File:
[LON-CAPA] /
loncom /
auth /
lonlogin.pm
Revision
1.123:
download - view:
text,
annotated -
select for diffs
Wed Jul 22 20:24:07 2009 UTC (14 years, 10 months ago) by
raeburn
Branches:
MAIN
CVS tags:
HEAD
- Bug 3987. Deep linking.
- Include role and symb in query string when calling log-in page.
- Role is automatically selected and resource is displayed (assuming user actually has the role, and its active, and symb is valid).
1: # The LearningOnline Network
2: # Login Screen
3: #
4: # $Id: lonlogin.pm,v 1.123 2009/07/22 20:24:07 raeburn Exp $
5: #
6: # Copyright Michigan State University Board of Trustees
7: #
8: # This file is part of the LearningOnline Network with CAPA (LON-CAPA).
9: #
10: # LON-CAPA is free software; you can redistribute it and/or modify
11: # it under the terms of the GNU General Public License as published by
12: # the Free Software Foundation; either version 2 of the License, or
13: # (at your option) any later version.
14: #
15: # LON-CAPA is distributed in the hope that it will be useful,
16: # but WITHOUT ANY WARRANTY; without even the implied warranty of
17: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18: # GNU General Public License for more details.
19: #
20: # You should have received a copy of the GNU General Public License
21: # along with LON-CAPA; if not, write to the Free Software
22: # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
23: #
24: # /home/httpd/html/adm/gpl.txt
25: #
26: # http://www.lon-capa.org/
27: #
28:
29: package Apache::lonlogin;
30:
31: use strict;
32: use Apache::Constants qw(:common);
33: use Apache::File ();
34: use Apache::lonnet;
35: use Apache::loncommon();
36: use Apache::lonauth();
37: use Apache::lonlocal;
38: use Apache::migrateuser();
39: use lib '/home/httpd/lib/perl/';
40: use LONCAPA;
41:
42: sub handler {
43: my $r = shift;
44:
45: &Apache::loncommon::get_unprocessed_cgi
46: (join('&',$ENV{'QUERY_STRING'},$env{'request.querystring'},
47: $ENV{'REDIRECT_QUERY_STRING'}),
48: ['interface','username','domain','firsturl','localpath','localres',
49: 'token','role','symb']);
50: if (!defined($env{'form.firsturl'})) {
51: &Apache::lonacc::get_posted_cgi($r,['firsturl']);
52: }
53:
54: # -- check if they are a migrating user
55: if (defined($env{'form.token'})) {
56: return &Apache::migrateuser::handler($r);
57: }
58:
59: &Apache::loncommon::no_cache($r);
60: &Apache::lonlocal::get_language_handle($r);
61: &Apache::loncommon::content_type($r,'text/html');
62: $r->send_http_header;
63: return OK if $r->header_only;
64:
65:
66: # Are we re-routing?
67: if (-e '/home/httpd/html/lon-status/reroute.txt') {
68: &Apache::lonauth::reroute($r);
69: return OK;
70: }
71:
72:
73: # -------------------------------- Prevent users from attempting to login twice
74: my $handle = &Apache::lonnet::check_for_valid_session($r);
75: if ($handle=~/^publicuser\_/) {
76: # For "public user" - remove it, we apparently really want to login
77: unlink($r->dir_config('lonIDsDir')."/$handle.id");
78: } elsif ($handle ne '') {
79: # Indeed, a valid token is found
80: my $start_page =
81: &Apache::loncommon::start_page('Already logged in');
82: my $end_page =
83: &Apache::loncommon::end_page();
84: $r->print(
85: $start_page
86: .'<h1>'.&mt('You are already logged in!').'</h1>'
87: .'<p>'.&mt('Please either [_1]continue the current session[_2] or [_3]log out[_4].',
88: '<a href="/adm/roles">','</a>','<a href="/adm/logout">','</a>').'</p>'
89: .'<p><a href="/adm/loginproblems.html">'.&mt('Login problems?').'</a></p>'
90: .$end_page
91: );
92: return OK;
93: }
94:
95: # ---------------------------------------------------- No valid token, continue
96:
97: # ---------------------------- Not possible to really login to domain "public"
98: if ($env{'form.domain'} eq 'public') {
99: $env{'form.domain'}='';
100: $env{'form.username'}='';
101: }
102: # ----------------------------------------------------------- Process Interface
103: $env{'form.interface'}=~s/\W//g;
104:
105: my $httpbrowser=$ENV{"HTTP_USER_AGENT"};
106:
107: my $iconpath=
108: &Apache::loncommon::lonhttpdurl($r->dir_config('lonIconsURL'));
109:
110: my $domain = &Apache::lonnet::default_login_domain();
111: if (($env{'form.domain'}) &&
112: (&Apache::lonnet::domain($env{'form.domain'},'description'))) {
113: $domain=$env{'form.domain'};
114: }
115: my $role = $r->dir_config('lonRole');
116: my $loadlim = $r->dir_config('lonLoadLim');
117: my $servadm = $r->dir_config('lonAdmEMail');
118: my $lonhost = $r->dir_config('lonHostID');
119: my $tabdir = $r->dir_config('lonTabDir');
120: my $include = $r->dir_config('lonIncludes');
121: my $expire = $r->dir_config('lonExpire');
122: my $version = $r->dir_config('lonVersion');
123: my $host_name = &Apache::lonnet::hostname($lonhost);
124:
125: # --------------------------------------------- Default values for login fields
126:
127: my $authusername=($env{'form.username'}?$env{'form.username'}:'');
128: my $authdomain=($env{'form.domain'}?$env{'form.domain'}:$domain);
129:
130: # ---------------------------------------------------------- Determine own load
131: my $loadavg;
132: {
133: my $loadfile=Apache::File->new('/proc/loadavg');
134: $loadavg=<$loadfile>;
135: }
136: $loadavg =~ s/\s.*//g;
137: my $loadpercent=sprintf("%.1f",100*$loadavg/$loadlim);
138: my $userloadpercent=&Apache::lonnet::userload();
139:
140: # ------------------------------------------------------- Do the load balancing
141: my $otherserver= &Apache::lonnet::absolute_url($host_name);
142: my $firsturl=
143: ($env{'request.firsturl'}?$env{'request.firsturl'}:$env{'form.firsturl'});
144: # ---------------------------------------------------------- Are we overloaded?
145: if ((($userloadpercent>100.0)||($loadpercent>100.0))) {
146: my $unloaded=Apache::lonnet::spareserver($loadpercent,$userloadpercent);
147: if ($unloaded) { $otherserver=$unloaded; }
148: }
149:
150: # ----------------------------------------------------------- Get announcements
151: my $announcements=&Apache::lonnet::getannounce();
152: # -------------------------------------------------------- Set login parameters
153:
154: my @hexstr=('0','1','2','3','4','5','6','7',
155: '8','9','a','b','c','d','e','f');
156: my $lkey='';
157: for (0..7) {
158: $lkey.=$hexstr[rand(15)];
159: }
160:
161: my $ukey='';
162: for (0..7) {
163: $ukey.=$hexstr[rand(15)];
164: }
165:
166: my $lextkey=hex($lkey);
167: if ($lextkey>2147483647) { $lextkey-=4294967296; }
168:
169: my $uextkey=hex($ukey);
170: if ($uextkey>2147483647) { $uextkey-=4294967296; }
171:
172: # -------------------------------------------------------- Store away log token
173: my $tokenextras;
174: if ($env{'form.role'}) {
175: $tokenextras = '&role='.&escape($env{'form.role'});
176: }
177: if ($env{'form.symb'}) {
178: $tokenextras .= '&symb='.&escape($env{'form.symb'});
179: }
180: my $logtoken=Apache::lonnet::reply(
181: 'tmpput:'.$ukey.$lkey.'&'.$firsturl.$tokenextras,
182: $lonhost);
183:
184: # ------------------- If we cannot talk to ourselves, we are in serious trouble
185:
186: if ($logtoken eq 'con_lost') {
187: my $spares='';
188: my $last;
189: foreach my $hostid (sort
190: {
191: &Apache::lonnet::hostname($a) cmp
192: &Apache::lonnet::hostname($b);
193: }
194: keys(%Apache::lonnet::spareid)) {
195: next if ($hostid eq $lonhost);
196: my $hostname = &Apache::lonnet::hostname($hostid);
197: next if ($last eq $hostname);
198: $spares.='<br /><font size="+1"><a href="http://'.
199: $hostname.
200: '/adm/login?domain='.$authdomain.'">'.
201: $hostname.'</a>'.
202: ' '.&mt('(preferred)').'</font>'.$/;
203: $last=$hostname;
204: }
205: $spares.= '<br />';
206: my %all_hostnames = &Apache::lonnet::all_hostnames();
207: foreach my $hostid (sort
208: {
209: &Apache::lonnet::hostname($a) cmp
210: &Apache::lonnet::hostname($b);
211: }
212: keys(%all_hostnames)) {
213: next if ($hostid eq $lonhost || $Apache::lonnet::spareid{$hostid});
214: my $hostname = &Apache::lonnet::hostname($hostid);
215: next if ($last eq $hostname);
216: $spares.='<br /><a href="http://'.
217: $hostname.
218: '/adm/login?domain='.$authdomain.'">'.
219: $hostname.'</a>';
220: $last=$hostname;
221: }
222: $r->print(
223: '<html>'
224: .'<head><title>'
225: .&mt('The LearningOnline Network with CAPA')
226: .'</title></head>'
227: .'<body bgcolor="#FFFFFF">'
228: .'<h1>'.&mt('The LearningOnline Network with CAPA').'</h1>'
229: .'<img src="/adm/lonKaputt/lonlogo_broken.gif" align="right" />'
230: .'<h3>'.&mt('This LON-CAPA server is temporarily not available for login.').'</h3>'
231: .'<p>'.&mt('Please attempt to login to one of the following servers:').'</p>'
232: .$spares
233: .'</body>'
234: .'</html>'
235: );
236: return OK;
237: }
238:
239: # ----------------------------------------------- Apparently we are in business
240: $servadm=~s/\,/\<br \/\>/g;
241:
242: # ----------------------------------------------------------- Front page design
243: my $pgbg=&Apache::loncommon::designparm('login.pgbg',$domain);
244: my $font=&Apache::loncommon::designparm('login.font',$domain);
245: my $link=&Apache::loncommon::designparm('login.link',$domain);
246: my $vlink=&Apache::loncommon::designparm('login.vlink',$domain);
247: my $alink=&Apache::loncommon::designparm('login.alink',$domain);
248: my $mainbg=&Apache::loncommon::designparm('login.mainbg',$domain);
249: my $logo=&Apache::loncommon::designparm('login.logo',$domain);
250: my $img=&Apache::loncommon::designparm('login.img',$domain);
251: my $domainlogo=&Apache::loncommon::domainlogo($domain);
252: my $login=&Apache::loncommon::designparm('login.login',$domain);
253: if ($login eq '') {
254: $login = $iconpath.'/'.&mt('userauthentication.gif');
255: }
256: my $showbanner = 1;
257: my $showmainlogo = 1;
258: if (defined(&Apache::loncommon::designparm('login.showlogo_img',$domain))) {
259: $showbanner = &Apache::loncommon::designparm('login.showlogo_img',$domain);
260: }
261: if (defined(&Apache::loncommon::designparm('login.showlogo_logo',$domain))) {
262: $showmainlogo = &Apache::loncommon::designparm('login.showlogo_logo',$domain);
263: }
264: my $showadminmail=&Apache::loncommon::designparm('login.adminmail',$domain);
265: my $showcoursecat =
266: &Apache::loncommon::designparm('login.coursecatalog',$domain);
267: my $loginheader =&Apache::loncommon::designparm('login.loginheader',$domain);
268: my $shownewuserlink =
269: &Apache::loncommon::designparm('login.newuser',$domain);
270: my $now=time;
271: my $js = (<<ENDSCRIPT);
272:
273: <script type="text/javascript" language="JavaScript">
274: // <![CDATA[
275: function send()
276: {
277: this.document.server.elements.uname.value
278: =this.document.client.elements.uname.value;
279:
280: this.document.server.elements.udom.value
281: =this.document.client.elements.udom.value;
282:
283: uextkey=this.document.client.elements.uextkey.value;
284: lextkey=this.document.client.elements.lextkey.value;
285: initkeys();
286:
287: this.document.server.elements.upass0.value
288: =crypted(this.document.client.elements.upass$now.value.substr(0,15));
289: this.document.server.elements.upass1.value
290: =crypted(this.document.client.elements.upass$now.value.substr(15,15));
291: this.document.server.elements.upass2.value
292: =crypted(this.document.client.elements.upass$now.value.substr(30,15));
293:
294: this.document.client.elements.uname.value='';
295: this.document.client.elements.upass$now.value='';
296:
297: this.document.server.submit();
298: return false;
299: }
300: // ]]>
301: </script>
302:
303: ENDSCRIPT
304:
305: # --------------------------------------------------- Print login screen header
306:
307: my %add_entries = (
308: bgcolor => "$mainbg",
309: text => "$font",
310: link => "$link",
311: vlink => "$vlink",
312: alink => "$alink",);
313:
314: $r->print(&Apache::loncommon::start_page('The LearningOnline Network with CAPA Login',$js,
315: { 'redirect' => [$expire,'/adm/roles'],
316: 'add_entries' => \%add_entries,
317: 'only_body' => 1,}));
318:
319: # ----------------------------------------------------------------------- Texts
320:
321: my %lt=&Apache::lonlocal::texthash(
322: 'un' => 'Username',
323: 'pw' => 'Password',
324: 'dom' => 'Domain',
325: 'perc' => 'percent',
326: 'load' => 'Server Load',
327: 'userload' => 'User Load',
328: 'catalog' => 'Course Catalog',
329: 'log' => 'Log in',
330: 'help' => 'Log-in Help',
331: 'serv' => 'Server',
332: 'servadm' => 'Server Administration',
333: 'helpdesk' => 'Contact Helpdesk',
334: 'forgotpw' => 'Forgot password?',
335: 'newuser' => 'New User?',
336: );
337: # -------------------------------------------------- Change password field name
338: my $forgotpw = &forgotpwdisplay(%lt);
339: my $loginhelp = &loginhelpdisplay(%lt);
340:
341: # ---------------------------------------------------- Serve out DES JavaScript
342: {
343: my $jsh=Apache::File->new($include."/londes.js");
344: $r->print(<$jsh>);
345: }
346: # ---------------------------------------------------------- Serve rest of page
347:
348: $r->print(
349: '<div class="LC_loginpage_container">');
350:
351: #
352: # If the loadbalancing yielded just http:// because perhaps there's no loadbalancing?
353: # then just us a relative link to authenticate:
354: #
355:
356: $r->print(<<ENDSERVERFORM);
357: <form name="server" action="$otherserver/adm/authenticate" method="post" target="_top">
358: <input type="hidden" name="logtoken" value="$logtoken" />
359: <input type="hidden" name="serverid" value="$lonhost" />
360: <input type="hidden" name="uname" value="" />
361: <input type="hidden" name="upass0" value="" />
362: <input type="hidden" name="upass1" value="" />
363: <input type="hidden" name="upass2" value="" />
364: <input type="hidden" name="udom" value="" />
365: <input type="hidden" name="localpath" value="$env{'form.localpath'}" />
366: <input type="hidden" name="localres" value="$env{'form.localres'}" />
367: </form>
368: ENDSERVERFORM
369: my $coursecatalog;
370: if (($showcoursecat eq '') || ($showcoursecat)) {
371: $coursecatalog = &coursecatalog_link($lt{'catalog'});
372: }
373: my $newuserlink;
374: if ($shownewuserlink) {
375: $newuserlink = &newuser_link($lt{'newuser'}).'<br />';
376: }
377: my $logintitle;
378: if ($loginheader eq 'text') {
379: $logintitle ='<h2>'.$lt{'log'}.'</h2>';
380: } else {
381: $logintitle = '<img src="'.$login.'" alt="'.
382: &mt('User Authentication').'" />';
383: }
384:
385: my $noscript_warning='<noscript><span class="LC_warning"><b>'
386: .&mt('Use of LON-CAPA requires Javascript to be enabled in your web browser.')
387: .'</b></span></noscript>';
388: my $helpdeskscript;
389: my $contactblock = &contactdisplay(\%lt,$servadm,$showadminmail,
390: $version,$authdomain,\$helpdeskscript);
391:
392: my $loginform=(<<LFORM);
393: <form name="client" action="" onsubmit="return(send())">
394: <input type="hidden" name="lextkey" value="$lextkey" />
395: <input type="hidden" name="uextkey" value="$uextkey" />
396: <b><label for="uname">$lt{'un'}</label>:</b><br />
397: <input type="text" name="uname" size="15" value="$authusername" /><br />
398: <b><label for="upass$now">$lt{'pw'}</label>:</b><br />
399: <input type="password" name="upass$now" size="15" /><br />
400: <b><label for="udom">$lt{'dom'}</label>:</b><br />
401: <input type="text" name="udom" size="15" value="$authdomain" /><br />
402: <input type="submit" value="$lt{'log'}" />
403: </form>
404: LFORM
405:
406: if ($showbanner) {
407: $r->print(<<HEADER);
408: <!-- The LON-CAPA Header -->
409: <table border="0" align="left" width="100%" cellspacing="0" cellpadding="1">
410: <tr>
411: <td align="left" valign="top" bgcolor="$pgbg">
412: <img src="$img" border="0" alt="The Learning Online Network with CAPA" />
413: </td>
414: </tr>
415: </table>
416: HEADER
417: }
418: $r->print(<<ENDTOP);
419: <div class="LC_loginpage_space"> </div>
420: <div class="LC_loginpage_floatLeft">
421: <div class="LC_loginpage_loginContainer">
422: $logintitle
423: <table border="0" align="left" cellspacing="1" cellpadding="2" width="100%">
424: <tr>
425: <td>
426: $loginform
427: </td>
428: </tr>
429: </table>
430: $noscript_warning
431: </div>
432:
433: <div class="LC_loginpage_loginInfo">
434: $loginhelp<br />
435: $forgotpw<br />
436: $contactblock<br />
437: $newuserlink
438: $coursecatalog
439: </div>
440: </div>
441: ENDTOP
442: if ($showmainlogo) {
443: $r->print(' <img src="'.$logo.'" alt="" />'."\n");
444: }
445: $r->print(<<ENDTOP);
446: $announcements
447: $domainlogo
448: <div class="LC_loginpage_space"> </div>
449: ENDTOP
450:
451: $r->print(<<ENDDOCUMENT);
452: <table border="0" cellspacing="0" cellpadding="0">
453: <tr>
454: <td align="left" valign="top">
455: <small><b> $lt{'dom'}: </b></small>
456: </td>
457: <td align="left" valign="top">
458: <small><tt> $domain</tt></small>
459: </td>
460: </tr>
461: <tr>
462: <td align="left" valign="top">
463: <small><b> $lt{'serv'}: </b></small>
464: </td>
465: <td align="left" valign="top">
466: <small><tt> $lonhost ($role)</tt></small>
467: </td>
468: </tr>
469: <tr>
470: <td align="left" valign="top">
471: <small><b> $lt{'load'}: </b></small>
472: </td>
473: <td align="left" valign="top">
474: <small><tt> $loadpercent $lt{'perc'}</tt></small>
475: </td>
476: </tr>
477: <tr>
478: <td align="left" valign="top">
479: <small><b> $lt{'userload'}: </b></small>
480: </td>
481: <td align="left" valign="top">
482: <small><tt> $userloadpercent $lt{'perc'}</tt></small>
483: </td>
484: </tr>
485: </table>
486: </div>
487:
488: <script type="text/javascript">
489: // <![CDATA[
490: // the if prevents the script error if the browser can not handle this
491: if ( document.client.uname ) { document.client.uname.focus(); }
492: // ]]>
493: </script>
494: $helpdeskscript
495:
496: ENDDOCUMENT
497: my %endargs = ( 'noredirectlink' => 1, );
498: $r->print(&Apache::loncommon::end_page(\%endargs));
499: return OK;
500: }
501:
502: sub contactdisplay {
503: my ($lt,$servadm,$showadminmail,$version,$authdomain,$helpdeskscript) = @_;
504: my $contactblock;
505: my $showhelpdesk = 0;
506: my $requestmail = $Apache::lonnet::perlvar{'lonSupportEMail'};
507: if ($requestmail =~ m/^[^\@]+\@[^\@]+$/) {
508: $showhelpdesk = 1;
509: }
510: if ($servadm && $showadminmail) {
511: $contactblock .= '<b> '.$$lt{'servadm'}.':</b><br />'.
512: '<tt> '.$servadm.'</tt><br /> <br />';
513: }
514: if ($showhelpdesk) {
515: $contactblock .= '<a href="javascript:helpdesk()">'.$lt->{'helpdesk'}.'</a><br />';
516: my $thisurl = &escape('/adm/login');
517: $$helpdeskscript = <<"ENDSCRIPT";
518: <script type="text/javascript">
519: // <![CDATA[
520: function helpdesk() {
521: var codedom = document.client.udom.value;
522: if (codedom == '') {
523: codedom = "$authdomain";
524: }
525: var querystr = "origurl=$thisurl&codedom="+codedom;
526: document.location.href = "/adm/helpdesk?"+querystr;
527: return;
528: }
529: // ]]>
530: </script>
531: ENDSCRIPT
532: }
533: $contactblock .= <<"ENDBLOCK";
534: $version
535: ENDBLOCK
536: return $contactblock;
537: }
538:
539: sub forgotpwdisplay {
540: my (%lt) = @_;
541: my $prompt_for_resetpw = 1;
542: if ($prompt_for_resetpw) {
543: return '<a href="/adm/resetpw">'.$lt{'forgotpw'}.'</a>';
544: }
545: return;
546: }
547:
548: sub loginhelpdisplay {
549: my (%lt) = @_;
550: my $login_help = 1;
551: if ($login_help) {
552: return '<a href="/adm/loginproblems.html">'.$lt{'help'}.'</a>';
553: }
554: return;
555: }
556:
557: sub coursecatalog_link {
558: my ($linkname) = @_;
559: return <<"END";
560: <a href="/adm/coursecatalog">$linkname</a>
561: END
562: }
563:
564: sub newuser_link {
565: my ($linkname) = @_;
566: return ' <a href="/adm/createaccount"><b>'.$linkname.'</b></a><br />';
567: }
568:
569: 1;
570: __END__
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>