register: Don't display field to enter password unless needed.

This should significantly improve the user experience for new users
signing up with GitHub/Google auth.  It comes complete with tests for
the various cases.  Further work may be needed for LDAP to not prompt
for a password, however.

Fixes #886.

templates/zerver/register.html

@@ -50,7 +50,7 @@ Form is validated both client-side using jquery-validate (see signup.js) and ser
                     {% endif %}
                 </div>
 
-                {% if password_auth_enabled %}
+                {% if password_required %}
                 <div class="input-box">
                     <input id="id_password" class="required" type="password" name="password"
                            value="{% if form.password.value() %}{{ form.password.value() }}{% endif %}"

zerver/tests/test_auth_backends.py

@@ -652,6 +652,9 @@ class GitHubAuthBackendTest(ZulipTestCase):
                     "key": confirmation_key}
             result = self.client_post('/accounts/register/', data)
             self.assert_in_response("You're almost there", result)
+            # Verify that the user is asked for name but not password
+            self.assert_not_in_success_response(['id_password'], result)
+            self.assert_in_success_response(['id_full_name'], result)
 
             result = self.client_post(
                 '/accounts/register/',
@@ -959,6 +962,10 @@ class GoogleSubdomainLoginTest(GoogleOAuthTest):
             result = self.client_post('/accounts/register/', data)
             self.assert_in_response("You're almost there", result)
 
+            # Verify that the user is asked for name but not password
+            self.assert_not_in_success_response(['id_password'], result)
+            self.assert_in_success_response(['id_full_name'], result)
+
     def test_log_into_subdomain_when_email_is_none(self):
         # type: () -> None
         data = {'name': None,
@@ -1050,6 +1057,10 @@ class GoogleSubdomainLoginTest(GoogleOAuthTest):
             result = self.client_post('/accounts/register/', data)
             self.assert_in_response("You're almost there", result)
 
+            # Verify that the user is asked for name but not password
+            self.assert_not_in_success_response(['id_password'], result)
+            self.assert_in_success_response(['id_full_name'], result)
+
             # Click confirm registration button.
             result = self.client_post(
                 '/accounts/register/',

zerver/tests/test_signup.py

@@ -1067,6 +1067,9 @@ class UserSignUpTest(ZulipTestCase):
         result = self.submit_reg_form_for_user(email, password, full_name="<invalid>")
         self.assert_in_success_response(["Invalid characters in name!"], result)
 
+        # Verify that the user is asked for name and password
+        self.assert_in_success_response(['id_password', 'id_full_name'], result)
+
     def test_signup_without_password(self):
         # type: () -> None
         """
@@ -1133,6 +1136,9 @@ class UserSignUpTest(ZulipTestCase):
              'from_confirmation': '1'})
         self.assert_in_success_response(["You're almost there."], result)
 
+        # Verify that the user is asked for name and password
+        self.assert_in_success_response(['id_password', 'id_full_name'], result)
+
     def test_signup_with_full_name(self):
         # type: () -> None
         """
@@ -1417,6 +1423,12 @@ class UserSignUpTest(ZulipTestCase):
                                              "newuser@zulip.com"],
                                             result)
 
+            # Verify that the user is asked for name
+            self.assert_in_success_response(['id_full_name'], result)
+            # TODO: Ideally, we wouldn't ask for a password if LDAP is
+            # enabled, in which case this assert should be invertedq.
+            self.assert_in_success_response(['id_password'], result)
+
             # Submitting the registration form with from_confirmation='1' sets
             # the value of request.session['authenticated_full_name'] from LDAP.
             result = self.submit_reg_form_for_user(email,

zerver/views/registration.py

@@ -260,6 +260,7 @@ def accounts_register(request):
                  # we have to set it here.
                  'creating_new_team': realm_creation,
                  'realms_have_subdomains': settings.REALMS_HAVE_SUBDOMAINS,
+                 'password_required': password_auth_enabled(realm) and password_required,
                  'password_auth_enabled': password_auth_enabled(realm),
                  'MAX_REALM_NAME_LENGTH': str(Realm.MAX_REALM_NAME_LENGTH),
                  'MAX_NAME_LENGTH': str(UserProfile.MAX_NAME_LENGTH),