# The LearningOnline Network
# Cookie Based Access Handler for Construction Area
# (lonacc: 5/21/99,5/22,5/29,5/31 Gerd Kortemeyer)
# 6/15 Gerd Kortemeyer
package Apache::loncacc;
use strict;
use Apache::Constants qw(:common :http);
use CGI::Cookie();
sub handler {
my $r = shift;
my $requrl=$r->uri;
my %cookies=CGI::Cookie->parse($r->header_in('Cookie'));
my $lonid=$cookies{'lonID'};
my $cookie;
if ($lonid) {
my $handle=$lonid->value;
$handle=~s/\W//g;
my $lonidsdir=$r->dir_config('lonIDsDir');
if ((-e "$lonidsdir/$handle.id") && ($handle ne '')) {
my $ownername=$requrl;
$ownername=~s/\/\~(\w+).*/\1/;
my $ownerdomain=$r->dir_config('lonDefDomain');
my @handleparts=split(/\_/,$handle);
my $username=$handleparts[0];
my $domain=$handleparts[2];
if (($username ne $ownername) || ($domain ne $ownerdomain)) {
$r->log_reason
("$username at $domain not authorized", $r->filename);
return HTTP_NOT_ACCEPTABLE;
}
return OK;
} else {
$r->log_reason("Cookie $handle not valid", $r->filename)
};
}
$cookie=CGI::Cookie->new(-name => 'lonURL',
-value => $requrl,
-path => '/');
$r->err_headers_out->add('Set-Cookie' => $cookie);
return FORBIDDEN;
}
1;
__END__
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>