/}</i></span> <br>
                 {/if}
             </div>
-            
+            <div>
-            
+               <textarea rows="4" cols="50" name="application" id="application" required>
+			   				{$application/}
+			   </textarea>
+			   <label for="application">Tell us why you want to register an account</label>
+                {if isset="$error_application"}
+                    <span><i>{$error_application/}</i></span> <br>
+                {/if}
+            </div>
+            {unless isempty="$recaptcha_site_key"}
+        		<div class="g-recaptcha" data-sitekey="{$recaptcha_site_key/}"></div>
+        	<br/>
+			{/unless}
             <button type="submit">Register</button>
         </fieldset>    
     </form>

src/persistence/user/cms_user_storage_i.e

@@ -104,6 +104,12 @@ feature -- Change: user
 		deferred
 		end
 
+	new_user_from_temporal_user (a_user: CMS_USER)
+		require
+			no_id: not a_user.has_id
+		deferred
+		end
+
 	update_user (a_user: CMS_USER)
 			-- Save user `a_user'.
 		require
@@ -234,6 +240,6 @@ feature -- Change: User password recovery
 		end
 
 note
-	copyright: "2011-2015, Jocelyn Fiat, Javier Velilla, Eiffel Software and others"
+	copyright: "2011-2016, Jocelyn Fiat, Javier Velilla, Eiffel Software and others"
 	license: "Eiffel Forum License v2 (see http://www.eiffel.com/licensing/forum.txt)"
 end

src/persistence/user/cms_user_storage_null.e

@@ -65,6 +65,11 @@ feature -- Change: user
 			a_user.set_id (1)
 		end
 
+	new_user_from_temporal_user (a_user: CMS_USER)
+		do
+			a_user.set_id (1)
+		end
+		
 	update_user (a_user: CMS_USER)
 			-- Update user `a_user'.
 		do
@@ -149,6 +154,6 @@ feature -- Change: User password recovery
 		end
 
 note
-	copyright: "2011-2015, Jocelyn Fiat, Javier Velilla, Eiffel Software and others"
+	copyright: "2011-2016, Jocelyn Fiat, Javier Velilla, Eiffel Software and others"
 	license: "Eiffel Forum License v2 (see http://www.eiffel.com/licensing/forum.txt)"
 end

src/persistence/user/cms_user_storage_sql_i.e

@@ -198,6 +198,45 @@ feature -- Access: user
 		end
 feature -- Change: user
 
+	new_user_from_temporal_user (a_user: CMS_USER)
+			-- Add a new user `a_user'.
+		local
+			l_parameters: STRING_TABLE [detachable ANY]
+		do
+			error_handler.reset
+			if
+				attached a_user.hashed_password as l_password_hash and then
+				attached a_user.email as l_email and then
+				attached a_user.salt as l_password_salt
+			then
+				sql_begin_transaction
+
+				write_information_log (generator + ".new_user")
+				create l_parameters.make (4)
+				l_parameters.put (a_user.name, "name")
+				l_parameters.put (l_password_hash, "password")
+				l_parameters.put (l_password_salt, "salt")
+				l_parameters.put (l_email, "email")
+				l_parameters.put (create {DATE_TIME}.make_now_utc, "created")
+				l_parameters.put (a_user.status, "status")
+
+				sql_insert (sql_insert_user, l_parameters)
+				if not error_handler.has_error then
+					a_user.set_id (last_inserted_user_id)
+					update_user_roles (a_user)
+				end
+				if not error_handler.has_error then
+					sql_commit_transaction
+				else
+					sql_rollback_transaction
+				end
+				sql_finalize
+			else
+				-- set error
+				error_handler.add_custom_error (-1, "bad request" , "Missing password or email")
+			end
+		end
+
 	new_user (a_user: CMS_USER)
 			-- Add a new user `a_user'.
 		local
@@ -1010,6 +1049,6 @@ feature {NONE} -- User Password Recovery
 			-- Retrieve user by password token if exist.
 
 note
-	copyright: "2011-2015, Jocelyn Fiat, Javier Velilla, Eiffel Software and others"
+	copyright: "2011-2016, Jocelyn Fiat, Javier Velilla, Eiffel Software and others"
 	license: "Eiffel Forum License v2 (see http://www.eiffel.com/licensing/forum.txt)"
 end

src/service/user/cms_user_api.e

@@ -251,7 +251,26 @@ feature -- Change User
 		do
 			reset_error
 			if
-				attached a_user.password as l_password and then
+				attached a_user.email as l_email
+			then
+				storage.new_user (a_user)
+				error_handler.append (storage.error_handler)
+			else
+				error_handler.add_custom_error (0, "bad new user request", "Missing password or email to create new user!")
+			end
+		end
+
+	new_user_from_temporal_user (a_user: CMS_USER)
+			-- Add a new user `a_user'.
+		require
+			no_id: not a_user.has_id
+			has_hashed_password: a_user.hashed_password /= Void
+			has_sal: a_user.salt /= Void
+		do
+			reset_error
+			if
+				attached a_user.hashed_password as l_password and then
+				attached a_user.salt as l_salt and then
 				attached a_user.email as l_email
 			then
 				storage.new_user (a_user)
@@ -321,6 +340,6 @@ feature -- User status
 			-- The user is trashed (soft delete), ready to be deleted/destroyed from storage.
 
 note
-	copyright: "2011-2015, Jocelyn Fiat, Javier Velilla, Eiffel Software and others"
+	copyright: "2011-2016, Jocelyn Fiat, Javier Velilla, Eiffel Software and others"
 	license: "Eiffel Forum License v2 (see http://www.eiffel.com/licensing/forum.txt)"
 end