loncom/auth/lonlogin.pm - view

File: [LON-CAPA] / loncom / auth / lonlogin.pm
Revision 1.127: download - view: text, annotated - select for diffs
Tue Oct 6 23:43:21 2009 UTC (14 years, 8 months ago) by raeburn
Branches: MAIN
CVS tags: HEAD

No direct log-in.
- &Apache::loncommon::get_domainconf() returns simple hash (not a hash of a hash etc.)
- Get redirection setting for appropriate domain and hostID from this hash.

1: # The LearningOnline Network 2: # Login Screen 3: # 4: # $Id: lonlogin.pm,v 1.127 2009/10/06 23:43:21 raeburn Exp $ 5: # 6: # Copyright Michigan State University Board of Trustees 7: # 8: # This file is part of the LearningOnline Network with CAPA (LON-CAPA). 9: # 10: # LON-CAPA is free software; you can redistribute it and/or modify 11: # it under the terms of the GNU General Public License as published by 12: # the Free Software Foundation; either version 2 of the License, or 13: # (at your option) any later version. 14: # 15: # LON-CAPA is distributed in the hope that it will be useful, 16: # but WITHOUT ANY WARRANTY; without even the implied warranty of 17: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 18: # GNU General Public License for more details. 19: # 20: # You should have received a copy of the GNU General Public License 21: # along with LON-CAPA; if not, write to the Free Software 22: # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 23: # 24: # /home/httpd/html/adm/gpl.txt 25: # 26: # http://www.lon-capa.org/ 27: # 28: 29: package Apache::lonlogin; 30: 31: use strict; 32: use Apache::Constants qw(:common); 33: use Apache::File (); 34: use Apache::lonnet; 35: use Apache::loncommon(); 36: use Apache::lonauth(); 37: use Apache::lonlocal; 38: use Apache::migrateuser(); 39: use lib '/home/httpd/lib/perl/'; 40: use LONCAPA; 41: 42: sub handler { 43: my $r = shift; 44: 45: &Apache::loncommon::get_unprocessed_cgi 46: (join('&',$ENV{'QUERY_STRING'},$env{'request.querystring'}, 47: $ENV{'REDIRECT_QUERY_STRING'}), 48: ['interface','username','domain','firsturl','localpath','localres', 49: 'token','role','symb']); 50: if (!defined($env{'form.firsturl'})) { 51: &Apache::lonacc::get_posted_cgi($r,['firsturl']); 52: } 53: 54: # -- check if they are a migrating user 55: if (defined($env{'form.token'})) { 56: return &Apache::migrateuser::handler($r); 57: } 58: 59: &Apache::loncommon::no_cache($r); 60: &Apache::lonlocal::get_language_handle($r); 61: &Apache::loncommon::content_type($r,'text/html'); 62: $r->send_http_header; 63: return OK if $r->header_only; 64: 65: 66: # Are we re-routing? 67: if (-e '/home/httpd/html/lon-status/reroute.txt') { 68: &Apache::lonauth::reroute($r); 69: return OK; 70: } 71: 72: 73: # -------------------------------- Prevent users from attempting to login twice 74: my $handle = &Apache::lonnet::check_for_valid_session($r); 75: if ($handle=~/^publicuser\_/) { 76: # For "public user" - remove it, we apparently really want to login 77: unlink($r->dir_config('lonIDsDir')."/$handle.id"); 78: } elsif ($handle ne '') { 79: # Indeed, a valid token is found 80: my $start_page = 81: &Apache::loncommon::start_page('Already logged in'); 82: my $end_page = 83: &Apache::loncommon::end_page(); 84: my $dest = '/adm/roles'; 85: if ($env{'form.firsturl'} ne '') { 86: $dest = $env{'form.firsturl'}; 87: } 88: $r->print( 89: $start_page 90: .'<h1>'.&mt('You are already logged in!').'</h1>' 91: .'<p>'.&mt('Please either [_1]continue the current session[_2] or [_3]log out[_4].', 92: '<a href="'.$dest.'">','</a>','<a href="/adm/logout">','</a>').'</p>' 93: .'<p><a href="/adm/loginproblems.html">'.&mt('Login problems?').'</a></p>' 94: .$end_page 95: ); 96: return OK; 97: } 98: 99: # ---------------------------------------------------- No valid token, continue 100: 101: # ---------------------------- Not possible to really login to domain "public" 102: if ($env{'form.domain'} eq 'public') { 103: $env{'form.domain'}=''; 104: $env{'form.username'}=''; 105: } 106: # ----------------------------------------------------------- Process Interface 107: $env{'form.interface'}=~s/\W//g; 108: 109: my $httpbrowser=$ENV{"HTTP_USER_AGENT"}; 110: 111: my $iconpath= 112: &Apache::loncommon::lonhttpdurl($r->dir_config('lonIconsURL')); 113: 114: my $lonhost = $r->dir_config('lonHostID'); 115: my $domain = &Apache::lonnet::default_login_domain(); 116: my %domconfhash = &Apache::loncommon::get_domainconf($domain); 117: if ($lonhost ne '') { 118: my $loginvia = $domconfhash{$domain.'.login.loginvia_'.$lonhost}; 119: if (($loginvia ne '') && ($loginvia ne $lonhost)) { 120: my %servers = &Apache::lonnet::get_servers($domain); 121: if ($servers{$loginvia} ne '') { 122: $r->print(&redirect_page($loginvia)); 123: return OK; 124: } 125: } 126: } 127: 128: if (($env{'form.domain'}) && 129: (&Apache::lonnet::domain($env{'form.domain'},'description'))) { 130: $domain=$env{'form.domain'}; 131: } 132: my $role = $r->dir_config('lonRole'); 133: my $loadlim = $r->dir_config('lonLoadLim'); 134: my $servadm = $r->dir_config('lonAdmEMail'); 135: my $tabdir = $r->dir_config('lonTabDir'); 136: my $include = $r->dir_config('lonIncludes'); 137: my $expire = $r->dir_config('lonExpire'); 138: my $version = $r->dir_config('lonVersion'); 139: my $host_name = &Apache::lonnet::hostname($lonhost); 140: 141: # --------------------------------------------- Default values for login fields 142: 143: my $authusername=($env{'form.username'}?$env{'form.username'}:''); 144: my $authdomain=($env{'form.domain'}?$env{'form.domain'}:$domain); 145: 146: # ---------------------------------------------------------- Determine own load 147: my $loadavg; 148: { 149: my $loadfile=Apache::File->new('/proc/loadavg'); 150: $loadavg=<$loadfile>; 151: } 152: $loadavg =~ s/\s.*//g; 153: my $loadpercent=sprintf("%.1f",100*$loadavg/$loadlim); 154: my $userloadpercent=&Apache::lonnet::userload(); 155: 156: # ------------------------------------------------------- Do the load balancing 157: my $otherserver= &Apache::lonnet::absolute_url($host_name); 158: my $firsturl= 159: ($env{'request.firsturl'}?$env{'request.firsturl'}:$env{'form.firsturl'}); 160: # ---------------------------------------------------------- Are we overloaded? 161: if ((($userloadpercent>100.0)||($loadpercent>100.0))) { 162: my $unloaded=Apache::lonnet::spareserver($loadpercent,$userloadpercent); 163: if ($unloaded) { $otherserver=$unloaded; } 164: } 165: 166: # ----------------------------------------------------------- Get announcements 167: my $announcements=&Apache::lonnet::getannounce(); 168: # -------------------------------------------------------- Set login parameters 169: 170: my @hexstr=('0','1','2','3','4','5','6','7', 171: '8','9','a','b','c','d','e','f'); 172: my $lkey=''; 173: for (0..7) { 174: $lkey.=$hexstr[rand(15)]; 175: } 176: 177: my $ukey=''; 178: for (0..7) { 179: $ukey.=$hexstr[rand(15)]; 180: } 181: 182: my $lextkey=hex($lkey); 183: if ($lextkey>2147483647) { $lextkey-=4294967296; } 184: 185: my $uextkey=hex($ukey); 186: if ($uextkey>2147483647) { $uextkey-=4294967296; } 187: 188: # -------------------------------------------------------- Store away log token 189: my $tokenextras; 190: if ($env{'form.role'}) { 191: $tokenextras = '&role='.&escape($env{'form.role'}); 192: } 193: if ($env{'form.symb'}) { 194: if (!$tokenextras) { 195: $tokenextras = '&'; 196: } 197: $tokenextras .= '&symb='.&escape($env{'form.symb'}); 198: } 199: my $logtoken=Apache::lonnet::reply( 200: 'tmpput:'.$ukey.$lkey.'&'.$firsturl.$tokenextras, 201: $lonhost); 202: 203: # ------------------- If we cannot talk to ourselves, we are in serious trouble 204: 205: if ($logtoken eq 'con_lost') { 206: my $spares=''; 207: my $last; 208: foreach my $hostid (sort 209: { 210: &Apache::lonnet::hostname($a) cmp 211: &Apache::lonnet::hostname($b); 212: } 213: keys(%Apache::lonnet::spareid)) { 214: next if ($hostid eq $lonhost); 215: my $hostname = &Apache::lonnet::hostname($hostid); 216: next if ($last eq $hostname); 217: $spares.='<br /><font size="+1"><a href="http://'. 218: $hostname. 219: '/adm/login?domain='.$authdomain.'">'. 220: $hostname.'</a>'. 221: ' '.&mt('(preferred)').'</font>'.$/; 222: $last=$hostname; 223: } 224: $spares.= '<br />'; 225: my %all_hostnames = &Apache::lonnet::all_hostnames(); 226: foreach my $hostid (sort 227: { 228: &Apache::lonnet::hostname($a) cmp 229: &Apache::lonnet::hostname($b); 230: } 231: keys(%all_hostnames)) { 232: next if ($hostid eq $lonhost || $Apache::lonnet::spareid{$hostid}); 233: my $hostname = &Apache::lonnet::hostname($hostid); 234: next if ($last eq $hostname); 235: $spares.='<br /><a href="http://'. 236: $hostname. 237: '/adm/login?domain='.$authdomain.'">'. 238: $hostname.'</a>'; 239: $last=$hostname; 240: } 241: $r->print( 242: '<html>' 243: .'<head><title>' 244: .&mt('The LearningOnline Network with CAPA') 245: .'</title></head>' 246: .'<body bgcolor="#FFFFFF">' 247: .'<h1>'.&mt('The LearningOnline Network with CAPA').'</h1>' 248: .'<img src="/adm/lonKaputt/lonlogo_broken.gif" align="right" />' 249: .'<h3>'.&mt('This LON-CAPA server is temporarily not available for login.').'</h3>' 250: .'<p>'.&mt('Please attempt to login to one of the following servers:').'</p>' 251: .$spares 252: .'</body>' 253: .'</html>' 254: ); 255: return OK; 256: } 257: 258: # ----------------------------------------------- Apparently we are in business 259: $servadm=~s/\,/\<br \/\>/g; 260: 261: # ----------------------------------------------------------- Front page design 262: my $pgbg=&Apache::loncommon::designparm('login.pgbg',$domain); 263: my $font=&Apache::loncommon::designparm('login.font',$domain); 264: my $link=&Apache::loncommon::designparm('login.link',$domain); 265: my $vlink=&Apache::loncommon::designparm('login.vlink',$domain); 266: my $alink=&Apache::loncommon::designparm('login.alink',$domain); 267: my $mainbg=&Apache::loncommon::designparm('login.mainbg',$domain); 268: my $logo=&Apache::loncommon::designparm('login.logo',$domain); 269: my $img=&Apache::loncommon::designparm('login.img',$domain); 270: my $domainlogo=&Apache::loncommon::domainlogo($domain); 271: my $login=&Apache::loncommon::designparm('login.login',$domain); 272: if ($login eq '') { 273: $login = $iconpath.'/'.&mt('userauthentication.gif'); 274: } 275: my $showbanner = 1; 276: my $showmainlogo = 1; 277: if (defined(&Apache::loncommon::designparm('login.showlogo_img',$domain))) { 278: $showbanner = &Apache::loncommon::designparm('login.showlogo_img',$domain); 279: } 280: if (defined(&Apache::loncommon::designparm('login.showlogo_logo',$domain))) { 281: $showmainlogo = &Apache::loncommon::designparm('login.showlogo_logo',$domain); 282: } 283: my $showadminmail=&Apache::loncommon::designparm('login.adminmail',$domain); 284: my $showcoursecat = 285: &Apache::loncommon::designparm('login.coursecatalog',$domain); 286: my $loginheader =&Apache::loncommon::designparm('login.loginheader',$domain); 287: my $shownewuserlink = 288: &Apache::loncommon::designparm('login.newuser',$domain); 289: my $now=time; 290: my $js = (<<ENDSCRIPT); 291: 292: <script type="text/javascript" language="JavaScript"> 293: // <![CDATA[ 294: function send() 295: { 296: this.document.server.elements.uname.value 297: =this.document.client.elements.uname.value; 298: 299: this.document.server.elements.udom.value 300: =this.document.client.elements.udom.value; 301: 302: uextkey=this.document.client.elements.uextkey.value; 303: lextkey=this.document.client.elements.lextkey.value; 304: initkeys(); 305: 306: this.document.server.elements.upass0.value 307: =crypted(this.document.client.elements.upass$now.value.substr(0,15)); 308: this.document.server.elements.upass1.value 309: =crypted(this.document.client.elements.upass$now.value.substr(15,15)); 310: this.document.server.elements.upass2.value 311: =crypted(this.document.client.elements.upass$now.value.substr(30,15)); 312: 313: this.document.client.elements.uname.value=''; 314: this.document.client.elements.upass$now.value=''; 315: 316: this.document.server.submit(); 317: return false; 318: } 319: // ]]> 320: </script> 321: 322: ENDSCRIPT 323: 324: # --------------------------------------------------- Print login screen header 325: 326: my %add_entries = ( 327: bgcolor => "$mainbg", 328: text => "$font", 329: link => "$link", 330: vlink => "$vlink", 331: alink => "$alink",); 332: 333: $r->print(&Apache::loncommon::start_page('The LearningOnline Network with CAPA Login',$js, 334: { 'redirect' => [$expire,'/adm/roles'], 335: 'add_entries' => \%add_entries, 336: 'only_body' => 1,})); 337: 338: # ----------------------------------------------------------------------- Texts 339: 340: my %lt=&Apache::lonlocal::texthash( 341: 'un' => 'Username', 342: 'pw' => 'Password', 343: 'dom' => 'Domain', 344: 'perc' => 'percent', 345: 'load' => 'Server Load', 346: 'userload' => 'User Load', 347: 'catalog' => 'Course Catalog', 348: 'log' => 'Log in', 349: 'help' => 'Log-in Help', 350: 'serv' => 'Server', 351: 'servadm' => 'Server Administration', 352: 'helpdesk' => 'Contact Helpdesk', 353: 'forgotpw' => 'Forgot password?', 354: 'newuser' => 'New User?', 355: ); 356: # -------------------------------------------------- Change password field name 357: my $forgotpw = &forgotpwdisplay(%lt); 358: my $loginhelp = &loginhelpdisplay(%lt); 359: 360: # ---------------------------------------------------- Serve out DES JavaScript 361: { 362: my $jsh=Apache::File->new($include."/londes.js"); 363: $r->print(<$jsh>); 364: } 365: # ---------------------------------------------------------- Serve rest of page 366: 367: $r->print( 368: '<div class="LC_loginpage_container">'); 369: 370: # 371: # If the loadbalancing yielded just http:// because perhaps there's no loadbalancing? 372: # then just us a relative link to authenticate: 373: # 374: 375: $r->print(<<ENDSERVERFORM); 376: <form name="server" action="$otherserver/adm/authenticate" method="post" target="_top"> 377: <input type="hidden" name="logtoken" value="$logtoken" /> 378: <input type="hidden" name="serverid" value="$lonhost" /> 379: <input type="hidden" name="uname" value="" /> 380: <input type="hidden" name="upass0" value="" /> 381: <input type="hidden" name="upass1" value="" /> 382: <input type="hidden" name="upass2" value="" /> 383: <input type="hidden" name="udom" value="" /> 384: <input type="hidden" name="localpath" value="$env{'form.localpath'}" /> 385: <input type="hidden" name="localres" value="$env{'form.localres'}" /> 386: </form> 387: ENDSERVERFORM 388: my $coursecatalog; 389: if (($showcoursecat eq '') || ($showcoursecat)) { 390: $coursecatalog = &coursecatalog_link($lt{'catalog'}); 391: } 392: my $newuserlink; 393: if ($shownewuserlink) { 394: $newuserlink = &newuser_link($lt{'newuser'}).'<br />'; 395: } 396: my $logintitle; 397: if ($loginheader eq 'text') { 398: $logintitle ='<h2>'.$lt{'log'}.'</h2>'; 399: } else { 400: $logintitle = '<img src="'.$login.'" alt="'. 401: &mt('User Authentication').'" />'; 402: } 403: 404: my $noscript_warning='<noscript><span class="LC_warning"><b>' 405: .&mt('Use of LON-CAPA requires Javascript to be enabled in your web browser.') 406: .'</b></span></noscript>'; 407: my $helpdeskscript; 408: my $contactblock = &contactdisplay(\%lt,$servadm,$showadminmail, 409: $version,$authdomain,\$helpdeskscript); 410: 411: my $loginform=(<<LFORM); 412: <form name="client" action="" onsubmit="return(send())"> 413: <input type="hidden" name="lextkey" value="$lextkey" /> 414: <input type="hidden" name="uextkey" value="$uextkey" /> 415: <b><label for="uname">$lt{'un'}</label>:</b><br /> 416: <input type="text" name="uname" size="15" value="$authusername" /><br /> 417: <b><label for="upass$now">$lt{'pw'}</label>:</b><br /> 418: <input type="password" name="upass$now" size="15" /><br /> 419: <b><label for="udom">$lt{'dom'}</label>:</b><br /> 420: <input type="text" name="udom" size="15" value="$authdomain" /><br /> 421: <input type="submit" value="$lt{'log'}" /> 422: </form> 423: LFORM 424: 425: if ($showbanner) { 426: $r->print(<<HEADER); 427:  428: <table border="0" align="left" width="100%" cellspacing="0" cellpadding="1"> 429: <tr> 430: <td align="left" valign="top" bgcolor="$pgbg"> 431: <img src="$img" border="0" alt="The Learning Online Network with CAPA" /> 432: </td> 433: </tr> 434: </table> 435: HEADER 436: } 437: $r->print(<<ENDTOP); 438: <div class="LC_loginpage_space"> </div> 439: <div class="LC_loginpage_floatLeft"> 440: <div class="LC_loginpage_loginContainer"> 441: $logintitle 442: <table border="0" align="left" cellspacing="1" cellpadding="2" width="100%"> 443: <tr> 444: <td> 445: $loginform 446: </td> 447: </tr> 448: </table> 449: $noscript_warning 450: </div> 451: 452: <div class="LC_loginpage_loginInfo"> 453: $loginhelp<br /> 454: $forgotpw<br /> 455: $contactblock<br /> 456: $newuserlink 457: $coursecatalog 458: </div> 459: </div> 460: ENDTOP 461: if ($showmainlogo) { 462: $r->print(' <img src="'.$logo.'" alt="" />'."\n"); 463: } 464: $r->print(<<ENDTOP); 465: $announcements 466: $domainlogo 467: <div class="LC_loginpage_space"> </div> 468: ENDTOP 469: 470: $r->print(<<ENDDOCUMENT); 471: <table border="0" cellspacing="0" cellpadding="0"> 472: <tr> 473: <td align="left" valign="top"> 474: <small><b>   $lt{'dom'}: </b></small> 475: </td> 476: <td align="left" valign="top"> 477: <small><tt> $domain</tt></small> 478: </td> 479: </tr> 480: <tr> 481: <td align="left" valign="top"> 482: <small><b>   $lt{'serv'}: </b></small> 483: </td> 484: <td align="left" valign="top"> 485: <small><tt> $lonhost ($role)</tt></small> 486: </td> 487: </tr> 488: <tr> 489: <td align="left" valign="top"> 490: <small><b>   $lt{'load'}: </b></small> 491: </td> 492: <td align="left" valign="top"> 493: <small><tt> $loadpercent $lt{'perc'}</tt></small> 494: </td> 495: </tr> 496: <tr> 497: <td align="left" valign="top"> 498: <small><b>   $lt{'userload'}: </b></small> 499: </td> 500: <td align="left" valign="top"> 501: <small><tt> $userloadpercent $lt{'perc'}</tt></small> 502: </td> 503: </tr> 504: </table> 505: </div> 506: 507: <script type="text/javascript"> 508: // <![CDATA[ 509: // the if prevents the script error if the browser can not handle this 510: if ( document.client.uname ) { document.client.uname.focus(); } 511: // ]]> 512: </script> 513: $helpdeskscript 514: 515: ENDDOCUMENT 516: my %endargs = ( 'noredirectlink' => 1, ); 517: $r->print(&Apache::loncommon::end_page(\%endargs)); 518: return OK; 519: } 520: 521: sub redirect_page { 522: my ($desthost) = @_; 523: my $protocol = $Apache::lonnet::protocol{$desthost}; 524: $protocol = 'http' if ($protocol ne 'https'); 525: my $url = $protocol.'://'.&Apache::lonnet::hostname($desthost).'/'; 526: if ($env{'form.firsturl'} ne '') { 527: $url .='?firsturl='.$env{'form.firsturl'}; 528: } 529: my $start_page = &Apache::loncommon::start_page('Switching Server',undef, 530: {'redirect' => [0,$url],}); 531: my $end_page = &Apache::loncommon::end_page(); 532: return $start_page.$end_page; 533: } 534: 535: sub contactdisplay { 536: my ($lt,$servadm,$showadminmail,$version,$authdomain,$helpdeskscript) = @_; 537: my $contactblock; 538: my $showhelpdesk = 0; 539: my $requestmail = $Apache::lonnet::perlvar{'lonSupportEMail'}; 540: if ($requestmail =~ m/^[^\@]+\@[^\@]+$/) { 541: $showhelpdesk = 1; 542: } 543: if ($servadm && $showadminmail) { 544: $contactblock .= '<b>   '.$$lt{'servadm'}.':</b><br />'. 545: '<tt>      '.$servadm.'</tt><br /> <br />'; 546: } 547: if ($showhelpdesk) { 548: $contactblock .= '<a href="javascript:helpdesk()">'.$lt->{'helpdesk'}.'</a><br />'; 549: my $thisurl = &escape('/adm/login'); 550: $$helpdeskscript = <<"ENDSCRIPT"; 551: <script type="text/javascript"> 552: // <![CDATA[ 553: function helpdesk() { 554: var codedom = document.client.udom.value; 555: if (codedom == '') { 556: codedom = "$authdomain"; 557: } 558: var querystr = "origurl=$thisurl&codedom="+codedom; 559: document.location.href = "/adm/helpdesk?"+querystr; 560: return; 561: } 562: // ]]> 563: </script> 564: ENDSCRIPT 565: } 566: $contactblock .= <<"ENDBLOCK"; 567:    $version 568: ENDBLOCK 569: return $contactblock; 570: } 571: 572: sub forgotpwdisplay { 573: my (%lt) = @_; 574: my $prompt_for_resetpw = 1; 575: if ($prompt_for_resetpw) { 576: return '<a href="/adm/resetpw">'.$lt{'forgotpw'}.'</a>'; 577: } 578: return; 579: } 580: 581: sub loginhelpdisplay { 582: my (%lt) = @_; 583: my $login_help = 1; 584: if ($login_help) { 585: return '<a href="/adm/loginproblems.html">'.$lt{'help'}.'</a>'; 586: } 587: return; 588: } 589: 590: sub coursecatalog_link { 591: my ($linkname) = @_; 592: return <<"END"; 593: <a href="/adm/coursecatalog">$linkname</a> 594: END 595: } 596: 597: sub newuser_link { 598: my ($linkname) = @_; 599: return '   <a href="/adm/createaccount"><b>'.$linkname.'</b></a><br />'; 600: } 601: 602: 1; 603: __END__