# The LearningOnline Network
# Cookie Based Access Handler for Construction Area
# (lonacc: 5/21/99,5/22,5/29,5/31 Gerd Kortemeyer)
# 6/15,16/11,22/11,
# 01/06,01/11,6/1 Gerd Kortemeyer
package Apache::loncacc;
use strict;
use Apache::Constants qw(:common :http);
use Apache::File;
use CGI::Cookie();
sub handler {
my $r = shift;
my $requrl=$r->uri;
my %cookies=CGI::Cookie->parse($r->header_in('Cookie'));
my $lonid=$cookies{'lonID'};
my $cookie;
if ($lonid) {
my $handle=$lonid->value;
$handle=~s/\W//g;
my $lonidsdir=$r->dir_config('lonIDsDir');
if ((-e "$lonidsdir/$handle.id") && ($handle ne '')) {
my $ownername=$requrl;
$ownername=~s/\/\~(\w+).*/\1/;
my $ownerdomain=$r->dir_config('lonDefDomain');
my @handleparts=split(/\_/,$handle);
my $username=$handleparts[0];
my $domain=$handleparts[2];
if (($username ne $ownername) || ($domain ne $ownerdomain)) {
$r->log_reason
("$username at $domain not authorized", $r->filename);
return HTTP_NOT_ACCEPTABLE;
}
my @profile;
{
my $idf=Apache::File->new("$lonidsdir/$handle.id");
@profile=<$idf>;
}
my $envi;
for ($envi=0;$envi<=$#profile;$envi++) {
chomp($profile[$envi]);
my ($envname,$envvalue)=split(/=/,$profile[$envi]);
$r->subprocess_env("$envname" => "$envvalue");
}
$r->subprocess_env("user.environment" => "$lonidsdir/$handle.id",
"request.state" => "construct",
"request.filename" => $r->filename);
my $buffer;
$r->read($buffer,$r->header_in('Content-length'));
my @pairs=split(/&/,$buffer);
my $pair; my $name; my $value;
foreach $pair (@pairs) {
($name,$value) = split(/=/,$pair);
$value =~ tr/+/ /;
$value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C",hex($1))/eg;
$r->subprocess_env("form.$name" => $value);
}
return OK;
} else {
$r->log_reason("Cookie $handle not valid", $r->filename)
};
}
# ----------------------------------------------- Store where they wanted to go
$ENV{'request.firsturl'}=$requrl;
return FORBIDDEN;
}
1;
__END__
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>