# The LearningOnline Network # Login Screen # # $Id: lonlogin.pm,v 1.159 2014/10/04 02:59:32 raeburn Exp $ # # Copyright Michigan State University Board of Trustees # # This file is part of the LearningOnline Network with CAPA (LON-CAPA). # # LON-CAPA is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. # # LON-CAPA is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with LON-CAPA; if not, write to the Free Software # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # # /home/httpd/html/adm/gpl.txt # # http://www.lon-capa.org/ # package Apache::lonlogin; use strict; use Apache::Constants qw(:common); use Apache::File (); use Apache::lonnet; use Apache::loncommon(); use Apache::lonauth(); use Apache::lonlocal; use Apache::migrateuser(); use lib '/home/httpd/lib/perl/'; use LONCAPA; sub handler { my $r = shift; &Apache::loncommon::get_unprocessed_cgi (join('&',$ENV{'QUERY_STRING'},$env{'request.querystring'}, $ENV{'REDIRECT_QUERY_STRING'}), ['interface','username','domain','firsturl','localpath','localres', 'token','role','symb','iptoken']); if (!defined($env{'form.firsturl'})) { &Apache::lonacc::get_posted_cgi($r,['firsturl']); } # -- check if they are a migrating user if (defined($env{'form.token'})) { return &Apache::migrateuser::handler($r); } &Apache::loncommon::no_cache($r); &Apache::lonlocal::get_language_handle($r); &Apache::loncommon::content_type($r,'text/html'); $r->send_http_header; return OK if $r->header_only; # Are we re-routing? my $londocroot = $r->dir_config('lonDocRoot'); if (-e "$londocroot/lon-status/reroute.txt") { &Apache::lonauth::reroute($r); return OK; } $env{'form.firsturl'} =~ s/(`)/'/g; # -------------------------------- Prevent users from attempting to login twice my $handle = &Apache::lonnet::check_for_valid_session($r); if ($handle ne '') { my $lonidsdir=$r->dir_config('lonIDsDir'); if ($handle=~/^publicuser\_/) { # For "public user" - remove it, we apparently really want to login unlink($r->dir_config('lonIDsDir')."/$handle.id"); } else { # Indeed, a valid token is found &Apache::lonnet::transfer_profile_to_env($lonidsdir,$handle); my $start_page = &Apache::loncommon::start_page('Already logged in'); my $end_page = &Apache::loncommon::end_page(); my $dest = '/adm/roles'; if ($env{'form.firsturl'} ne '') { $dest = $env{'form.firsturl'}; } $r->print( $start_page .'
'.&mt('You are already logged in!').'
' .''.&mt('Please either [_1]continue the current session[_2] or [_3]log out[_4].', '','','','').'
' .$end_page ); return OK; } } # ---------------------------------------------------- No valid token, continue # ---------------------------- Not possible to really login to domain "public" if ($env{'form.domain'} eq 'public') { $env{'form.domain'}=''; $env{'form.username'}=''; } # ------ Is this page requested because /adm/migrateuser detected an IP change? my %sessiondata; if ($env{'form.iptoken'}) { %sessiondata = &Apache::lonnet::tmpget($env{'form.iptoken'}); unless ($sessiondata{'sessionserver'}) { my $delete = &Apache::lonnet::tmpdel($env{'form.iptoken'}); delete($env{'form.iptoken'}); } } # ----------------------------------------------------------- Process Interface $env{'form.interface'}=~s/\W//g; (undef,undef,undef,undef,undef,undef,my $clientmobile) = &Apache::loncommon::decode_user_agent(); my $iconpath= &Apache::loncommon::lonhttpdurl($r->dir_config('lonIconsURL')); my $lonhost = $r->dir_config('lonHostID'); my $domain = &Apache::lonnet::default_login_domain(); if ($lonhost ne '') { unless ($sessiondata{'sessionserver'}) { my $redirect = &check_loginvia($domain,$lonhost); if ($redirect) { $r->print($redirect); return OK; } } } if (($sessiondata{'domain'}) && (&Apache::lonnet::domain($env{'form.domain'},'description'))) { $domain=$sessiondata{'domain'}; } elsif (($env{'form.domain'}) && (&Apache::lonnet::domain($env{'form.domain'},'description'))) { $domain=$env{'form.domain'}; } my $role = $r->dir_config('lonRole'); my $loadlim = $r->dir_config('lonLoadLim'); my $uloadlim= $r->dir_config('lonUserLoadLim'); my $servadm = $r->dir_config('lonAdmEMail'); my $tabdir = $r->dir_config('lonTabDir'); my $include = $r->dir_config('lonIncludes'); my $expire = $r->dir_config('lonExpire'); my $version = $r->dir_config('lonVersion'); my $host_name = &Apache::lonnet::hostname($lonhost); # --------------------------------------------- Default values for login fields my ($authusername,$authdomain); if ($sessiondata{'username'}) { $authusername=$sessiondata{'username'}; } else { $env{'form.username'} = &Apache::loncommon::cleanup_html($env{'form.username'}); $authusername=($env{'form.username'}?$env{'form.username'}:''); } if ($sessiondata{'domain'}) { $authdomain=$sessiondata{'domain'}; } else { $env{'form.domain'} = &Apache::loncommon::cleanup_html($env{'form.domain'}); $authdomain=($env{'form.domain'}?$env{'form.domain'}:$domain); } # ---------------------------------------------------------- Determine own load my $loadavg; { my $loadfile=Apache::File->new('/proc/loadavg'); $loadavg=<$loadfile>; } $loadavg =~ s/\s.*//g; my ($loadpercent,$userloadpercent); if ($loadlim) { $loadpercent=sprintf("%.1f",100*$loadavg/$loadlim); } if ($uloadlim) { $userloadpercent=&Apache::lonnet::userload(); } my $firsturl= ($env{'request.firsturl'}?$env{'request.firsturl'}:$env{'form.firsturl'}); # ----------------------------------------------------------- Get announcements my $announcements=&Apache::lonnet::getannounce(); # -------------------------------------------------------- Set login parameters my @hexstr=('0','1','2','3','4','5','6','7', '8','9','a','b','c','d','e','f'); my $lkey=''; for (0..7) { $lkey.=$hexstr[rand(15)]; } my $ukey=''; for (0..7) { $ukey.=$hexstr[rand(15)]; } my $lextkey=hex($lkey); if ($lextkey>2147483647) { $lextkey-=4294967296; } my $uextkey=hex($ukey); if ($uextkey>2147483647) { $uextkey-=4294967296; } # -------------------------------------------------------- Store away log token my $tokenextras; if ($env{'form.role'}) { $tokenextras = '&role='.&escape($env{'form.role'}); } if ($env{'form.symb'}) { if (!$tokenextras) { $tokenextras = '&'; } $tokenextras .= '&symb='.&escape($env{'form.symb'}); } if ($env{'form.iptoken'}) { if (!$tokenextras) { $tokenextras = '&&'; } $tokenextras .= '&iptoken='.&escape($env{'form.iptoken'}); } my $logtoken=Apache::lonnet::reply( 'tmpput:'.$ukey.$lkey.'&'.$firsturl.$tokenextras, $lonhost); # -- If we cannot talk to ourselves, or hostID does not map to a hostname # we are in serious trouble if (($logtoken eq 'con_lost') || ($logtoken eq 'no_such_host')) { if ($logtoken eq 'no_such_host') { &Apache::lonnet::logthis('No valid logtoken for log-in page -- unable to determine hostname for hostID: '.$lonhost.'. Check entry in hosts.tab'); } my $spares=''; my $last; foreach my $hostid (sort { &Apache::lonnet::hostname($a) cmp &Apache::lonnet::hostname($b); } keys(%Apache::lonnet::spareid)) { next if ($hostid eq $lonhost); my $hostname = &Apache::lonnet::hostname($hostid); next if (($last eq $hostname) || ($hostname eq '')); $spares.=''.&mt('Please attempt to login to one of the following servers:') .'
' .$spares); } $r->print('' .'' ); return OK; } # ----------------------------------------------- Apparently we are in business $servadm=~s/\,/\