--- loncom/auth/lonauth.pm 2008/10/01 11:11:08 1.95
+++ loncom/auth/lonauth.pm 2009/07/22 21:51:03 1.101
@@ -1,7 +1,7 @@
# The LearningOnline Network
# User Authentication Module
#
-# $Id: lonauth.pm,v 1.95 2008/10/01 11:11:08 bisitz Exp $
+# $Id: lonauth.pm,v 1.101 2009/07/22 21:51:03 raeburn Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -40,6 +40,7 @@ use Apache::lonmenu();
use Apache::createaccount;
use Fcntl qw(:flock);
use Apache::lonlocal;
+use HTML::Entities;
# ------------------------------------------------------------ Successful login
sub success {
@@ -73,20 +74,59 @@ sub success {
# ------------------------------------------------------------ Get cookie ready
$cookie="lonID=$cookie; path=/";
# -------------------------------------------------------- Menu script and info
+ my $destination = $lowerurl;
+
+ if (defined($form->{role})) {
+ my $envkey = 'user.role.'.$form->{role};
+ my $now=time;
+ my $then=$env{'user.login.time'};
+ my $refresh=$env{'user.refresh.time'};
+ if (exists($env{$envkey})) {
+ my ($role,$where,$trolecode,$tstart,$tend,$tremark,$tstatus);
+ &Apache::lonnet::role_status($envkey,$then,$refresh,$now,\$role,\$where,
+ \$trolecode,\$tstatus,\$tstart,\$tend);
+ if ($tstatus eq 'is') {
+ $destination .= ($destination =~ /\?/) ? '&' : '?';
+ my $newrole = &HTML::Entities::encode($form->{role},'"<>&');
+ $destination .= 'selectrole=1&'.$newrole.'=1';
+ }
+ }
+ }
+ if (defined($form->{symb})) {
+ my $destsymb = $form->{symb};
+ $destination .= ($destination =~ /\?/) ? '&' : '?';
+ if ($destsymb =~ /___/) {
+ # FIXME Need to deal with encrypted symbs and urls as needed.
+ my ($map,$resid,$desturl)=split(/___/,$destsymb);
+ unless ($desturl=~/^(adm|uploaded|editupload|public)/) {
+ $desturl = &Apache::lonnet::clutter($desturl);
+ }
+ $desturl = &HTML::Entities::encode($desturl,'"<>&');
+ $destsymb = &HTML::Entities::encode($destsymb,'"<>&');
+ $destination .= '&destinationurl='.$desturl.
+ '&destsymb='.$destsymb;
+ } else {
+ $destsymb = &HTML::Entities::encode($destsymb,'"<>&');
+ $destination .= '&destinationurl='.$destsymb;
+ }
+ }
+
my $windowinfo=&Apache::lonmenu::open($env{'browser.os'});
- my $startupremote=&Apache::lonmenu::startupremote($lowerurl);
+ my $startupremote=&Apache::lonmenu::startupremote($destination);
my $remoteinfo=&Apache::lonmenu::load_remote_msg($lowerurl);
my $setflags=&Apache::lonmenu::setflags();
my $maincall=&Apache::lonmenu::maincall();
+ my $brcrum = [{'href' => '',
+ 'text' => 'Successful Login'},];
my $start_page=&Apache::loncommon::start_page('Successful Login',
- $startupremote,
- {'no_inline_link' => 1,});
+ $startupremote,
+ {'no_inline_link' => 1,
+ 'bread_crumbs' => $brcrum,});
my $end_page =&Apache::loncommon::end_page();
my $continuelink;
- if (($env{'browser.interface'} eq 'textual') ||
- ($env{'environment.remote'} eq 'off')) {
- $continuelink="".&mt('Continue')."";
+ if ($env{'environment.remote'} eq 'off') {
+ $continuelink=''.&mt('Continue').'';
}
# ------------------------------------------------- Output for successful login
@@ -120,16 +160,22 @@ sub failed {
my ($r,$message,$form) = @_;
my $start_page = &Apache::loncommon::start_page('Unsuccessful Login',undef,
{'no_inline_link' => 1,});
+ my $retry = '/adm/login?username='.$form->{'uname'}.
+ '&domain='.$form->{'udom'};
+ if (exists($form->{role})) {
+ $retry .= '&role='.$form->{role};
+ }
+ if (exists($form->{symb})) {
+ $retry .= '&symb='.$form->{symb};
+ }
my $end_page = &Apache::loncommon::end_page();
&Apache::loncommon::content_type($r,'text/html');
- sleep 1; # brute force counteraction: slow down attackers, which try to hack user authentication with automated scripts
$r->send_http_header;
$r->print(
$start_page
.''.&mt('Sorry ...').'
'
.''.&mt($message).'
'
- .''.&mt('Please [_1]log in again[_2].'
- ,"{'uname'}&domain=$form->{'udom'}\">",'')
+ .'
'.&mt('Please [_1]log in again[_2].','','')
.'
'
.''.&mt('Login problems?').'
'
.$end_page
@@ -173,7 +219,7 @@ sub handler {
$r->print(
$start_page
.''.&mt('You are already logged in!').'
'
- .''.&mt('Please either [_1]continue the current session[_2] or [_3]logout[_4].'
+ .'
'.&mt('Please either [_1]continue the current session[_2] or [_3]log out[_4].'
,'','','','')
.'
'
.''.&mt('Login problems?').'
'
@@ -232,11 +278,25 @@ sub handler {
return OK;
}
}
+
if (!&Apache::lonnet::domain($form{'udom'})) {
&failed($r,'The domain you provided is not a valid LON-CAPA domain.',\%form);
return OK;
}
- my ($key,$firsturl)=split(/&/,$tmpinfo);
+
+ my ($key,$firsturl,$rolestr,$symbstr)=split(/&/,$tmpinfo);
+ if ($rolestr) {
+ $rolestr = &unescape($rolestr);
+ }
+ if ($symbstr) {
+ $symbstr= &unescape($symbstr);
+ }
+ if ($rolestr =~ /^role=/) {
+ (undef,$form{'role'}) = split('=',$rolestr);
+ }
+ if ($symbstr =~ /^symb=/) {
+ (undef,$form{'symb'}) = split('=',$symbstr);
+ }
my $keybin=pack("H16",$key);