If the user starts typing right away, assume that the entry is
for a password and don't clear it when the secret request actually
comes. Then, if the user completes typing, we also stash the answer
and send it to GDM right away on the first PAM prompt.
https://bugzilla.gnome.org/show_bug.cgi?id=681576
The code here was trying to center the label, but that didn't
happen because we allocated the entire space to the label, which
still plonks it at the top.
Instead of showing a notification, add a small message immediately
below the entry, and give the user two more attempts to login,
before going back to the welcome or lock screen.
https://bugzilla.gnome.org/show_bug.cgi?id=682544
Ensure that all async callbacks check and ignore G_IO_ERROR_CANCELLED.
Ensure that all runs of authentication have their own GCancellable, so
that .begin() can be called multiple times on the same user verifier.
Check for fingerprint reader when beginning authentication, and not
when reset by GDM.
https://bugzilla.gnome.org/show_bug.cgi?id=682544
The fingerprint message is useful for users that click their
names in the user list to let them know if fingerprint login
is available.
This same place on screen (below the login entry) can potentially
be used for other messages as well.
This commit changes the variable and style names surrounding
this feature to be more generic.
A subsequent commit will leverage this functionality to provide
a hint on how to log in to the local enterprise domain controller
(if relevant).
https://bugzilla.gnome.org/show_bug.cgi?id=681975
The unlock dialog has a mechanism for manually typing in a username
and password. This mechanism is mislabeled:
Login as another user
when it should be labeled
Log in as another user
This commit adds the space.
Spotted by Stef Walter <stefw@gnome.org>
https://bugzilla.gnome.org/show_bug.cgi?id=681750
Now that GDM no longer emits auth failures after 25 seconds, we
need to handle inactivity ourselves.
This has also the advantage that it tracks real inactivity, rather
than a timeout from a fixed point in time.
https://bugzilla.gnome.org/show_bug.cgi?id=682041
GetUserVerifier can only be called from the greeter session,
and fails with AccessDenied in all other cases. Also, calling it
hides the real error from OpenReauthenticationChannel, which
instead should be logged.
https://bugzilla.gnome.org/show_bug.cgi?id=680750
The design calls for the curtain to appear in the gdm greeter too.
Implement this by having the screenshield manage the login dialog
(delegating its creation to SessionMode).
https://bugzilla.gnome.org/show_bug.cgi?id=619955
This separates the screen shield into two main screens. One is
the lock screen, and it is shown when coming back from idle status
and when failing authentication. The other is the actual unlock
dialog.
Moving from the first to the second is possible by pressing Escape
or by dragging an arrow on the bottom on the screen.
https://bugzilla.gnome.org/show_bug.cgi?id=619955
When the screenshield is deactivated, instead of going back to the
session immediately, prompt the user for authentication.
This essentially reinstates what used to be provided by gnome-screensaver.
https://bugzilla.gnome.org/show_bug.cgi?id=619955