Template updates ================ .. note:: The content of this page only applies to you if: * You are using a custom LemonLDAP::NG theme * AND you modified some of LemonLDAP::NG's base templates (``login.tpl``, etc.). Note that templates whose name start with ``custom`` (``customfooter.tpl``, etc.) do NOT count. In other words, you can safely ignore this entire page if: * You only changed the logo or background * OR you created a custom theme and the only templates you modified are the ones that start with ``custom`` (``customfooter.tpl``, etc.) 2.21.0 ------ Floating category menu ^^^^^^^^^^^^^^^^^^^^^^ You can now display an applications category as a floating menu by setting a category name in ``General Parameters`` > ``Portal`` > ``Customization`` > ``Floating category name``. Apply the following patches to ``menu.tpl``, ``footer.tpl`` and ``script.tpl`` to use this new feature: .. code-block:: diff --- a/lemonldap-ng-portal/site/templates/bootstrap/menu.tpl +++ b/lemonldap-ng-portal/site/templates/bootstrap/menu.tpl @@ -129,7 +129,7 @@ -
card border-secondary" id="sort_"> +
card border-secondary" name="" id="sort_" >

--- a/lemonldap-ng-portal/site/templates/bootstrap/footer.tpl +++ b/lemonldap-ng-portal/site/templates/bootstrap/footer.tpl @@ -1,10 +1,12 @@
- - - + + + + +
--- a/lemonldap-ng-portal/site/templates/bootstrap/webauthn2fregister.tpl +++ b/lemonldap-ng-portal/site/templates/bootstrap/webauthn2fregister.tpl @@ -43,12 +43,4 @@ Go to portal
- - - - - Also update `2fregisters.tpl` to that resident credentials are properly show to the user: .. code-block:: diff --- a/lemonldap-ng-portal/site/templates/bootstrap/2fregisters.tpl +++ b/lemonldap-ng-portal/site/templates/bootstrap/2fregisters.tpl @@ -33,6 +33,11 @@ + + + + + TOTP check ^^^^^^^^^^ To avoid the TOTP code been submitted twice, add `btn-single-submit` class to TOTP check submit in `totp2fcheck.tpl`: .. code-block:: diff --- a/lemonldap-ng-portal/site/templates/bootstrap/totp2fcheck.tpl +++ b/lemonldap-ng-portal/site/templates/bootstrap/totp2fcheck.tpl @@ -24,7 +24,7 @@
- Vulnerability in templates ^^^^^^^^^^^^^^^^^^^^^^^^^^ In order to fix a vulnerability in templates, apply the following patch: .. code-block:: diff --- a/lemonldap-ng-portal/site/templates/bootstrap/checkuser.tpl +++ b/lemonldap-ng-portal/site/templates/bootstrap/checkuser.tpl @@ -11,7 +11,7 @@
- " trplaceholder="user" aria-required="true"/> + " trplaceholder="user" aria-required="true"/>
--- a/lemonldap-ng-portal/site/templates/bootstrap/globallogout.tpl +++ b/lemonldap-ng-portal/site/templates/bootstrap/globallogout.tpl @@ -6,7 +6,7 @@
-
ACTIVE SSO SESSIONS:
+
ACTIVE SSO SESSIONS:
--- a/lemonldap-ng-portal/site/templates/bootstrap/gpgform.tpl +++ b/lemonldap-ng-portal/site/templates/bootstrap/gpgform.tpl @@ -5,7 +5,7 @@
- " trplaceholder="mail" required aria-required="true" /> + " trplaceholder="mail" required aria-required="true" />
--- a/lemonldap-ng-portal/site/templates/bootstrap/password.tpl +++ b/lemonldap-ng-portal/site/templates/bootstrap/password.tpl @@ -17,11 +17,11 @@
- +
- +
Multiple changes to login form ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ In order to implement WebAuthn changes, fix the template vulnerability, and improve focus management, update ``standardform.tpl``: .. code-block:: diff --- a/lemonldap-ng-portal/site/templates/bootstrap/standardform.tpl +++ b/lemonldap-ng-portal/site/templates/bootstrap/standardform.tpl @@ -10,21 +10,23 @@
- " trplaceholder="login" required aria-required="true"/> + " + trplaceholder="login" required aria-required="true" autocomplete="webauthn" autofocus />
- + autofocus />
- + autofocus />
2.19.0 ------ TOTP registration ^^^^^^^^^^^^^^^^^ The TOTP registration now offers a ``otpauth://`` url that can automatically open your TOTP application when viewed on mobile. Apply the following patch to ``totp2fregister.tpl`` to use this new feature: .. code-block:: diff --- a/lemonldap-ng-portal/site/templates/bootstrap/totp2fregister.tpl +++ b/lemonldap-ng-portal/site/templates/bootstrap/totp2fregister.tpl @@ -11,8 +11,8 @@

- - +

+

Second factor retry ^^^^^^^^^^^^^^^^^^^ It is recommended to apply the following patch to your custom templates so that users will have a more friendly error message when retrying their 2FA: .. code-block:: diff --- a/lemonldap-ng-portal/site/templates/bootstrap/ext2fcheck.tpl +++ b/lemonldap-ng-portal/site/templates/bootstrap/ext2fcheck.tpl @@ -2,7 +2,11 @@
+ +
alert" role="">">
+
enterExt2fCode">
+
--- a/lemonldap-ng-portal/site/templates/bootstrap/password2fcheck.tpl +++ b/lemonldap-ng-portal/site/templates/bootstrap/password2fcheck.tpl @@ -2,7 +2,11 @@
+ +
alert" role="">">
+
Enter your password
+
--- a/lemonldap-ng-portal/site/templates/bootstrap/totp2fcheck.tpl +++ b/lemonldap-ng-portal/site/templates/bootstrap/totp2fcheck.tpl @@ -2,7 +2,11 @@
+ +
alert" role="">">
+
+
--- a/lemonldap-ng-portal/site/templates/bootstrap/webauthn2fcheck.tpl +++ b/lemonldap-ng-portal/site/templates/bootstrap/webauthn2fcheck.tpl @@ -3,7 +3,7 @@
-
alert">">
+
alert" role="">">
2.18.0 ------ Password policy display ^^^^^^^^^^^^^^^^^^^^^^^ It is recommended to replace your custom theme's ``passwordpolicy.tpl`` by the one that is provided in the ``bootstrap`` theme. If you use the :doc:`Have I Been Pwned ` plugin, this is a required change because the modifications in 2.18 will break this particular plugin. If you are using the default templates from the ``bootstrap`` theme, you don't need to change anything. Email templates ^^^^^^^^^^^^^^^ To avoid email sent by LL::NG being flagged as spam, we remove inline images in HTML content. You can add them back by customising the email templates and eithier use inline images (cid) or links to external resources. Note that we now send a plain text version of the mail attached to the HTML email. 2.17.0 ------ Font Awesome application icons ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ It is now possible to use Font Awesome icons in the application menu. If you modified the default ``menu.tpl`` template, you need to update it: .. code-block:: diff --- a/lemonldap-ng-portal/site/templates/bootstrap/menu.tpl +++ b/lemonldap-ng-portal/site/templates/bootstrap/menu.tpl @@ -146,9 +146,13 @@
+ + + common/apps/" class="applogo img-fluid" alt="" /> +
If you are using the default templates from the ``bootstrap`` theme, you don't need to change anything. Password policy ^^^^^^^^^^^^^^^ It is recommended to update your theme's ``passwordpolicy.tpl`` to correctly display special characters in password policies: .. code-block:: diff --- a/lemonldap-ng-portal/site/templates/bootstrap/passwordpolicy.tpl +++ b/lemonldap-ng-portal/site/templates/bootstrap/passwordpolicy.tpl @@ -34,7 +34,7 @@
  • - Allowed special characters: + Allowed special characters:
    • If you are using the default templates from the ``bootstrap`` theme, you don't need to change anything. 2.0.16 ------ Changes in templates ^^^^^^^^^^^^^^^^^^^^ The default ``skin.min.js`` file has been updated in this release, be sure to copy ``skin.min.js`` from ``bootstrap`` into your custom theme. Due to some internal changes in the way registrable second factors are handled, it is recommended to update your custom `2fregisters.tpl` .. code-block:: diff @@ -32,7 +32,14 @@
    - + Unregister To fix behavior of checkbox "generate my password" in password reset screen, update your custom `mail.tpl` (see `commit `__) To have the new tooltip feature on IDP choice screen, update your custom `idpchoice.tpl` (see `commit `__) For the message box in menu when no applications are allowed, update your custom `menu.tpl` (see `commit `__) For the new password policy balcklist feature, update your custom `passwordpolicy.tpl` (see `commit `__) New template files that should be linked or copied in your custom theme: * `generic2fregister.tpl` * `password2fcheck.tpl` * `password2fregister.tpl` If you are using the default templates from the ``bootstrap`` theme, you don't need to change anything. 2.0.15 ------ Re-send 2FA code ^^^^^^^^^^^^^^^^ The :doc:`mail `, :doc:`external ` and :doc:`REST ` based 2FA types can now re-send the user code if delivery failed for some reason. If you use custom templates, you must update ``ext2fcheck.tpl`` .. code-block:: diff --- a/lemonldap-ng-portal/site/templates/bootstrap/ext2fcheck.tpl +++ b/lemonldap-ng-portal/site/templates/bootstrap/ext2fcheck.tpl @@ -26,6 +26,12 @@
    + + + ?cancel=1&skin=" class="btn btn-primary" role="button"> Cancel If you are using the default templates from the ``bootstrap`` theme, you don't need to change anything. Customizing the 2FA logo in the registration screen ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ The 2FA registration screen now displays the custom logo and label set in configuration. If you use custom templates, you should update ``2fregisters.tpl`` .. code-block:: diff @@ -77,10 +77,16 @@
    " class="nodecor"> - /" alt="2F" title="2F" /> + /" alt="2f" title="" />
    -
    2F
    +
    + +

    + +

    2f">

    +     +
    If you are using the default templates from the ``bootstrap`` theme, you don't need to change anything. Remember authentication choice ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ A :doc:`new plugin` can be enabled to display a checkbox in :doc:`authentication choice` module to allow users remembering their choice, which will automatically redirect them to the selected choice the next time they connect to the portal. If you use custom templates, you should update ``login.tpl`` .. code-block:: diff --- a/lemonldap-ng-portal/site/templates/bootstrap/login.tpl +++ b/lemonldap-ng-portal/site/templates/bootstrap/login.tpl @@ -66,6 +66,12 @@ + + + + true" /> + +     @@ -92,6 +98,11 @@ + + + true" /> + + @@ -104,6 +115,34 @@ + +
    + + +
    +
    + checked /> + "> +
    +

    + +

    +
    + + +
    +

    + + +

    + +
    + +
    +
    +
    +     + Copy also ``styles.min.css`` and ``skin.min.js`` from ``bootstrap`` into your custom theme. If you are using the default templates from the ``bootstrap`` theme, you don't need to change anything. 2.0.14 ------ If you defined the "Register page URL" or the password "Reset page URL" to an external application, you need to fix the ``standardform.tpl`` template by applying the following patch: .. code-block:: diff --- a/lemonldap-ng-portal/site/templates/bootstrap/standardform.tpl +++ b/lemonldap-ng-portal/site/templates/bootstrap/standardform.tpl @@ -48,14 +48,14 @@
    - ?skin=&=&url="> + ?skin=&=&url="> Reset my password - ?skin=&=&url="> + ?skin=&=&url="> Reset my certificate @@ -69,7 +69,7 @@ - ?skin=&=&url="> + ?skin=&=&url="> Create an account 2.0.13 ------ Some ``autocomplete`` attributes have been added to improve accessibility in the following files: ``checkdevops.tpl``, ``checkuser.tpl``, ``register.tpl``, ``ext2fcheck.tpl``, ``totp2fcheck.tpl``. 2.0.12 ------ Email templates ^^^^^^^^^^^^^^^ If you customized the HTML email templates, you must update them to use HTML::Template variables (this was changed to fix XSS injections). In the following files: ``mail_2fcode.tpl`` ``mail_certificateReset.tpl`` ``mail_footer.tpl`` ``mail_password.tpl`` ``mail_register_done.tpl`` ``mail_certificateConfirm.tpl`` ``mail_confirm.tpl`` ``mail_header.tpl`` ``mail_register_confirm.tpl`` Replace the following variables: .. list-table:: :header-rows: 1 * - Old syntax - New syntax * - ``$code`` - ```` * - ``$url`` - ```` * - ``$login`` - ```` * - ``$password`` - ```` * - ``$firstname`` - ```` * - ``$lastname`` - ```` Replace all other variables such as ``$cn`` by ````. Login form ^^^^^^^^^^ To benefit from the new feature allowing to show password on login form, adapt ``standardform.tpl`` (see `changes `__) To disable password store in browser when changing password (this was already possible for login form), adapt ``password.tpl`` (see `changes `__) To fix placeholder display in password field when password store is disabled in browser, adapt ``password.tpl`` (see `changes `__) Simplification of TOTP options ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ In ``totp2fregister.tpl`` template: * Move ``#divToHide`` from the ``.col-md-6`` div to the ``.card`` div * Change:: 
    

* to::

  
    

* Remove the ``#changekey`` button

FindUser, CheckDevOps templates
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

Some changes have been made to include new plugins (FindUser and CheckDevOps), you need to report them only if you have a custom theme and you want to use these plugins


2.0.11
------

If you created your own skin and modified some template files, you may need to update them.
No change is required if you are using the default ``bootstrap`` theme.

A new plugin has been introduced, in beta version: :doc:`FindUser `. It requires a modification of ``login.tpl`` to include ``finduser.tpl``.


2.0.10
------

2FA manager
^^^^^^^^^^^

If you use a custom theme, even if you did not modify ``2fregisters.tpl``, you need to copy ``skin.min.js`` from the ``htdocs/static/bootstrap/js`` folder to your custom theme's ``js`` folder.

If you modified ``2fregisters.tpl`` you need to add the ``remove2f`` class to the button that triggers second factor removal:

.. code-block:: diff

   - 
   + 

Or, better yet, integrate the changes in ``2fregisters.tpl`` into your custom theme to benefit from the `new 2F removal confirmation dialog `__

Checkboxes
^^^^^^^^^^

A CSS change has been done in ``styles.css`` to avoid checkbox labels overflow. See `issue 2301 `__.

The ``form-check-input`` class is missing in ``register.tpl`` and ``notifinclude.tpl``. See `issue 2374 `__.

Password checker
^^^^^^^^^^^^^^^^

Input id values have been modified in ``mail.tpl`` to work with password checker. See `issue 2355 `__.

Tables caption
^^^^^^^^^^^^^^

Tables captions have been added in ``sessionArray.tpl``. See `issue 2356 `__.

Stay connected
^^^^^^^^^^^^^^

A small change is required in ``checklogins.tpl`` for `issue 2365 `__.

Other changes needed in ``2fchoice.tpl``, ``ext2check.tpl`` and ``totp2fcheck.tpl`` for `issue 2366 `__.

Mails
^^^^^

The HTML ``alt`` attribute has been added on ``img`` in all ``mail_*.tpl``. See `issue 2422 `__.