![]() ![]() | ![]() |
Fixed firsturl bug with special character &
1: # The LearningOnline Network 2: # User Authentication Module 3: # 5/21/99,5/22,5/25,5/26,5/27,5/29,6/2,6/11,6/14,6/15 4: # 16/11,12/16, 5: # 1/14,2/24,2/28,2/29,3/7,5/29,5/30,5/31,6/1,6/5,6/29, 6: # 7/1 Gerd Kortemeyer 7: 8: package Apache::lonauth; 9: 10: use Apache::Constants qw(:common); 11: use Apache::File; 12: use CGI qw(:standard); 13: use CGI::Cookie(); 14: use Crypt::DES; 15: use Apache::lonnet(); 16: 17: # ------------------------------------------------------------ Successful login 18: 19: sub success { 20: my ($r, $username, $domain, $authhost,$lowerurl) = @_; 21: my $lonids=$r->dir_config('lonIDsDir'); 22: 23: # See if old ID present, if so, remove 24: my $cookie; 25: while ($cookie=<$lonids/$username\_*\_$domain\_$authhost.id>) { 26: unlink($cookie); 27: } 28: 29: # Give them a new cookie 30: 31: my $now=time; 32: $cookie="$username\_$now\_$domain\_$authhost"; 33: 34: # Initialize roles 35: 36: my $userroles=Apache::lonnet::rolesinit($domain,$username,$authhost); 37: 38: # ------------------------------------ Check browser type and MathML capability 39: 40: my @browsertype=split(/\&/,$r->dir_config("lonBrowsDet")); 41: my %mathcap=split(/\&/,$r->dir_config("lonMathML")); 42: my $httpbrowser=$ENV{"HTTP_USER_AGENT"}; 43: my $i; 44: my $clientbrowser='unknown'; 45: my $clientversion='0'; 46: my $clientmathml=''; 47: for ($i=0;$i<=$#browsertype;$i++) { 48: my ($bname,$match,$notmatch,$vreg,$minv)=split(/\:/,$browsertype[$i]); 49: if (($httpbrowser=~/$match/i) && ($httpbrowser!~/$notmatch/i)) { 50: $clientbrowser=$bname; 51: $httpbrowser=~/$vreg/i; 52: $clientversion=$1; 53: $clientmathml=($clientversion>=$minv); 54: } 55: } 56: my $clientos='unknown'; 57: if (($httpbrowser=~/linux/i) || 58: ($httpbrowser=~/unix/i) || 59: ($httpbrowser=~/ux/i) || 60: ($httpbrowser=~/solaris/i)) { $clientos='unix'; } 61: if (($httpbrowser=~/vax/i) || 62: ($httpbrowser=~/vms/i)) { $clientos='vms'; } 63: if ($httpbrowser=~/next/i) { $clientos='next'; } 64: if (($httpbrowser=~/mac/i) || 65: ($httpbrowser=~/powerpc/i)) { $clientos='mac'; } 66: if ($httpbrowser=~/win/) { $clientos='win'; } 67: 68: # --------------------------------------------------------- Write first profile 69: 70: { 71: my $idf=Apache::File->new(">$lonids/$cookie.id"); 72: print $idf "user.name=$username\n"; 73: print $idf "user.domain=$domain\n"; 74: print $idf "user.home=$authhost\n"; 75: print $idf "browser.type=$clientbrowser\n"; 76: print $idf "browser.version=$clientversion\n"; 77: print $idf "browser.mathml=$clientmathml\n"; 78: print $idf "browser.os=$clientos\n"; 79: if ($userroles ne '') { print $idf "$userroles" }; 80: } 81: # -------------------------------------------------------------------- Log this 82: 83: &Apache::lonnet::log($domain,$username,$authhost, 84: "Login $ENV{'REMOTE_ADDR'}"); 85: 86: # ------------------------------------------------------------ Get cookie ready 87: 88: $cookie="lonID=$cookie; path=/"; 89: 90: # ------------------------------------------------- Output for successful login 91: 92: $r->send_cgi_header(<<ENDHEADER); 93: Content-type: text/html 94: Set-cookie: $cookie 95: 96: ENDHEADER 97: $r->print(<<ENDSUCCESS); 98: <html> 99: <head> 100: <title>Successful Login to the LearningOnline Network with CAPA</title> 101: <meta HTTP-EQUIV="Refresh" CONTENT="1; url=$lowerurl"> 102: </head> 103: <body bgcolor="#FFFFFF"> 104: <script> 105: menu=window.open("/res/adm/pages/menu.html","LONCAPAmenu", 106: "height=350,width=150,scrollbars=no,menubar=no"); 107: </script> 108: <h1>Welcome!</h1> 109: </body> 110: </html> 111: ENDSUCCESS 112: } 113: 114: # --------------------------------------------------------------- Failed login! 115: 116: sub failed { 117: my ($r,$message) = @_; 118: $r->send_cgi_header(<<ENDFHEADER); 119: Content-type: text/html 120: 121: ENDFHEADER 122: $r->print(<<ENDFAILED); 123: <html> 124: <head> 125: <title>Unsuccessful Login to the LearningOnline Network with CAPA</title> 126: </head> 127: <html> 128: <body bgcolor="#FFFFFF"> 129: <h1>Sorry ...</h1> 130: <h2>$message to use the Learning<i>Online</i> Network with CAPA</h2> 131: </body> 132: </html> 133: ENDFAILED 134: } 135: 136: # ---------------------------------------------------------------- Main handler 137: 138: sub handler { 139: my $r = shift; 140: 141: my $buffer; 142: $r->read($buffer,$r->header_in('Content-length')); 143: my @pairs=split(/&/,$buffer); 144: my $pair; my $name; my $value; my %FORM; 145: foreach $pair (@pairs) { 146: ($name,$value) = split(/=/,$pair); 147: $value =~ tr/+/ /; 148: $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C",hex($1))/eg; 149: $FORM{$name}=$value; 150: } 151: 152: if ((!$FORM{'uname'}) || (!$FORM{'upass'}) || (!$FORM{'udom'})) { 153: failed($r,'Username, password and domain need to be specified'); 154: return OK; 155: } 156: $FORM{'uname'} =~ s/\W//g; 157: $FORM{'udom'} =~ s/\W//g; 158: 159: my $role = $r->dir_config('lonRole'); 160: my $domain = $r->dir_config('lonDefDomain'); 161: my $prodir = $r->dir_config('lonUsersDir'); 162: 163: # ---------------------------------------- Get the information from login token 164: 165: my $tmpinfo=Apache::lonnet::reply('tmpget:'.$FORM{'logtoken'}, 166: $FORM{'serverid'}); 167: 168: if (($tmpinfo=~/^error/) || ($tmpinfo eq 'con_lost')) { 169: failed($r,'Login token missing, inaccessible or expired'); 170: return OK; 171: } 172: 173: my ($key,$firsturl)=split(/&/,$tmpinfo); 174: 175: my $keybin=pack("H16",$key); 176: 177: my $cipher=new DES $keybin; 178: 179: my $upass=$cipher->decrypt( 180: unpack("a8",pack("H16",substr($FORM{'upass'},0,16)))); 181: 182: $upass.=$cipher->decrypt( 183: unpack("a8",pack("H16",substr($FORM{'upass'},16,16)))); 184: 185: $upass=substr($upass,1,ord(substr($upass,0,1))); 186: 187: # ---------------------------------------------------------------- Authenticate 188: my $authhost=Apache::lonnet::authenticate($FORM{'uname'}, 189: $upass, 190: $FORM{'udom'}); 191: 192: # --------------------------------------------------------------------- Failed? 193: 194: if ($authhost eq 'no_host') { 195: failed($r,'Username and/or password could not be authenticated'); 196: return OK; 197: } 198: 199: if ($firsturl eq '') { 200: $firsturl='/res/adm/pages/index.html'; 201: } 202: 203: success($r,$FORM{'uname'},$FORM{'udom'},$authhost,$firsturl); 204: return OK; 205: } 206: 207: 1; 208: __END__ 209: 210: