Diff for /loncom/auth/lonauth.pm between versions 1.66 and 1.74

version 1.66, 2005/04/07 06:56:21 version 1.74, 2006/04/05 22:39:55
Line 40  use Apache::lonnet; Line 40  use Apache::lonnet;
 use Apache::lonmenu();  use Apache::lonmenu();
 use Fcntl qw(:flock);  use Fcntl qw(:flock);
 use Apache::lonlocal;  use Apache::lonlocal;
   use POSIX qw(strftime);
   
 my %FORM;  my %FORM;
   
Line 49  sub success { Line 50  sub success {
     my ($r, $username, $domain, $authhost,$lowerurl) = @_;      my ($r, $username, $domain, $authhost,$lowerurl) = @_;
     my $lonids=$r->dir_config('lonIDsDir');      my $lonids=$r->dir_config('lonIDsDir');
   
       my $public=($username eq 'public' && $domain eq 'public');
   
 # See if old ID present, if so, remove  # See if old ID present, if so, remove
   
     my $filename;      my ($filename,$cookie,$userroles);
     opendir(DIR,$lonids);      my $now=time;
     while ($filename=readdir(DIR)) {  
        if ($filename=~/^$username\_\d+\_$domain\_$authhost\.id$/) {  
   unlink($lonids.'/'.$filename);  
        }  
     }  
     closedir(DIR);  
   
 # Give them a new cookie      if ($public) {
    my $max_public=100;
    my $oldest;
    my $oldest_time=0;
    for(my $next=1;$next<=$max_public;$next++) {
       if (-e $lonids."/publicuser_$next.id") {
    my $mtime=(stat($lonids."/publicuser_$next.id"))[9];
    if ($mtime<$oldest_time || !$oldest_time) {
       $oldest_time=$mtime;
       $oldest=$next;
    }
       } else {
    $cookie="publicuser_$next";
    last;
       }
    }
    if (!$cookie) { $cookie="publicuser_$oldest"; }
       } else {
    opendir(DIR,$lonids);
    while ($filename=readdir(DIR)) {
       if ($filename=~/^$username\_\d+\_$domain\_$authhost\.id$/) {
    unlink($lonids.'/'.$filename);
       }
    }
    closedir(DIR);
   
     my $cookie;  # Give them a new cookie
     my $now=time;  
     $cookie="$username\_$now\_$domain\_$authhost";  
   
    $cookie="$username\_$now\_$domain\_$authhost";
       
 # Initialize roles  # Initialize roles
   
     my $userroles=Apache::lonnet::rolesinit($domain,$username,$authhost);   $userroles=Apache::lonnet::rolesinit($domain,$username,$authhost);
       }
 # ------------------------------------ Check browser type and MathML capability  # ------------------------------------ Check browser type and MathML capability
   
     my ($httpbrowser,$clientbrowser,$clientversion,$clientmathml,      my ($httpbrowser,$clientbrowser,$clientversion,$clientmathml,
Line 93  sub success { Line 114  sub success {
     my %userenv=Apache::lonnet::dump('environment',$domain,$username);      my %userenv=Apache::lonnet::dump('environment',$domain,$username);
     my ($tmp) = keys(%userenv);      my ($tmp) = keys(%userenv);
     if ($tmp !~ /^(con_lost|error|no_such_host)/i) {      if ($tmp !~ /^(con_lost|error|no_such_host)/i) {
    # default remote control to off
    if ($userenv{'remote'} ne 'on') { $userenv{'remote'} = 'off'; }
  foreach my $key (keys(%userenv)) {   foreach my $key (keys(%userenv)) {
     $userenv.="environment.$key=$userenv{$key}\n";      $userenv.="environment.$key=$userenv{$key}\n";
  }   }
Line 132  sub success { Line 155  sub success {
            print $idf "browser.localpath=$FORM{'localpath'}\n";             print $idf "browser.localpath=$FORM{'localpath'}\n";
            print $idf "browser.localres=$FORM{'localres'}\n";             print $idf "browser.localres=$FORM{'localres'}\n";
         }          }
           print $idf "server.domain=".$r->dir_config('lonDefDomain')."\n";
           my $timezone=POSIX::strftime("%Z",localtime(time));
           print $idf "server.timezone=$timezone\n";
  print $idf "request.course.fn=\n";   print $idf "request.course.fn=\n";
  print $idf "request.course.uri=\n";   print $idf "request.course.uri=\n";
  print $idf "request.course.sec=\n";   print $idf "request.course.sec=\n";
  print $idf "request.role=cm\n";   print $idf "request.role=cm\n";
         print $idf "request.role.adv=$env{'user.adv'}\n";          print $idf "request.role.adv=$env{'user.adv'}\n";
  print $idf "request.host=$ENV{'REMOTE_ADDR'}\n";   print $idf "request.host=$ENV{'REMOTE_ADDR'}\n";
    if ($public) {
       print $idf "environment.remote=off\n";
    }
  if ($FORM{'interface'}) {   if ($FORM{'interface'}) {
     $FORM{'interface'}=~s/\W//gs;      $FORM{'interface'}=~s/\W//gs;
     print $idf "browser.interface=$FORM{'interface'}\n";      print $idf "browser.interface=$FORM{'interface'}\n";
Line 172  sub success { Line 201  sub success {
   
 # ------------------------------------------------------------ Get cookie ready  # ------------------------------------------------------------ Get cookie ready
   
       if ($public or $lowerurl eq 'noredirect') { return $cookie; }
   
     $cookie="lonID=$cookie; path=/";      $cookie="lonID=$cookie; path=/";
 # -------------------------------------------------------- Menu script and info  # -------------------------------------------------------- Menu script and info
     my $windowinfo=&Apache::lonmenu::open($clientos);      my $windowinfo=&Apache::lonmenu::open($clientos);
Line 179  sub success { Line 210  sub success {
     my $remoteinfo=&Apache::lonmenu::load_remote_msg($lowerurl);      my $remoteinfo=&Apache::lonmenu::load_remote_msg($lowerurl);
     my $setflags=&Apache::lonmenu::setflags();      my $setflags=&Apache::lonmenu::setflags();
     my $maincall=&Apache::lonmenu::maincall();      my $maincall=&Apache::lonmenu::maincall();
     my $bodytag=&Apache::loncommon::bodytag('Successful Login');      my $start_page=&Apache::loncommon::start_page('Successful Login',
     my $add=&addcontent();    $startupremote);
       my $end_page  =&Apache::loncommon::end_page();
   
     my $continuelink;      my $continuelink;
     if (($env{'browser.interface'} eq 'textual') ||      if (($env{'browser.interface'} eq 'textual') ||
         ($env{'environment.remote'} eq 'off')) {          ($env{'environment.remote'} eq 'off')) {
Line 188  sub success { Line 221  sub success {
     }      }
 # ------------------------------------------------- Output for successful login  # ------------------------------------------------- Output for successful login
   
     $r->send_cgi_header(<<ENDHEADER);      &Apache::loncommon::content_type($r,'text/html');
 Content-type: text/html$add      $r->header_out('Set-cookie' => $cookie);
 Set-cookie: $cookie      $r->send_http_header;
   
 ENDHEADER  
     my %lt=&Apache::lonlocal::texthash(      my %lt=&Apache::lonlocal::texthash(
        'wel' => 'Welcome',         'wel' => 'Welcome',
        'mes' => 'Welcome to the Learning<i>Online</i> Network with CAPA. Please wait while your session is being set up',         'mes' => 'Welcome to the Learning<i>Online</i> Network with CAPA. Please wait while your session is being set up',
Line 200  ENDHEADER Line 232  ENDHEADER
        'log' => 'loginproblems.html',         'log' => 'loginproblems.html',
        );         );
     $r->print(<<ENDSUCCESS);      $r->print(<<ENDSUCCESS);
 <html>  $start_page
 <head>  
 <title>Successful Login to the LearningOnline Network with CAPA</title>  
 $startupremote  
 </head>  
 $bodytag  
 $setflags  $setflags
 $windowinfo  $windowinfo
 <h1>$lt{'wel'}</h1>  <h1>$lt{'wel'}</h1>
Line 214  $lt{'mes'}.<p> Line 241  $lt{'mes'}.<p>
 $remoteinfo  $remoteinfo
 $maincall  $maincall
 $continuelink  $continuelink
 </body>  $end_page
 </html>  
 ENDSUCCESS  ENDSUCCESS
 }  }
   
Line 223  ENDSUCCESS Line 249  ENDSUCCESS
   
 sub failed {  sub failed {
     my ($r,$message) = @_;      my ($r,$message) = @_;
     my $bodytag=&Apache::loncommon::bodytag('Unsuccessful Login');      my $start_page = &Apache::loncommon::start_page('Unsuccessful Login');
     my $add=&addcontent();      my $end_page   = &Apache::loncommon::end_page();
     $r->send_cgi_header(<<ENDFHEADER);  
 Content-type: text/html$add      my %lt=('sorry'  => &mt('Sorry ...'),
       'please' => 
       &mt('Please [_1]log in again[_2].',
    "<a href=\"/adm/login?username=$FORM{'uname'}&domain=$FORM{'udom'}\">",
    '</a>'),
       'problemspage' => &mt('loginproblems.html'),
       'problems'     => 'Problems',
       );
       &Apache::loncommon::content_type($r,'text/html');
       $r->send_http_header;
   
 ENDFHEADER  
     $r->print(<<ENDFAILED);      $r->print(<<ENDFAILED);
 <html>  $start_page
 <head>  <h1>$lt{'sorry'}</h1>
 <title>Unsuccessful Login to the LearningOnline Network with CAPA</title>  
 </head>  
 $bodytag  
 <h1>Sorry ...</h1>  
 <p><b>$message</b></p>  <p><b>$message</b></p>
 <p>Please <a href="/adm/login?username=$FORM{'uname'}&domain=$FORM{'udom'}">log in again</a>.</p>  <p>$lt{'please'}</p>
 <p>  <p>
 <a href="/adm/loginproblems.html">Problems?</a></p>  <a href="/adm/$lt{'problemspage'}">$lt{'problems'}</a></p>
 </body>  $end_page
 </html>  
 ENDFAILED  ENDFAILED
 }  }
   
 # --------------------------------------------------------------------- Charset  
   
 sub addcontent {  
     my $encoding=&Apache::lonlocal::current_encoding;  
     if ($encoding) {  
  return '; charset='.$encoding;  
     } else {  
  return '';  
     }  
 }  
   
 # ------------------------------------------------------------------ Rerouting!  # ------------------------------------------------------------------ Rerouting!
   
 sub reroute {  sub reroute {
     my $r=shift;      my ($r) = @_;
     my $bodytag=&Apache::loncommon::bodytag('Rerouting');      &Apache::loncommon::content_type($r,'text/html');
     $r->send_cgi_header(<<ENDRFHEADER);      $r->send_http_header;
 Content-type: text/html      my $msg='<h1>Sorry ...</h1>
                Please <a href="/">log in again</a>.';
 ENDRFHEADER      &Apache::loncommon::simple_error_page($r,'Rerouting',$msg);
     $r->print(<<ENDRFAILED);  
 <html>  
 <head>  
 <title>Rerouting Login to the LearningOnline Network with CAPA</title>  
 </head>  
 $bodytag  
 <h1>Sorry ...</h1>  
 Please <a href="/">log in again</a>.  
 </body>  
 </html>  
 ENDRFAILED  
 }  }
   
 # ---------------------------------------------------------------- Main handler  # ---------------------------------------------------------------- Main handler
Line 301  sub handler { Line 308  sub handler {
         my $lonidsdir=$r->dir_config('lonIDsDir');          my $lonidsdir=$r->dir_config('lonIDsDir');
         if ((-e "$lonidsdir/$handle.id") && ($handle ne '')) {          if ((-e "$lonidsdir/$handle.id") && ($handle ne '')) {
 # Indeed, a valid token is found  # Indeed, a valid token is found
     $r->send_cgi_header(<<ENDFHEADER);      &Apache::loncommon::content_type($r,'text/html');
 Content-type: text/html      $r->send_http_header;
       my $start_page = 
 ENDFHEADER   &Apache::loncommon::start_page('Already logged in');
     my $bodytag=&Apache::loncommon::bodytag('Already logged in');      my $end_page = 
    &Apache::loncommon::end_page();
     $r->print(<<ENDFAILED);      $r->print(<<ENDFAILED);
 <html>  $start_page
 <head>  
 <title>Already logged in</title>  
 </head>  
 $bodytag  
 <h1>You are already logged in</h1>  <h1>You are already logged in</h1>
 <p>Please either <a href="/adm/roles">continue the current session</a> or  <p>Please either <a href="/adm/roles">continue the current session</a> or
 <a href="/adm/logout">logout</a>.</p>  <a href="/adm/logout">logout</a>.</p>
 <p>  <p>
 <a href="/adm/loginproblems.html">Problems?</a></p>  <a href="/adm/loginproblems.html">Problems?</a></p>
 </body>  $end_page
 </html>  
 ENDFAILED  ENDFAILED
            return OK;             return OK;
  }   }
Line 340  ENDFAILED Line 343  ENDFAILED
        $FORM{$name}=$value;         $FORM{$name}=$value;
     }       } 
   
     if ((!$FORM{'uname'}) || (!$FORM{'upass'}) || (!$FORM{'udom'})) {      if ((!$FORM{'uname'}) || (!$FORM{'upass0'}) || (!$FORM{'udom'})) {
  failed($r,'Username, password and domain need to be specified.');   failed($r,'Username, password and domain need to be specified.');
         return OK;          return OK;
     }      }
Line 381  ENDFAILED Line 384  ENDFAILED
     else {      else {
  $cipher=new DES $keybin;   $cipher=new DES $keybin;
     }      }
       my $upass='';
       for (my $i=0;$i<=2;$i++) {
    my $chunk=
       $cipher->decrypt(unpack("a8",pack("H16",substr($FORM{'upass'.$i},0,16))));
   
     my $upass=$cipher->decrypt(   $chunk.=
        unpack("a8",pack("H16",substr($FORM{'upass'},0,16))));      $cipher->decrypt(unpack("a8",pack("H16",substr($FORM{'upass'.$i},16,16))));
   
     $upass.=$cipher->decrypt(  
        unpack("a8",pack("H16",substr($FORM{'upass'},16,16))));  
   
     $upass=substr($upass,1,ord(substr($upass,0,1)));   $chunk=substr($chunk,1,ord(substr($chunk,0,1)));
    $upass.=$chunk;
       }
   
 # ---------------------------------------------------------------- Authenticate  # ---------------------------------------------------------------- Authenticate
     my $authhost=Apache::lonnet::authenticate($FORM{'uname'},      my $authhost=Apache::lonnet::authenticate($FORM{'uname'},

Removed from v.1.66  
changed lines
  Added in v.1.74


FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>