--- loncom/auth/lonlogin.pm 2016/08/11 00:37:33 1.158.2.5 +++ loncom/auth/lonlogin.pm 2018/09/04 01:10:29 1.158.2.7 @@ -1,7 +1,7 @@ # The LearningOnline Network # Login Screen # -# $Id: lonlogin.pm,v 1.158.2.5 2016/08/11 00:37:33 raeburn Exp $ +# $Id: lonlogin.pm,v 1.158.2.7 2018/09/04 01:10:29 raeburn Exp $ # # Copyright Michigan State University Board of Trustees # @@ -38,6 +38,7 @@ use Apache::lonlocal; use Apache::migrateuser(); use lib '/home/httpd/lib/perl/'; use LONCAPA; +use CGI::Cookie(); sub handler { my $r = shift; @@ -56,9 +57,35 @@ sub handler { return &Apache::migrateuser::handler($r); } +# For "public user" - remove any exising "public" cookie, as user really wants to log-in + my ($handle,$lonidsdir,$expirepub,$userdom); + unless ($r->header_only) { + $handle = &Apache::lonnet::check_for_valid_session($r,'lonID',undef,\$userdom); + if ($handle ne '') { + $lonidsdir=$r->dir_config('lonIDsDir'); + if ($handle=~/^publicuser\_/) { + unlink($r->dir_config('lonIDsDir')."/$handle.id"); + undef($handle); + undef($userdom); + $expirepub = 1; + } + } + } + &Apache::loncommon::no_cache($r); &Apache::lonlocal::get_language_handle($r); &Apache::loncommon::content_type($r,'text/html'); + if ($expirepub) { + my $c = new CGI::Cookie(-name => 'lonID', + -value => '', + -expires => '-10y',); + $r->header_out('Set-cookie' => $c); + } elsif (($handle eq '') && ($userdom ne '')) { + my $c = new CGI::Cookie(-name => 'lonID', + -value => '', + -expires => '-10y',); + $r->headers_out->add('Set-cookie' => $c); + } $r->send_http_header; return OK if $r->header_only; @@ -70,35 +97,44 @@ sub handler { return OK; } +# +# If browser sent an old cookie for which the session file had been removed +# check if configuration for user's domain has a portal URL set. If so +# switch user's log-in to the portal. +# + + if (($handle eq '') && ($userdom ne '')) { + my %domdefaults = &Apache::lonnet::get_domain_defaults($userdom); + if ($domdefaults{'portal_def'} =~ /^https?\:/) { + my $start_page = &Apache::loncommon::start_page('Switching Server ...',undef, + {'redirect' => [0,$domdefaults{'portal_def'}],}); + my $end_page = &Apache::loncommon::end_page(); + $r->print($start_page.$end_page); + return OK; + } + } + $env{'form.firsturl'} =~ s/(`)/'/g; # -------------------------------- Prevent users from attempting to login twice - my $handle = &Apache::lonnet::check_for_valid_session($r); if ($handle ne '') { - my $lonidsdir=$r->dir_config('lonIDsDir'); - if ($handle=~/^publicuser\_/) { -# For "public user" - remove it, we apparently really want to login - unlink($r->dir_config('lonIDsDir')."/$handle.id"); - } else { -# Indeed, a valid token is found - &Apache::lonnet::transfer_profile_to_env($lonidsdir,$handle); - my $start_page = - &Apache::loncommon::start_page('Already logged in'); - my $end_page = - &Apache::loncommon::end_page(); - my $dest = '/adm/roles'; - if ($env{'form.firsturl'} ne '') { - $dest = $env{'form.firsturl'}; - } - $r->print( - $start_page - .'
'.&mt('You are already logged in!').'
' - .''.&mt('Please either [_1]continue the current session[_2] or [_3]log out[_4].', - '','','','').'
' - .$end_page - ); - return OK; - } + &Apache::lonnet::transfer_profile_to_env($lonidsdir,$handle); + my $start_page = + &Apache::loncommon::start_page('Already logged in'); + my $end_page = + &Apache::loncommon::end_page(); + my $dest = '/adm/roles'; + if ($env{'form.firsturl'} ne '') { + $dest = $env{'form.firsturl'}; + } + $r->print( + $start_page + .''.&mt('You are already logged in!').'
' + .''.&mt('Please either [_1]continue the current session[_2] or [_3]log out[_4].', + '','','','').'
' + .$end_page + ); + return OK; } # ---------------------------------------------------- No valid token, continue @@ -518,7 +554,7 @@ LFORM $r->print(<