1: # The LearningOnline Network
2: # Login Screen
3: #
4: # $Id: lonlogin.pm,v 1.124 2009/07/22 21:51:03 raeburn Exp $
5: #
6: # Copyright Michigan State University Board of Trustees
7: #
8: # This file is part of the LearningOnline Network with CAPA (LON-CAPA).
9: #
10: # LON-CAPA is free software; you can redistribute it and/or modify
11: # it under the terms of the GNU General Public License as published by
12: # the Free Software Foundation; either version 2 of the License, or
13: # (at your option) any later version.
14: #
15: # LON-CAPA is distributed in the hope that it will be useful,
16: # but WITHOUT ANY WARRANTY; without even the implied warranty of
17: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18: # GNU General Public License for more details.
19: #
20: # You should have received a copy of the GNU General Public License
21: # along with LON-CAPA; if not, write to the Free Software
22: # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
23: #
24: # /home/httpd/html/adm/gpl.txt
25: #
26: # http://www.lon-capa.org/
27: #
28:
29: package Apache::lonlogin;
30:
31: use strict;
32: use Apache::Constants qw(:common);
33: use Apache::File ();
34: use Apache::lonnet;
35: use Apache::loncommon();
36: use Apache::lonauth();
37: use Apache::lonlocal;
38: use Apache::migrateuser();
39: use lib '/home/httpd/lib/perl/';
40: use LONCAPA;
41:
42: sub handler {
43: my $r = shift;
44:
45: &Apache::loncommon::get_unprocessed_cgi
46: (join('&',$ENV{'QUERY_STRING'},$env{'request.querystring'},
47: $ENV{'REDIRECT_QUERY_STRING'}),
48: ['interface','username','domain','firsturl','localpath','localres',
49: 'token','role','symb']);
50: if (!defined($env{'form.firsturl'})) {
51: &Apache::lonacc::get_posted_cgi($r,['firsturl']);
52: }
53:
54: # -- check if they are a migrating user
55: if (defined($env{'form.token'})) {
56: return &Apache::migrateuser::handler($r);
57: }
58:
59: &Apache::loncommon::no_cache($r);
60: &Apache::lonlocal::get_language_handle($r);
61: &Apache::loncommon::content_type($r,'text/html');
62: $r->send_http_header;
63: return OK if $r->header_only;
64:
65:
66: # Are we re-routing?
67: if (-e '/home/httpd/html/lon-status/reroute.txt') {
68: &Apache::lonauth::reroute($r);
69: return OK;
70: }
71:
72:
73: # -------------------------------- Prevent users from attempting to login twice
74: my $handle = &Apache::lonnet::check_for_valid_session($r);
75: if ($handle=~/^publicuser\_/) {
76: # For "public user" - remove it, we apparently really want to login
77: unlink($r->dir_config('lonIDsDir')."/$handle.id");
78: } elsif ($handle ne '') {
79: # Indeed, a valid token is found
80: my $start_page =
81: &Apache::loncommon::start_page('Already logged in');
82: my $end_page =
83: &Apache::loncommon::end_page();
84: $r->print(
85: $start_page
86: .'<h1>'.&mt('You are already logged in!').'</h1>'
87: .'<p>'.&mt('Please either [_1]continue the current session[_2] or [_3]log out[_4].',
88: '<a href="/adm/roles">','</a>','<a href="/adm/logout">','</a>').'</p>'
89: .'<p><a href="/adm/loginproblems.html">'.&mt('Login problems?').'</a></p>'
90: .$end_page
91: );
92: return OK;
93: }
94:
95: # ---------------------------------------------------- No valid token, continue
96:
97: # ---------------------------- Not possible to really login to domain "public"
98: if ($env{'form.domain'} eq 'public') {
99: $env{'form.domain'}='';
100: $env{'form.username'}='';
101: }
102: # ----------------------------------------------------------- Process Interface
103: $env{'form.interface'}=~s/\W//g;
104:
105: my $httpbrowser=$ENV{"HTTP_USER_AGENT"};
106:
107: my $iconpath=
108: &Apache::loncommon::lonhttpdurl($r->dir_config('lonIconsURL'));
109:
110: my $domain = &Apache::lonnet::default_login_domain();
111: if (($env{'form.domain'}) &&
112: (&Apache::lonnet::domain($env{'form.domain'},'description'))) {
113: $domain=$env{'form.domain'};
114: }
115: my $role = $r->dir_config('lonRole');
116: my $loadlim = $r->dir_config('lonLoadLim');
117: my $servadm = $r->dir_config('lonAdmEMail');
118: my $lonhost = $r->dir_config('lonHostID');
119: my $tabdir = $r->dir_config('lonTabDir');
120: my $include = $r->dir_config('lonIncludes');
121: my $expire = $r->dir_config('lonExpire');
122: my $version = $r->dir_config('lonVersion');
123: my $host_name = &Apache::lonnet::hostname($lonhost);
124:
125: # --------------------------------------------- Default values for login fields
126:
127: my $authusername=($env{'form.username'}?$env{'form.username'}:'');
128: my $authdomain=($env{'form.domain'}?$env{'form.domain'}:$domain);
129:
130: # ---------------------------------------------------------- Determine own load
131: my $loadavg;
132: {
133: my $loadfile=Apache::File->new('/proc/loadavg');
134: $loadavg=<$loadfile>;
135: }
136: $loadavg =~ s/\s.*//g;
137: my $loadpercent=sprintf("%.1f",100*$loadavg/$loadlim);
138: my $userloadpercent=&Apache::lonnet::userload();
139:
140: # ------------------------------------------------------- Do the load balancing
141: my $otherserver= &Apache::lonnet::absolute_url($host_name);
142: my $firsturl=
143: ($env{'request.firsturl'}?$env{'request.firsturl'}:$env{'form.firsturl'});
144: # ---------------------------------------------------------- Are we overloaded?
145: if ((($userloadpercent>100.0)||($loadpercent>100.0))) {
146: my $unloaded=Apache::lonnet::spareserver($loadpercent,$userloadpercent);
147: if ($unloaded) { $otherserver=$unloaded; }
148: }
149:
150: # ----------------------------------------------------------- Get announcements
151: my $announcements=&Apache::lonnet::getannounce();
152: # -------------------------------------------------------- Set login parameters
153:
154: my @hexstr=('0','1','2','3','4','5','6','7',
155: '8','9','a','b','c','d','e','f');
156: my $lkey='';
157: for (0..7) {
158: $lkey.=$hexstr[rand(15)];
159: }
160:
161: my $ukey='';
162: for (0..7) {
163: $ukey.=$hexstr[rand(15)];
164: }
165:
166: my $lextkey=hex($lkey);
167: if ($lextkey>2147483647) { $lextkey-=4294967296; }
168:
169: my $uextkey=hex($ukey);
170: if ($uextkey>2147483647) { $uextkey-=4294967296; }
171:
172: # -------------------------------------------------------- Store away log token
173: my $tokenextras;
174: if ($env{'form.role'}) {
175: $tokenextras = '&role='.&escape($env{'form.role'});
176: }
177: if ($env{'form.symb'}) {
178: if (!$tokenextras) {
179: $tokenextras = '&';
180: }
181: $tokenextras .= '&symb='.&escape($env{'form.symb'});
182: }
183: my $logtoken=Apache::lonnet::reply(
184: 'tmpput:'.$ukey.$lkey.'&'.$firsturl.$tokenextras,
185: $lonhost);
186:
187: # ------------------- If we cannot talk to ourselves, we are in serious trouble
188:
189: if ($logtoken eq 'con_lost') {
190: my $spares='';
191: my $last;
192: foreach my $hostid (sort
193: {
194: &Apache::lonnet::hostname($a) cmp
195: &Apache::lonnet::hostname($b);
196: }
197: keys(%Apache::lonnet::spareid)) {
198: next if ($hostid eq $lonhost);
199: my $hostname = &Apache::lonnet::hostname($hostid);
200: next if ($last eq $hostname);
201: $spares.='<br /><font size="+1"><a href="http://'.
202: $hostname.
203: '/adm/login?domain='.$authdomain.'">'.
204: $hostname.'</a>'.
205: ' '.&mt('(preferred)').'</font>'.$/;
206: $last=$hostname;
207: }
208: $spares.= '<br />';
209: my %all_hostnames = &Apache::lonnet::all_hostnames();
210: foreach my $hostid (sort
211: {
212: &Apache::lonnet::hostname($a) cmp
213: &Apache::lonnet::hostname($b);
214: }
215: keys(%all_hostnames)) {
216: next if ($hostid eq $lonhost || $Apache::lonnet::spareid{$hostid});
217: my $hostname = &Apache::lonnet::hostname($hostid);
218: next if ($last eq $hostname);
219: $spares.='<br /><a href="http://'.
220: $hostname.
221: '/adm/login?domain='.$authdomain.'">'.
222: $hostname.'</a>';
223: $last=$hostname;
224: }
225: $r->print(
226: '<html>'
227: .'<head><title>'
228: .&mt('The LearningOnline Network with CAPA')
229: .'</title></head>'
230: .'<body bgcolor="#FFFFFF">'
231: .'<h1>'.&mt('The LearningOnline Network with CAPA').'</h1>'
232: .'<img src="/adm/lonKaputt/lonlogo_broken.gif" align="right" />'
233: .'<h3>'.&mt('This LON-CAPA server is temporarily not available for login.').'</h3>'
234: .'<p>'.&mt('Please attempt to login to one of the following servers:').'</p>'
235: .$spares
236: .'</body>'
237: .'</html>'
238: );
239: return OK;
240: }
241:
242: # ----------------------------------------------- Apparently we are in business
243: $servadm=~s/\,/\<br \/\>/g;
244:
245: # ----------------------------------------------------------- Front page design
246: my $pgbg=&Apache::loncommon::designparm('login.pgbg',$domain);
247: my $font=&Apache::loncommon::designparm('login.font',$domain);
248: my $link=&Apache::loncommon::designparm('login.link',$domain);
249: my $vlink=&Apache::loncommon::designparm('login.vlink',$domain);
250: my $alink=&Apache::loncommon::designparm('login.alink',$domain);
251: my $mainbg=&Apache::loncommon::designparm('login.mainbg',$domain);
252: my $logo=&Apache::loncommon::designparm('login.logo',$domain);
253: my $img=&Apache::loncommon::designparm('login.img',$domain);
254: my $domainlogo=&Apache::loncommon::domainlogo($domain);
255: my $login=&Apache::loncommon::designparm('login.login',$domain);
256: if ($login eq '') {
257: $login = $iconpath.'/'.&mt('userauthentication.gif');
258: }
259: my $showbanner = 1;
260: my $showmainlogo = 1;
261: if (defined(&Apache::loncommon::designparm('login.showlogo_img',$domain))) {
262: $showbanner = &Apache::loncommon::designparm('login.showlogo_img',$domain);
263: }
264: if (defined(&Apache::loncommon::designparm('login.showlogo_logo',$domain))) {
265: $showmainlogo = &Apache::loncommon::designparm('login.showlogo_logo',$domain);
266: }
267: my $showadminmail=&Apache::loncommon::designparm('login.adminmail',$domain);
268: my $showcoursecat =
269: &Apache::loncommon::designparm('login.coursecatalog',$domain);
270: my $loginheader =&Apache::loncommon::designparm('login.loginheader',$domain);
271: my $shownewuserlink =
272: &Apache::loncommon::designparm('login.newuser',$domain);
273: my $now=time;
274: my $js = (<<ENDSCRIPT);
275:
276: <script type="text/javascript" language="JavaScript">
277: // <![CDATA[
278: function send()
279: {
280: this.document.server.elements.uname.value
281: =this.document.client.elements.uname.value;
282:
283: this.document.server.elements.udom.value
284: =this.document.client.elements.udom.value;
285:
286: uextkey=this.document.client.elements.uextkey.value;
287: lextkey=this.document.client.elements.lextkey.value;
288: initkeys();
289:
290: this.document.server.elements.upass0.value
291: =crypted(this.document.client.elements.upass$now.value.substr(0,15));
292: this.document.server.elements.upass1.value
293: =crypted(this.document.client.elements.upass$now.value.substr(15,15));
294: this.document.server.elements.upass2.value
295: =crypted(this.document.client.elements.upass$now.value.substr(30,15));
296:
297: this.document.client.elements.uname.value='';
298: this.document.client.elements.upass$now.value='';
299:
300: this.document.server.submit();
301: return false;
302: }
303: // ]]>
304: </script>
305:
306: ENDSCRIPT
307:
308: # --------------------------------------------------- Print login screen header
309:
310: my %add_entries = (
311: bgcolor => "$mainbg",
312: text => "$font",
313: link => "$link",
314: vlink => "$vlink",
315: alink => "$alink",);
316:
317: $r->print(&Apache::loncommon::start_page('The LearningOnline Network with CAPA Login',$js,
318: { 'redirect' => [$expire,'/adm/roles'],
319: 'add_entries' => \%add_entries,
320: 'only_body' => 1,}));
321:
322: # ----------------------------------------------------------------------- Texts
323:
324: my %lt=&Apache::lonlocal::texthash(
325: 'un' => 'Username',
326: 'pw' => 'Password',
327: 'dom' => 'Domain',
328: 'perc' => 'percent',
329: 'load' => 'Server Load',
330: 'userload' => 'User Load',
331: 'catalog' => 'Course Catalog',
332: 'log' => 'Log in',
333: 'help' => 'Log-in Help',
334: 'serv' => 'Server',
335: 'servadm' => 'Server Administration',
336: 'helpdesk' => 'Contact Helpdesk',
337: 'forgotpw' => 'Forgot password?',
338: 'newuser' => 'New User?',
339: );
340: # -------------------------------------------------- Change password field name
341: my $forgotpw = &forgotpwdisplay(%lt);
342: my $loginhelp = &loginhelpdisplay(%lt);
343:
344: # ---------------------------------------------------- Serve out DES JavaScript
345: {
346: my $jsh=Apache::File->new($include."/londes.js");
347: $r->print(<$jsh>);
348: }
349: # ---------------------------------------------------------- Serve rest of page
350:
351: $r->print(
352: '<div class="LC_loginpage_container">');
353:
354: #
355: # If the loadbalancing yielded just http:// because perhaps there's no loadbalancing?
356: # then just us a relative link to authenticate:
357: #
358:
359: $r->print(<<ENDSERVERFORM);
360: <form name="server" action="$otherserver/adm/authenticate" method="post" target="_top">
361: <input type="hidden" name="logtoken" value="$logtoken" />
362: <input type="hidden" name="serverid" value="$lonhost" />
363: <input type="hidden" name="uname" value="" />
364: <input type="hidden" name="upass0" value="" />
365: <input type="hidden" name="upass1" value="" />
366: <input type="hidden" name="upass2" value="" />
367: <input type="hidden" name="udom" value="" />
368: <input type="hidden" name="localpath" value="$env{'form.localpath'}" />
369: <input type="hidden" name="localres" value="$env{'form.localres'}" />
370: </form>
371: ENDSERVERFORM
372: my $coursecatalog;
373: if (($showcoursecat eq '') || ($showcoursecat)) {
374: $coursecatalog = &coursecatalog_link($lt{'catalog'});
375: }
376: my $newuserlink;
377: if ($shownewuserlink) {
378: $newuserlink = &newuser_link($lt{'newuser'}).'<br />';
379: }
380: my $logintitle;
381: if ($loginheader eq 'text') {
382: $logintitle ='<h2>'.$lt{'log'}.'</h2>';
383: } else {
384: $logintitle = '<img src="'.$login.'" alt="'.
385: &mt('User Authentication').'" />';
386: }
387:
388: my $noscript_warning='<noscript><span class="LC_warning"><b>'
389: .&mt('Use of LON-CAPA requires Javascript to be enabled in your web browser.')
390: .'</b></span></noscript>';
391: my $helpdeskscript;
392: my $contactblock = &contactdisplay(\%lt,$servadm,$showadminmail,
393: $version,$authdomain,\$helpdeskscript);
394:
395: my $loginform=(<<LFORM);
396: <form name="client" action="" onsubmit="return(send())">
397: <input type="hidden" name="lextkey" value="$lextkey" />
398: <input type="hidden" name="uextkey" value="$uextkey" />
399: <b><label for="uname">$lt{'un'}</label>:</b><br />
400: <input type="text" name="uname" size="15" value="$authusername" /><br />
401: <b><label for="upass$now">$lt{'pw'}</label>:</b><br />
402: <input type="password" name="upass$now" size="15" /><br />
403: <b><label for="udom">$lt{'dom'}</label>:</b><br />
404: <input type="text" name="udom" size="15" value="$authdomain" /><br />
405: <input type="submit" value="$lt{'log'}" />
406: </form>
407: LFORM
408:
409: if ($showbanner) {
410: $r->print(<<HEADER);
411: <!-- The LON-CAPA Header -->
412: <table border="0" align="left" width="100%" cellspacing="0" cellpadding="1">
413: <tr>
414: <td align="left" valign="top" bgcolor="$pgbg">
415: <img src="$img" border="0" alt="The Learning Online Network with CAPA" />
416: </td>
417: </tr>
418: </table>
419: HEADER
420: }
421: $r->print(<<ENDTOP);
422: <div class="LC_loginpage_space"> </div>
423: <div class="LC_loginpage_floatLeft">
424: <div class="LC_loginpage_loginContainer">
425: $logintitle
426: <table border="0" align="left" cellspacing="1" cellpadding="2" width="100%">
427: <tr>
428: <td>
429: $loginform
430: </td>
431: </tr>
432: </table>
433: $noscript_warning
434: </div>
435:
436: <div class="LC_loginpage_loginInfo">
437: $loginhelp<br />
438: $forgotpw<br />
439: $contactblock<br />
440: $newuserlink
441: $coursecatalog
442: </div>
443: </div>
444: ENDTOP
445: if ($showmainlogo) {
446: $r->print(' <img src="'.$logo.'" alt="" />'."\n");
447: }
448: $r->print(<<ENDTOP);
449: $announcements
450: $domainlogo
451: <div class="LC_loginpage_space"> </div>
452: ENDTOP
453:
454: $r->print(<<ENDDOCUMENT);
455: <table border="0" cellspacing="0" cellpadding="0">
456: <tr>
457: <td align="left" valign="top">
458: <small><b> $lt{'dom'}: </b></small>
459: </td>
460: <td align="left" valign="top">
461: <small><tt> $domain</tt></small>
462: </td>
463: </tr>
464: <tr>
465: <td align="left" valign="top">
466: <small><b> $lt{'serv'}: </b></small>
467: </td>
468: <td align="left" valign="top">
469: <small><tt> $lonhost ($role)</tt></small>
470: </td>
471: </tr>
472: <tr>
473: <td align="left" valign="top">
474: <small><b> $lt{'load'}: </b></small>
475: </td>
476: <td align="left" valign="top">
477: <small><tt> $loadpercent $lt{'perc'}</tt></small>
478: </td>
479: </tr>
480: <tr>
481: <td align="left" valign="top">
482: <small><b> $lt{'userload'}: </b></small>
483: </td>
484: <td align="left" valign="top">
485: <small><tt> $userloadpercent $lt{'perc'}</tt></small>
486: </td>
487: </tr>
488: </table>
489: </div>
490:
491: <script type="text/javascript">
492: // <![CDATA[
493: // the if prevents the script error if the browser can not handle this
494: if ( document.client.uname ) { document.client.uname.focus(); }
495: // ]]>
496: </script>
497: $helpdeskscript
498:
499: ENDDOCUMENT
500: my %endargs = ( 'noredirectlink' => 1, );
501: $r->print(&Apache::loncommon::end_page(\%endargs));
502: return OK;
503: }
504:
505: sub contactdisplay {
506: my ($lt,$servadm,$showadminmail,$version,$authdomain,$helpdeskscript) = @_;
507: my $contactblock;
508: my $showhelpdesk = 0;
509: my $requestmail = $Apache::lonnet::perlvar{'lonSupportEMail'};
510: if ($requestmail =~ m/^[^\@]+\@[^\@]+$/) {
511: $showhelpdesk = 1;
512: }
513: if ($servadm && $showadminmail) {
514: $contactblock .= '<b> '.$$lt{'servadm'}.':</b><br />'.
515: '<tt> '.$servadm.'</tt><br /> <br />';
516: }
517: if ($showhelpdesk) {
518: $contactblock .= '<a href="javascript:helpdesk()">'.$lt->{'helpdesk'}.'</a><br />';
519: my $thisurl = &escape('/adm/login');
520: $$helpdeskscript = <<"ENDSCRIPT";
521: <script type="text/javascript">
522: // <![CDATA[
523: function helpdesk() {
524: var codedom = document.client.udom.value;
525: if (codedom == '') {
526: codedom = "$authdomain";
527: }
528: var querystr = "origurl=$thisurl&codedom="+codedom;
529: document.location.href = "/adm/helpdesk?"+querystr;
530: return;
531: }
532: // ]]>
533: </script>
534: ENDSCRIPT
535: }
536: $contactblock .= <<"ENDBLOCK";
537: $version
538: ENDBLOCK
539: return $contactblock;
540: }
541:
542: sub forgotpwdisplay {
543: my (%lt) = @_;
544: my $prompt_for_resetpw = 1;
545: if ($prompt_for_resetpw) {
546: return '<a href="/adm/resetpw">'.$lt{'forgotpw'}.'</a>';
547: }
548: return;
549: }
550:
551: sub loginhelpdisplay {
552: my (%lt) = @_;
553: my $login_help = 1;
554: if ($login_help) {
555: return '<a href="/adm/loginproblems.html">'.$lt{'help'}.'</a>';
556: }
557: return;
558: }
559:
560: sub coursecatalog_link {
561: my ($linkname) = @_;
562: return <<"END";
563: <a href="/adm/coursecatalog">$linkname</a>
564: END
565: }
566:
567: sub newuser_link {
568: my ($linkname) = @_;
569: return ' <a href="/adm/createaccount"><b>'.$linkname.'</b></a><br />';
570: }
571:
572: 1;
573: __END__
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>