loncom/auth/lonlogin.pm - diff

Return to lonlogin.pm CVS log

Up to [LON-CAPA] / loncom / auth

Diff for /loncom/auth/lonlogin.pm between versions 1.154 and 1.158.2.6.2.2

version 1.154, 2013/01/23 15:26:37	version 1.158.2.6.2.2, 2018/09/03 22:20:42
Line 38 use Apache::lonlocal;	Line 38 use Apache::lonlocal;
use Apache::migrateuser();	use Apache::migrateuser();
use lib '/home/httpd/lib/perl/';	use lib '/home/httpd/lib/perl/';
use LONCAPA;	use LONCAPA;
	use CGI::Cookie();

sub handler {	sub handler {
my $r = shift;	my $r = shift;
Line 46 sub handler {	Line 47 sub handler {
(join('&',$ENV{'QUERY_STRING'},$env{'request.querystring'},	(join('&',$ENV{'QUERY_STRING'},$env{'request.querystring'},
$ENV{'REDIRECT_QUERY_STRING'}),	$ENV{'REDIRECT_QUERY_STRING'}),
['interface','username','domain','firsturl','localpath','localres',	['interface','username','domain','firsturl','localpath','localres',
'token','role','symb']);	'token','role','symb','iptoken']);
if (!defined($env{'form.firsturl'})) {	if (!defined($env{'form.firsturl'})) {
&Apache::lonacc::get_posted_cgi($r,['firsturl']);	&Apache::lonacc::get_posted_cgi($r,['firsturl']);
}	}
Line 56 sub handler {	Line 57 sub handler {
return &Apache::migrateuser::handler($r);	return &Apache::migrateuser::handler($r);
}	}

	# For "public user" - remove any exising "public" cookie, as user really wants to log-in
	my ($handle,$lonidsdir,$expirepub,$userdom);
	unless ($r->header_only) {
	$handle = &Apache::lonnet::check_for_valid_session($r,'lonID',undef,\$userdom);
	if ($handle ne '') {
	$lonidsdir=$r->dir_config('lonIDsDir');
	if ($handle=~/^publicuser\_/) {
	unlink($r->dir_config('lonIDsDir')."/$handle.id");
	undef($handle);
	undef($userdom);
	$expirepub = 1;
	}
	}
	}

&Apache::loncommon::no_cache($r);	&Apache::loncommon::no_cache($r);
&Apache::lonlocal::get_language_handle($r);	&Apache::lonlocal::get_language_handle($r);
&Apache::loncommon::content_type($r,'text/html');	&Apache::loncommon::content_type($r,'text/html');
	if ($expirepub) {
	my $c = new CGI::Cookie(-name => 'lonID',
	-value => '',
	-expires => '-10y',);
	$r->header_out('Set-cookie' => $c);
	} elsif (($handle eq '') && ($userdom ne '')) {
	my $c = new CGI::Cookie(-name => 'lonID',
	-value => '',
	-expires => '-10y',);
	$r->headers_out->add('Set-cookie' => $c);
	}
$r->send_http_header;	$r->send_http_header;
return OK if $r->header_only;	return OK if $r->header_only;

Line 70 sub handler {	Line 97 sub handler {
return OK;	return OK;
}	}

	#
	# If browser sent an old cookie for which the session file had been removed
	# check if configuration for user's domain has a portal URL set. If so
	# switch user's log-in to the portal.
	#

	if (($handle eq '') && ($userdom ne '')) {
	my %domdefaults = &Apache::lonnet::get_domain_defaults($userdom);
	if ($domdefaults{'portal_def'} =~ /^https?\:/) {
	my $start_page = &Apache::loncommon::start_page('Switching Server ...',undef,
	{'redirect' => [0,$domdefaults{'portal_def'}],});
	my $end_page = &Apache::loncommon::end_page();
	$r->print($start_page.$end_page);
	return OK;
	}
	}

$env{'form.firsturl'} =~ s/(`)/'/g;	$env{'form.firsturl'} =~ s/(`)/'/g;

# -------------------------------- Prevent users from attempting to login twice	# -------------------------------- Prevent users from attempting to login twice
my $handle = &Apache::lonnet::check_for_valid_session($r);
if ($handle ne '') {	if ($handle ne '') {
my $lonidsdir=$r->dir_config('lonIDsDir');	&Apache::lonnet::transfer_profile_to_env($lonidsdir,$handle);
if ($handle=~/^publicuser\_/) {	my $start_page =
# For "public user" - remove it, we apparently really want to login	&Apache::loncommon::start_page('Already logged in');
unlink($r->dir_config('lonIDsDir')."/$handle.id");	my $end_page =
} else {	&Apache::loncommon::end_page();
# Indeed, a valid token is found	my $dest = '/adm/roles';
&Apache::lonnet::transfer_profile_to_env($lonidsdir,$handle);	if ($env{'form.firsturl'} ne '') {
my $start_page =	$dest = $env{'form.firsturl'};
&Apache::loncommon::start_page('Already logged in');
my $end_page =
&Apache::loncommon::end_page();
my $dest = '/adm/roles';
if ($env{'form.firsturl'} ne '') {
$dest = $env{'form.firsturl'};
}
$r->print(
$start_page
.'<p class="LC_warning">'.&mt('You are already logged in!').'</p>'
.'<p>'.&mt('Please either [_1]continue the current session[_2] or [_3]log out[_4].',
'<a href="'.$dest.'">','</a>','<a href="/adm/logout">','</a>').'</p>'
.$end_page
);
return OK;
}	}
	$r->print(
	$start_page
	.'<p class="LC_warning">'.&mt('You are already logged in!').'</p>'
	.'<p>'.&mt('Please either [_1]continue the current session[_2] or [_3]log out[_4].',
	'<a href="'.$dest.'">','</a>','<a href="/adm/logout">','</a>').'</p>'
	.$end_page
	);
	return OK;
}	}

# ---------------------------------------------------- No valid token, continue	# ---------------------------------------------------- No valid token, continue

# ---------------------------- Not possible to really login to domain "public"	# ---------------------------- Not possible to really login to domain "public"
if ($env{'form.domain'} eq 'public') {	if ($env{'form.domain'} eq 'public') {
$env{'form.domain'}='';	$env{'form.domain'}='';
$env{'form.username'}='';	$env{'form.username'}='';
}	}

	# ------ Is this page requested because /adm/migrateuser detected an IP change?
	my %sessiondata;
	if ($env{'form.iptoken'}) {
	%sessiondata = &Apache::lonnet::tmpget($env{'form.iptoken'});
	unless ($sessiondata{'sessionserver'}) {
	my $delete = &Apache::lonnet::tmpdel($env{'form.iptoken'});
	delete($env{'form.iptoken'});
	}
	}
# ----------------------------------------------------------- Process Interface	# ----------------------------------------------------------- Process Interface
$env{'form.interface'}=~s/\W//g;	$env{'form.interface'}=~s/\W//g;

my $httpbrowser=$ENV{"HTTP_USER_AGENT"};	(undef,undef,undef,undef,undef,undef,my $clientmobile) =
	&Apache::loncommon::decode_user_agent();

my $iconpath=	my $iconpath=
&Apache::loncommon::lonhttpdurl($r->dir_config('lonIconsURL'));	&Apache::loncommon::lonhttpdurl($r->dir_config('lonIconsURL'));

my $lonhost = $r->dir_config('lonHostID');	my $lonhost = $r->dir_config('lonHostID');
my $domain = &Apache::lonnet::default_login_domain();	my $domain = &Apache::lonnet::default_login_domain();
	my $defdom = $domain;
if ($lonhost ne '') {	if ($lonhost ne '') {
my $redirect = &check_loginvia($domain,$lonhost);	unless ($sessiondata{'sessionserver'}) {
if ($redirect) {	my $redirect = &check_loginvia($domain,$lonhost);
$r->print($redirect);	if ($redirect) {
return OK;	$r->print($redirect);
}	return OK;
	}
	}
}	}

if (($env{'form.domain'}) &&	if (($sessiondata{'domain'}) &&
	(&Apache::lonnet::domain($env{'form.domain'},'description'))) {
	$domain=$sessiondata{'domain'};
	} elsif (($env{'form.domain'}) &&
(&Apache::lonnet::domain($env{'form.domain'},'description'))) {	(&Apache::lonnet::domain($env{'form.domain'},'description'))) {
$domain=$env{'form.domain'};	$domain=$env{'form.domain'};
}	}

my $role = $r->dir_config('lonRole');	my $role = $r->dir_config('lonRole');
my $loadlim = $r->dir_config('lonLoadLim');	my $loadlim = $r->dir_config('lonLoadLim');
my $uloadlim= $r->dir_config('lonUserLoadLim');	my $uloadlim= $r->dir_config('lonUserLoadLim');
Line 141 sub handler {	Line 195 sub handler {
my $host_name = &Apache::lonnet::hostname($lonhost);	my $host_name = &Apache::lonnet::hostname($lonhost);

# --------------------------------------------- Default values for login fields	# --------------------------------------------- Default values for login fields

my $authusername=($env{'form.username'}?$env{'form.username'}:'');	my ($authusername,$authdomain);
my $authdomain=($env{'form.domain'}?$env{'form.domain'}:$domain);	if ($sessiondata{'username'}) {
	$authusername=$sessiondata{'username'};
	} else {
	$env{'form.username'} = &Apache::loncommon::cleanup_html($env{'form.username'});
	$authusername=($env{'form.username'}?$env{'form.username'}:'');
	}
	if ($sessiondata{'domain'}) {
	$authdomain=$sessiondata{'domain'};
	} else {
	$env{'form.domain'} = &Apache::loncommon::cleanup_html($env{'form.domain'});
	$authdomain=($env{'form.domain'}?$env{'form.domain'}:$domain);
	}

# ---------------------------------------------------------- Determine own load	# ---------------------------------------------------------- Determine own load
my $loadavg;	my $loadavg;
Line 197 sub handler {	Line 262 sub handler {
}	}
$tokenextras .= '&symb='.&escape($env{'form.symb'});	$tokenextras .= '&symb='.&escape($env{'form.symb'});
}	}
	if ($env{'form.iptoken'}) {
	if (!$tokenextras) {
	$tokenextras = '&&';
	}
	$tokenextras .= '&iptoken='.&escape($env{'form.iptoken'});
	}
my $logtoken=Apache::lonnet::reply(	my $logtoken=Apache::lonnet::reply(
'tmpput:'.$ukey.$lkey.'&'.$firsturl.$tokenextras,	'tmpput:'.$ukey.$lkey.'&'.$firsturl.$tokenextras,
$lonhost);	$lonhost);
Line 318 lextkey=this.document.client.elements.le	Line 389 lextkey=this.document.client.elements.le
initkeys();	initkeys();

this.document.server.elements.upass0.value	this.document.server.elements.upass0.value
=crypted(this.document.client.elements.upass$now.value.substr(0,15));	=getCrypted(this.document.client.elements.upass$now.value);
this.document.server.elements.upass1.value
=crypted(this.document.client.elements.upass$now.value.substr(15,15));
this.document.server.elements.upass2.value
=crypted(this.document.client.elements.upass$now.value.substr(30,15));

this.document.client.elements.uname.value='';	this.document.client.elements.uname.value='';
this.document.client.elements.upass$now.value='';	this.document.client.elements.upass$now.value='';
Line 353 ENDSCRIPT	Line 420 ENDSCRIPT
alink => "$alink",	alink => "$alink",
onload => 'javascript:enableInput();',);	onload => 'javascript:enableInput();',);

	my ($lonhost_in_use,$headextra,$headextra_exempt,@hosts,%defaultdomconf);
	@hosts = &Apache::lonnet::current_machine_ids();
	$lonhost_in_use = $lonhost;
	if (@hosts > 1) {
	foreach my $hostid (@hosts) {
	if (&Apache::lonnet::host_domain($hostid) eq $defdom) {
	$lonhost_in_use = $hostid;
	last;
	}
	}
	}
	%defaultdomconf = &Apache::loncommon::get_domainconf($defdom);
	$headextra = $defaultdomconf{$defdom.'.login.headtag_'.$lonhost_in_use};
	$headextra_exempt = $defaultdomconf{$domain.'.login.headtag_exempt_'.$lonhost_in_use};
	if ($headextra) {
	my $omitextra;
	if ($headextra_exempt ne '') {
	my @exempt = split(',',$headextra_exempt);
	my $ip = $ENV{'REMOTE_ADDR'};
	if (grep(/^\Q$ip\E$/,@exempt)) {
	$omitextra = 1;
	}
	}
	unless ($omitextra) {
	my $confname = $defdom.'-domainconfig';
	if ($headextra =~ m{^\Q/res/$defdom/$confname/login/headtag/$lonhost_in_use/\E}) {
	my $extra = &Apache::lonnet::getfile(&Apache::lonnet::filelocation("",$headextra));
	unless ($extra eq '-1') {
	$js .= "\n".$extra."\n";
	}
	}
	}
	}

$r->print(&Apache::loncommon::start_page('The LearningOnline Network with CAPA Login',$js,	$r->print(&Apache::loncommon::start_page('The LearningOnline Network with CAPA Login',$js,
{ 'redirect' => [$expire,'/adm/roles'],	{ 'redirect' => [$expire,'/adm/roles'],
'add_entries' => \%add_entries,	'add_entries' => \%add_entries,
Line 403 ENDSCRIPT	Line 504 ENDSCRIPT
<input type="hidden" name="serverid" value="$lonhost" />	<input type="hidden" name="serverid" value="$lonhost" />
<input type="hidden" name="uname" value="" />	<input type="hidden" name="uname" value="" />
<input type="hidden" name="upass0" value="" />	<input type="hidden" name="upass0" value="" />
<input type="hidden" name="upass1" value="" />
<input type="hidden" name="upass2" value="" />
<input type="hidden" name="udom" value="" />	<input type="hidden" name="udom" value="" />
<input type="hidden" name="localpath" value="$env{'form.localpath'}" />	<input type="hidden" name="localpath" value="$env{'form.localpath'}" />
<input type="hidden" name="localres" value="$env{'form.localres'}" />	<input type="hidden" name="localres" value="$env{'form.localres'}" />
Line 433 ENDSERVERFORM	Line 532 ENDSERVERFORM
$authdomain,\$helpdeskscript,	$authdomain,\$helpdeskscript,
$showhelpdesk,\@possdoms);	$showhelpdesk,\@possdoms);

	my $mobileargs;
	if ($clientmobile) {
	$mobileargs = 'autocapitalize="off" autocorrect="off"';
	}
my $loginform=(<<LFORM);	my $loginform=(<<LFORM);
<form name="client" action="" onsubmit="return(send())">	<form name="client" action="" onsubmit="return(send())">
<input type="hidden" name="lextkey" value="$lextkey" />	<input type="hidden" name="lextkey" value="$lextkey" />
<input type="hidden" name="uextkey" value="$uextkey" />	<input type="hidden" name="uextkey" value="$uextkey" />
<b><label for="uname">$lt{'un'}</label>:</b><br />	<b><label for="uname">$lt{'un'}</label>:</b><br />
<input type="text" name="uname" id="uname" size="15" value="$authusername" readonly="readonly" /><br />	<input type="text" name="uname" id="uname" size="15" value="$authusername" readonly="readonly" $mobileargs /><br />
<b><label for="upass$now">$lt{'pw'}</label>:</b><br />	<b><label for="upass$now">$lt{'pw'}</label>:</b><br />
<input type="password" name="upass$now" id="upass$now" size="15" readonly="readonly" /><br />	<input type="password" name="upass$now" id="upass$now" size="15" readonly="readonly" /><br />
<b><label for="udom">$lt{'dom'}</label>:</b><br />	<b><label for="udom">$lt{'dom'}</label>:</b><br />
<input type="text" name="udom" id="udom" size="15" value="$authdomain" readonly="readonly" /><br />	<input type="text" name="udom" id="udom" size="15" value="$authdomain" readonly="readonly" $mobileargs /><br />
<input type="submit" value="$lt{'log'}" />	<input type="submit" value="$lt{'log'}" />
</form>	</form>
LFORM	LFORM
Line 451 LFORM	Line 554 LFORM
$r->print(<<HEADER);	$r->print(<<HEADER);
<!-- The LON-CAPA Header -->	<!-- The LON-CAPA Header -->
<div style="background:$pgbg;margin:0;width:100%;">	<div style="background:$pgbg;margin:0;width:100%;">
<img src="$img" border="0" alt="The Learning Online Network with CAPA" />	<img src="$img" border="0" alt="The Learning Online Network with CAPA" class="LC_maxwidth" />
</div>	</div>
HEADER	HEADER
}	}
Line 475 HEADER	Line 578 HEADER
<div>	<div>
ENDTOP	ENDTOP
if ($showmainlogo) {	if ($showmainlogo) {
$r->print(' <img src="'.$logo.'" alt="" />'."\n");	$r->print(' <img src="'.$logo.'" alt="" class="LC_maxwidth" />'."\n");
}	}
$r->print(<<ENDTOP);	$r->print(<<ENDTOP);
$announcements	$announcements
Line 654 sub contactdisplay {	Line 757 sub contactdisplay {
<script type="text/javascript">	<script type="text/javascript">
// <![CDATA[	// <![CDATA[
function helpdesk() {	function helpdesk() {
var codedom = document.client.udom.value;	var possdom = document.client.udom.value;
	var codedom = possdom.replace( new RegExp("[^A-Za-z0-9.\\-]","g"),'');
if (codedom == '') {	if (codedom == '') {
codedom = "$authdomain";	codedom = "$authdomain";
}	}

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>

Removed from v.1.154
changed lines
	Added in v.1.158.2.6.2.2