--- loncom/auth/lonlogin.pm 2015/03/06 22:32:39 1.158.2.1 +++ loncom/auth/lonlogin.pm 2017/10/14 20:59:35 1.158.2.6.2.1 @@ -1,7 +1,7 @@ # The LearningOnline Network # Login Screen # -# $Id: lonlogin.pm,v 1.158.2.1 2015/03/06 22:32:39 raeburn Exp $ +# $Id: lonlogin.pm,v 1.158.2.6.2.1 2017/10/14 20:59:35 raeburn Exp $ # # Copyright Michigan State University Board of Trustees # @@ -38,6 +38,7 @@ use Apache::lonlocal; use Apache::migrateuser(); use lib '/home/httpd/lib/perl/'; use LONCAPA; +use CGI::Cookie(); sub handler { my $r = shift; @@ -56,9 +57,35 @@ sub handler { return &Apache::migrateuser::handler($r); } +# For "public user" - remove any exising "public" cookie, as user really wants to log-in + my ($handle,$lonidsdir,$expirepub,$userdom); + unless ($r->header_only) { + $handle = &Apache::lonnet::check_for_valid_session($r,'lonID',undef,\$userdom); + if ($handle ne '') { + $lonidsdir=$r->dir_config('lonIDsDir'); + if ($handle=~/^publicuser\_/) { + unlink($r->dir_config('lonIDsDir')."/$handle.id"); + undef($handle); + undef($userdom); + $expirepub = 1; + } + } + } + &Apache::loncommon::no_cache($r); &Apache::lonlocal::get_language_handle($r); &Apache::loncommon::content_type($r,'text/html'); + if ($expirepub) { + my $c = new CGI::Cookie(-name => 'lonID', + -value => '', + -expires => '-10y',); + $r->header_out('Set-cookie' => $c); + } elsif (($handle eq '') && ($userdom ne '')) { + my $c = new CGI::Cookie(-name => 'lonID', + -value => '', + -expires => '-10y',); + $r->headers_out->add('Set-cookie' => $c); + } $r->send_http_header; return OK if $r->header_only; @@ -70,6 +97,23 @@ sub handler { return OK; } +# +# If browser sent an old cookie for which the session file had been removed +# check if configuration for user's domain has a portal URL set. If so +# switch user's log-in to the portal. +# + + if (($handle eq '') && ($userdom ne '')) { + my %domdefaults = &Apache::lonnet::get_domain_defaults($userdom); + if ($domdefaults{'portal_def'} =~ /^https?\:/) { + my $start_page = &Apache::loncommon::start_page('Switching Server ...',undef, + {'redirect' => [0,$domdefaults{'portal_def'}],}); + my $end_page = &Apache::loncommon::end_page(); + $r->print($start_page.$end_page); + return OK; + } + } + $env{'form.firsturl'} =~ s/(`)/'/g; # -------------------------------- Prevent users from attempting to login twice @@ -113,7 +157,10 @@ sub handler { my %sessiondata; if ($env{'form.iptoken'}) { %sessiondata = &Apache::lonnet::tmpget($env{'form.iptoken'}); - my $delete = &Apache::lonnet::tmpdel($env{'form.token'}); + unless ($sessiondata{'sessionserver'}) { + my $delete = &Apache::lonnet::tmpdel($env{'form.iptoken'}); + delete($env{'form.iptoken'}); + } } # ----------------------------------------------------------- Process Interface $env{'form.interface'}=~s/\W//g; @@ -126,6 +173,7 @@ sub handler { my $lonhost = $r->dir_config('lonHostID'); my $domain = &Apache::lonnet::default_login_domain(); + my $defdom = $domain; if ($lonhost ne '') { unless ($sessiondata{'sessionserver'}) { my $redirect = &check_loginvia($domain,$lonhost); @@ -222,6 +270,12 @@ sub handler { } $tokenextras .= '&symb='.&escape($env{'form.symb'}); } + if ($env{'form.iptoken'}) { + if (!$tokenextras) { + $tokenextras = '&&'; + } + $tokenextras .= '&iptoken='.&escape($env{'form.iptoken'}); + } my $logtoken=Apache::lonnet::reply( 'tmpput:'.$ukey.$lkey.'&'.$firsturl.$tokenextras, $lonhost); @@ -343,11 +397,7 @@ lextkey=this.document.client.elements.le initkeys(); this.document.server.elements.upass0.value - =crypted(this.document.client.elements.upass$now.value.substr(0,15)); -this.document.server.elements.upass1.value - =crypted(this.document.client.elements.upass$now.value.substr(15,15)); -this.document.server.elements.upass2.value - =crypted(this.document.client.elements.upass$now.value.substr(30,15)); + =getCrypted(this.document.client.elements.upass$now.value); this.document.client.elements.uname.value=''; this.document.client.elements.upass$now.value=''; @@ -378,9 +428,20 @@ ENDSCRIPT alink => "$alink", onload => 'javascript:enableInput();',); - my %defaultdomconf = &Apache::loncommon::get_domainconf($defdom); - my $headextra = $defaultdomconf{$defdom.'.login.headtag_'.$lonhost}; - my $headextra_exempt = $defaultdomconf{$domain.'.login.headtag_exempt_'.$lonhost}; + my ($lonhost_in_use,$headextra,$headextra_exempt,@hosts,%defaultdomconf); + @hosts = &Apache::lonnet::current_machine_ids(); + $lonhost_in_use = $lonhost; + if (@hosts > 1) { + foreach my $hostid (@hosts) { + if (&Apache::lonnet::host_domain($hostid) eq $defdom) { + $lonhost_in_use = $hostid; + last; + } + } + } + %defaultdomconf = &Apache::loncommon::get_domainconf($defdom); + $headextra = $defaultdomconf{$defdom.'.login.headtag_'.$lonhost_in_use}; + $headextra_exempt = $defaultdomconf{$domain.'.login.headtag_exempt_'.$lonhost_in_use}; if ($headextra) { my $omitextra; if ($headextra_exempt ne '') { @@ -392,7 +453,7 @@ ENDSCRIPT } unless ($omitextra) { my $confname = $defdom.'-domainconfig'; - if ($headextra =~ m{^\Q/res/$defdom/$confname/login/headtag/$lonhost/\E}) { + if ($headextra =~ m{^\Q/res/$defdom/$confname/login/headtag/$lonhost_in_use/\E}) { my $extra = &Apache::lonnet::getfile(&Apache::lonnet::filelocation("",$headextra)); unless ($extra eq '-1') { $js .= "\n".$extra."\n"; @@ -451,8 +512,6 @@ ENDSCRIPT - - @@ -503,7 +562,7 @@ LFORM $r->print(<
- The Learning Online Network with CAPA + The Learning Online Network with CAPA
HEADER } @@ -527,7 +586,7 @@ HEADER
ENDTOP if ($showmainlogo) { - $r->print(' '."\n"); + $r->print(' '."\n"); } $r->print(<