|
version 1.168, 2016/05/03 22:33:49
|
version 1.177, 2018/12/26 20:10:21
|
|
Line 37 use Apache::lonauth();
|
Line 37 use Apache::lonauth();
|
| use Apache::lonlocal;
|
use Apache::lonlocal;
|
| use Apache::migrateuser();
|
use Apache::migrateuser();
|
| use lib '/home/httpd/lib/perl/';
|
use lib '/home/httpd/lib/perl/';
|
| use LONCAPA;
|
use LONCAPA qw(:DEFAULT :match);
|
| |
use CGI::Cookie();
|
|
|
|
| sub handler {
|
sub handler {
|
| my $r = shift;
|
my $r = shift;
|
|
Line 46 sub handler {
|
Line 47 sub handler {
|
| (join('&',$ENV{'QUERY_STRING'},$env{'request.querystring'},
|
(join('&',$ENV{'QUERY_STRING'},$env{'request.querystring'},
|
| $ENV{'REDIRECT_QUERY_STRING'}),
|
$ENV{'REDIRECT_QUERY_STRING'}),
|
| ['interface','username','domain','firsturl','localpath','localres',
|
['interface','username','domain','firsturl','localpath','localres',
|
| 'token','role','symb','iptoken']);
|
'token','role','symb','iptoken','btoken','ltoken']);
|
| if (!defined($env{'form.firsturl'})) {
|
if (!defined($env{'form.firsturl'})) {
|
| &Apache::lonacc::get_posted_cgi($r,['firsturl']);
|
&Apache::lonacc::get_posted_cgi($r,['firsturl']);
|
| }
|
}
|
| |
if (!defined($env{'form.firsturl'})) {
|
| |
if ($ENV{'REDIRECT_URL'} =~ m{^/+tiny/+$LONCAPA::match_domain/+\w+$}) {
|
| |
$env{'form.firsturl'} = $ENV{'REDIRECT_URL'};
|
| |
}
|
| |
}
|
|
|
|
| # -- check if they are a migrating user
|
# -- check if they are a migrating user
|
| if (defined($env{'form.token'})) {
|
if (defined($env{'form.token'})) {
|
| return &Apache::migrateuser::handler($r);
|
return &Apache::migrateuser::handler($r);
|
| }
|
}
|
|
|
|
| |
# For "public user" - remove any exising "public" cookie, as user really wants to log-in
|
| |
my ($handle,$lonidsdir,$expirepub,$userdom);
|
| |
$lonidsdir=$r->dir_config('lonIDsDir');
|
| |
unless ($r->header_only) {
|
| |
$handle = &Apache::lonnet::check_for_valid_session($r,'lonID',undef,\$userdom);
|
| |
if ($handle ne '') {
|
| |
if ($handle=~/^publicuser\_/) {
|
| |
unlink($r->dir_config('lonIDsDir')."/$handle.id");
|
| |
undef($handle);
|
| |
undef($userdom);
|
| |
$expirepub = 1;
|
| |
}
|
| |
}
|
| |
}
|
| |
|
| &Apache::loncommon::no_cache($r);
|
&Apache::loncommon::no_cache($r);
|
| &Apache::lonlocal::get_language_handle($r);
|
&Apache::lonlocal::get_language_handle($r);
|
| &Apache::loncommon::content_type($r,'text/html');
|
&Apache::loncommon::content_type($r,'text/html');
|
| |
if ($expirepub) {
|
| |
my $c = new CGI::Cookie(-name => 'lonPubID',
|
| |
-value => '',
|
| |
-expires => '-10y',);
|
| |
$r->header_out('Set-cookie' => $c);
|
| |
} elsif (($handle eq '') && ($userdom ne '')) {
|
| |
my %cookies=CGI::Cookie->parse($r->header_in('Cookie'));
|
| |
foreach my $name (keys(%cookies)) {
|
| |
next unless ($name =~ /^lon(|S|Link|Pub)ID$/);
|
| |
my $c = new CGI::Cookie(-name => $name,
|
| |
-value => '',
|
| |
-expires => '-10y',);
|
| |
$r->headers_out->add('Set-cookie' => $c);
|
| |
}
|
| |
}
|
| $r->send_http_header;
|
$r->send_http_header;
|
| return OK if $r->header_only;
|
return OK if $r->header_only;
|
|
|
|
|
Line 70 sub handler {
|
Line 106 sub handler {
|
| return OK;
|
return OK;
|
| }
|
}
|
|
|
|
| |
my $lonhost = $r->dir_config('lonHostID');
|
| $env{'form.firsturl'} =~ s/(`)/'/g;
|
$env{'form.firsturl'} =~ s/(`)/'/g;
|
|
|
|
| # -------------------------------- Prevent users from attempting to login twice
|
# Check if browser sent a LON-CAPA load balancer cookie (and this is a balancer)
|
| my $handle = &Apache::lonnet::check_for_valid_session($r);
|
|
| if ($handle ne '') {
|
my ($found_server,$balancer_cookie) = &Apache::lonnet::check_for_balancer_cookie($r,1);
|
| my $lonidsdir=$r->dir_config('lonIDsDir');
|
if ($found_server) {
|
| if ($handle=~/^publicuser\_/) {
|
my $hostname = &Apache::lonnet::hostname($found_server);
|
| # For "public user" - remove it, we apparently really want to login
|
if ($hostname ne '') {
|
| unlink($r->dir_config('lonIDsDir')."/$handle.id");
|
my $protocol = $Apache::lonnet::protocol{$found_server};
|
| } else {
|
$protocol = 'http' if ($protocol ne 'https');
|
| # Indeed, a valid token is found
|
|
| &Apache::lonnet::transfer_profile_to_env($lonidsdir,$handle);
|
|
| my $start_page =
|
|
| &Apache::loncommon::start_page('Already logged in');
|
|
| my $end_page =
|
|
| &Apache::loncommon::end_page();
|
|
| my $dest = '/adm/roles';
|
my $dest = '/adm/roles';
|
| if ($env{'form.firsturl'} ne '') {
|
if ($env{'form.firsturl'} ne '') {
|
| $dest = $env{'form.firsturl'};
|
$dest = $env{'form.firsturl'};
|
| |
}
|
| |
my %info = (
|
| |
balcookie => $lonhost.':'.$balancer_cookie,
|
| |
);
|
| |
if ($env{'form.ltoken'}) {
|
| |
my %link_info = &Apache::lonnet::tmpget($env{'form.ltoken'});
|
| |
if ($link_info{'linkprot'}) {
|
| |
$info{'linkprot'} = $link_info{'linkprot'};
|
| |
}
|
| |
&Apache::lonnet::tmpdel($env{'form.ltoken'});
|
| |
delete($env{'form.ltoken'});
|
| |
}
|
| |
my $balancer_token = &Apache::lonnet::tmpput(\%info,$found_server);
|
| |
if ($balancer_token) {
|
| |
$dest .= (($dest=~/\?/)?'&;':'?') . 'btoken='.$balancer_token;
|
| |
}
|
| |
my $url = $protocol.'://'.$hostname.$dest;
|
| |
my $start_page =
|
| |
&Apache::loncommon::start_page('Switching Server ...',undef,
|
| |
{'redirect' => [0,$url],});
|
| |
my $end_page = &Apache::loncommon::end_page();
|
| |
$r->print($start_page.$end_page);
|
| |
return OK;
|
| |
}
|
| |
}
|
| |
|
| |
#
|
| |
# Check if a LON-CAPA load balancer sent user here because user's browser sent
|
| |
# it a balancer cookie for an active session on this server.
|
| |
#
|
| |
|
| |
my ($balcookie,$linkprot);
|
| |
if ($env{'form.btoken'}) {
|
| |
my %info = &Apache::lonnet::tmpget($env{'form.btoken'});
|
| |
$balcookie = $info{'balcookie'};
|
| |
if ($balcookie) {
|
| |
if ($info{'linkprot'}) {
|
| |
$linkprot = $info{'linkprot'};
|
| |
}
|
| |
}
|
| |
&Apache::lonnet::tmpdel($env{'form.btoken'});
|
| |
delete($env{'form.btoken'});
|
| |
}
|
| |
|
| |
#
|
| |
# If browser sent an old cookie for which the session file had been removed
|
| |
# check if configuration for user's domain has a portal URL set. If so
|
| |
# switch user's log-in to the portal.
|
| |
#
|
| |
|
| |
if (($handle eq '') && ($userdom ne '')) {
|
| |
my %domdefaults = &Apache::lonnet::get_domain_defaults($userdom);
|
| |
if ($domdefaults{'portal_def'} =~ /^https?\:/) {
|
| |
my $start_page = &Apache::loncommon::start_page('Switching Server ...',undef,
|
| |
{'redirect' => [0,$domdefaults{'portal_def'}],});
|
| |
my $end_page = &Apache::loncommon::end_page();
|
| |
$r->print($start_page.$end_page);
|
| |
return OK;
|
| |
}
|
| |
}
|
| |
|
| |
# -------------------------------- Prevent users from attempting to login twice
|
| |
if ($handle ne '') {
|
| |
&Apache::lonnet::transfer_profile_to_env($lonidsdir,$handle);
|
| |
my $start_page =
|
| |
&Apache::loncommon::start_page('Already logged in');
|
| |
my $end_page =
|
| |
&Apache::loncommon::end_page();
|
| |
my $dest = '/adm/roles';
|
| |
if ($env{'form.firsturl'} ne '') {
|
| |
$dest = $env{'form.firsturl'};
|
| |
}
|
| |
if (($env{'form.ltoken'}) || ($linkprot)) {
|
| |
unless ($linkprot) {
|
| |
my %info = &Apache::lonnet::tmpget($env{'form.ltoken'});
|
| |
$linkprot = $info{'linkprot'};
|
| |
my $delete = &Apache::lonnet::tmpdel($env{'form.ltoken'});
|
| |
delete($env{'form.ltoken'});
|
| |
}
|
| |
if ($linkprot) {
|
| |
my ($linkprotector,$deeplink) = split(/:/,$linkprot,2);
|
| |
if ($env{'user.linkprotector'}) {
|
| |
my @protectors = split(/,/,$env{'user.linkprotector'});
|
| |
unless (grep(/^\Q$linkprotector\E$/,@protectors)) {
|
| |
push(@protectors,$linkprotector);
|
| |
@protectors = sort { $a <=> $b } @protectors;
|
| |
&Apache::lonnet::appenv({'user.linkprotector' => join(',',@protectors)});
|
| |
}
|
| |
} else {
|
| |
&Apache::lonnet::appenv({'user.linkprotector' => $linkprotector });
|
| |
}
|
| |
if ($env{'user.linkproturi'}) {
|
| |
my @proturis = split(/,/,$env{'user.linkproturi'});
|
| |
unless(grep(/^\Q$deeplink\E$/,@proturis)) {
|
| |
push(@proturis,$deeplink);
|
| |
@proturis = sort @proturis;
|
| |
&Apache::lonnet::appenv({'user.linkproturi' => join(',',@proturis)});
|
| |
}
|
| |
} else {
|
| |
&Apache::lonnet::appenv({'user.linkproturi' => $deeplink});
|
| |
}
|
| }
|
}
|
| $r->print(
|
}
|
| |
$r->print(
|
| $start_page
|
$start_page
|
| .'<p class="LC_warning">'.&mt('You are already logged in!').'</p>'
|
.'<p class="LC_warning">'.&mt('You are already logged in!').'</p>'
|
| .'<p>'.&mt('Please either [_1]continue the current session[_2] or [_3]log out[_4].',
|
.'<p>'.&mt('Please either [_1]continue the current session[_2] or [_3]log out[_4].',
|
| '<a href="'.$dest.'">','</a>','<a href="/adm/logout">','</a>').'</p>'
|
'<a href="'.$dest.'">','</a>','<a href="/adm/logout">','</a>').'</p>'
|
| .$end_page
|
.$end_page
|
| );
|
);
|
| return OK;
|
return OK;
|
| }
|
|
| }
|
}
|
|
|
|
| # ---------------------------------------------------- No valid token, continue
|
# ---------------------------------------------------- No valid token, continue
|
|
Line 127 sub handler {
|
Line 259 sub handler {
|
| my $iconpath=
|
my $iconpath=
|
| &Apache::loncommon::lonhttpdurl($r->dir_config('lonIconsURL'));
|
&Apache::loncommon::lonhttpdurl($r->dir_config('lonIconsURL'));
|
|
|
|
| my $lonhost = $r->dir_config('lonHostID');
|
|
| my $domain = &Apache::lonnet::default_login_domain();
|
my $domain = &Apache::lonnet::default_login_domain();
|
| my $defdom = $domain;
|
my $defdom = $domain;
|
| if ($lonhost ne '') {
|
if ($lonhost ne '') {
|
| unless ($sessiondata{'sessionserver'}) {
|
unless ($sessiondata{'sessionserver'}) {
|
| my $redirect = &check_loginvia($domain,$lonhost);
|
my $redirect = &check_loginvia($domain,$lonhost,$lonidsdir,$balcookie,$linkprot);
|
| if ($redirect) {
|
if ($redirect) {
|
| $r->print($redirect);
|
$r->print($redirect);
|
| return OK;
|
return OK;
|
|
Line 141 sub handler {
|
Line 272 sub handler {
|
| }
|
}
|
|
|
|
| if (($sessiondata{'domain'}) &&
|
if (($sessiondata{'domain'}) &&
|
| (&Apache::lonnet::domain($env{'form.domain'},'description'))) {
|
(&Apache::lonnet::domain($sessiondata{'domain'},'description'))) {
|
| $domain=$sessiondata{'domain'};
|
$domain=$sessiondata{'domain'};
|
| } elsif (($env{'form.domain'}) &&
|
} elsif (($env{'form.domain'}) &&
|
| (&Apache::lonnet::domain($env{'form.domain'},'description'))) {
|
(&Apache::lonnet::domain($env{'form.domain'},'description'))) {
|
|
Line 232 sub handler {
|
Line 363 sub handler {
|
| }
|
}
|
| $tokenextras .= '&iptoken='.&escape($env{'form.iptoken'});
|
$tokenextras .= '&iptoken='.&escape($env{'form.iptoken'});
|
| }
|
}
|
| |
if ($env{'form.ltoken'}) {
|
| |
my %info = &Apache::lonnet::tmpget($env{'form.ltoken'});
|
| |
&Apache::lonnet::tmpdel($env{'form.ltoken'});
|
| |
delete($env{'form.ltoken'});
|
| |
if ($info{'linkprot'}) {
|
| |
if (!$tokenextras) {
|
| |
$tokenextras = '&&&';
|
| |
}
|
| |
$tokenextras .= '&linkprot='.&escape($info{'linkprot'});
|
| |
}
|
| |
}
|
| my $logtoken=Apache::lonnet::reply(
|
my $logtoken=Apache::lonnet::reply(
|
| 'tmpput:'.$ukey.$lkey.'&'.$firsturl.$tokenextras,
|
'tmpput:'.$ukey.$lkey.'&'.$firsturl.$tokenextras,
|
| $lonhost);
|
$lonhost);
|
|
Line 640 ENDDOCUMENT
|
Line 782 ENDDOCUMENT
|
| }
|
}
|
|
|
|
| sub check_loginvia {
|
sub check_loginvia {
|
| my ($domain,$lonhost) = @_;
|
my ($domain,$lonhost,$lonidsdir,$balcookie,$linkprot) = @_;
|
| if ($domain eq '' || $lonhost eq '') {
|
if ($domain eq '' || $lonhost eq '' || $lonidsdir eq '') {
|
| return;
|
return;
|
| }
|
}
|
| my %domconfhash = &Apache::loncommon::get_domainconf($domain);
|
my %domconfhash = &Apache::loncommon::get_domainconf($domain);
|
|
Line 670 sub check_loginvia {
|
Line 812 sub check_loginvia {
|
| }
|
}
|
| if ($newhost ne $lonhost) {
|
if ($newhost ne $lonhost) {
|
| if (&Apache::lonnet::hostname($newhost) ne '') {
|
if (&Apache::lonnet::hostname($newhost) ne '') {
|
| $output = &redirect_page($newhost,$path);
|
if ($balcookie) {
|
| |
my ($balancer,$cookie) = split(/:/,$balcookie);
|
| |
if ($cookie =~ /^($match_domain)_($match_username)_([a-f0-9]+)$/) {
|
| |
my ($udom,$uname,$cookieid) = ($1,$2,$3);
|
| |
unless (&Apache::lonnet::delbalcookie($cookie,$balancer) eq 'ok') {
|
| |
if ((-d $lonidsdir) && (opendir(my $dh,$lonidsdir))) {
|
| |
while (my $filename=readdir($dh)) {
|
| |
if ($filename=~/^(\Q$uname\E_\d+_\Q$udom\E_$match_lonid)\.id$/) {
|
| |
my $handle = $1;
|
| |
my %hash =
|
| |
&Apache::lonnet::get_sessionfile_vars($handle,$lonidsdir,
|
| |
['request.balancercookie',
|
| |
'user.linkedenv']);
|
| |
if ($hash{'request.balancercookie'} eq "$balancer:$cookieid") {
|
| |
if (unlink("$lonidsdir/$filename")) {
|
| |
if (($hash{'user.linkedenv'} =~ /^[a-f0-9]+_linked$/) &&
|
| |
(-l "$lonidsdir/$hash{'user.linkedenv'}.id") &&
|
| |
(readlink("$lonidsdir/$hash{'user.linkedenv'}.id") eq "$lonidsdir/$filename")) {
|
| |
unlink("$lonidsdir/$hash{'user.linkedenv'}.id");
|
| |
}
|
| |
}
|
| |
}
|
| |
last;
|
| |
}
|
| |
}
|
| |
closedir($dh);
|
| |
}
|
| |
}
|
| |
}
|
| |
}
|
| |
$output = &redirect_page($newhost,$path,$linkprot);
|
| }
|
}
|
| }
|
}
|
| }
|
}
|
|
Line 679 sub check_loginvia {
|
Line 851 sub check_loginvia {
|
| }
|
}
|
|
|
|
| sub redirect_page {
|
sub redirect_page {
|
| my ($desthost,$path) = @_;
|
my ($desthost,$path,$linkprot) = @_;
|
| my $protocol = $Apache::lonnet::protocol{$desthost};
|
my $protocol = $Apache::lonnet::protocol{$desthost};
|
| $protocol = 'http' if ($protocol ne 'https');
|
$protocol = 'http' if ($protocol ne 'https');
|
| unless ($path =~ m{^/}) {
|
unless ($path =~ m{^/}) {
|
|
Line 689 sub redirect_page {
|
Line 861 sub redirect_page {
|
| if ($env{'form.firsturl'} ne '') {
|
if ($env{'form.firsturl'} ne '') {
|
| $url .='?firsturl='.$env{'form.firsturl'};
|
$url .='?firsturl='.$env{'form.firsturl'};
|
| }
|
}
|
| |
if ($linkprot) {
|
| |
my $ltoken = &Apache::lonnet::tmpput({linkprot => $linkprot},$desthost);
|
| |
if ($ltoken) {
|
| |
$url .= (($url =~ /\?/) ? '&' : '?').'ltoken='.$ltoken;
|
| |
}
|
| |
}
|
| my $start_page = &Apache::loncommon::start_page('Switching Server ...',undef,
|
my $start_page = &Apache::loncommon::start_page('Switching Server ...',undef,
|
| {'redirect' => [0,$url],});
|
{'redirect' => [0,$url],});
|
| my $end_page = &Apache::loncommon::end_page();
|
my $end_page = &Apache::loncommon::end_page();
|
![[BACK]](/icons/back.gif){kind=icon}
Return to lonlogin.pm CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [LON-CAPA] / loncom / auth