File:
[LON-CAPA] /
loncom /
auth /
lonlogin.pm
Revision
1.177:
download - view:
text,
annotated -
select for diffs
Wed Dec 26 20:10:21 2018 UTC (5 years, 5 months ago) by
raeburn
Branches:
MAIN
CVS tags:
HEAD
- Bug 6400 Deep-linking
- URLs like /adm/lti/tiny/domain/uniqueID can be used to restrict use of
deep links to access from another LTI-enabled application (no user data
passed in this context).
1: # The LearningOnline Network
2: # Login Screen
3: #
4: # $Id: lonlogin.pm,v 1.177 2018/12/26 20:10:21 raeburn Exp $
5: #
6: # Copyright Michigan State University Board of Trustees
7: #
8: # This file is part of the LearningOnline Network with CAPA (LON-CAPA).
9: #
10: # LON-CAPA is free software; you can redistribute it and/or modify
11: # it under the terms of the GNU General Public License as published by
12: # the Free Software Foundation; either version 2 of the License, or
13: # (at your option) any later version.
14: #
15: # LON-CAPA is distributed in the hope that it will be useful,
16: # but WITHOUT ANY WARRANTY; without even the implied warranty of
17: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18: # GNU General Public License for more details.
19: #
20: # You should have received a copy of the GNU General Public License
21: # along with LON-CAPA; if not, write to the Free Software
22: # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
23: #
24: # /home/httpd/html/adm/gpl.txt
25: #
26: # http://www.lon-capa.org/
27: #
28:
29: package Apache::lonlogin;
30:
31: use strict;
32: use Apache::Constants qw(:common);
33: use Apache::File ();
34: use Apache::lonnet;
35: use Apache::loncommon();
36: use Apache::lonauth();
37: use Apache::lonlocal;
38: use Apache::migrateuser();
39: use lib '/home/httpd/lib/perl/';
40: use LONCAPA qw(:DEFAULT :match);
41: use CGI::Cookie();
42:
43: sub handler {
44: my $r = shift;
45:
46: &Apache::loncommon::get_unprocessed_cgi
47: (join('&',$ENV{'QUERY_STRING'},$env{'request.querystring'},
48: $ENV{'REDIRECT_QUERY_STRING'}),
49: ['interface','username','domain','firsturl','localpath','localres',
50: 'token','role','symb','iptoken','btoken','ltoken']);
51: if (!defined($env{'form.firsturl'})) {
52: &Apache::lonacc::get_posted_cgi($r,['firsturl']);
53: }
54: if (!defined($env{'form.firsturl'})) {
55: if ($ENV{'REDIRECT_URL'} =~ m{^/+tiny/+$LONCAPA::match_domain/+\w+$}) {
56: $env{'form.firsturl'} = $ENV{'REDIRECT_URL'};
57: }
58: }
59:
60: # -- check if they are a migrating user
61: if (defined($env{'form.token'})) {
62: return &Apache::migrateuser::handler($r);
63: }
64:
65: # For "public user" - remove any exising "public" cookie, as user really wants to log-in
66: my ($handle,$lonidsdir,$expirepub,$userdom);
67: $lonidsdir=$r->dir_config('lonIDsDir');
68: unless ($r->header_only) {
69: $handle = &Apache::lonnet::check_for_valid_session($r,'lonID',undef,\$userdom);
70: if ($handle ne '') {
71: if ($handle=~/^publicuser\_/) {
72: unlink($r->dir_config('lonIDsDir')."/$handle.id");
73: undef($handle);
74: undef($userdom);
75: $expirepub = 1;
76: }
77: }
78: }
79:
80: &Apache::loncommon::no_cache($r);
81: &Apache::lonlocal::get_language_handle($r);
82: &Apache::loncommon::content_type($r,'text/html');
83: if ($expirepub) {
84: my $c = new CGI::Cookie(-name => 'lonPubID',
85: -value => '',
86: -expires => '-10y',);
87: $r->header_out('Set-cookie' => $c);
88: } elsif (($handle eq '') && ($userdom ne '')) {
89: my %cookies=CGI::Cookie->parse($r->header_in('Cookie'));
90: foreach my $name (keys(%cookies)) {
91: next unless ($name =~ /^lon(|S|Link|Pub)ID$/);
92: my $c = new CGI::Cookie(-name => $name,
93: -value => '',
94: -expires => '-10y',);
95: $r->headers_out->add('Set-cookie' => $c);
96: }
97: }
98: $r->send_http_header;
99: return OK if $r->header_only;
100:
101:
102: # Are we re-routing?
103: my $londocroot = $r->dir_config('lonDocRoot');
104: if (-e "$londocroot/lon-status/reroute.txt") {
105: &Apache::lonauth::reroute($r);
106: return OK;
107: }
108:
109: my $lonhost = $r->dir_config('lonHostID');
110: $env{'form.firsturl'} =~ s/(`)/'/g;
111:
112: # Check if browser sent a LON-CAPA load balancer cookie (and this is a balancer)
113:
114: my ($found_server,$balancer_cookie) = &Apache::lonnet::check_for_balancer_cookie($r,1);
115: if ($found_server) {
116: my $hostname = &Apache::lonnet::hostname($found_server);
117: if ($hostname ne '') {
118: my $protocol = $Apache::lonnet::protocol{$found_server};
119: $protocol = 'http' if ($protocol ne 'https');
120: my $dest = '/adm/roles';
121: if ($env{'form.firsturl'} ne '') {
122: $dest = $env{'form.firsturl'};
123: }
124: my %info = (
125: balcookie => $lonhost.':'.$balancer_cookie,
126: );
127: if ($env{'form.ltoken'}) {
128: my %link_info = &Apache::lonnet::tmpget($env{'form.ltoken'});
129: if ($link_info{'linkprot'}) {
130: $info{'linkprot'} = $link_info{'linkprot'};
131: }
132: &Apache::lonnet::tmpdel($env{'form.ltoken'});
133: delete($env{'form.ltoken'});
134: }
135: my $balancer_token = &Apache::lonnet::tmpput(\%info,$found_server);
136: if ($balancer_token) {
137: $dest .= (($dest=~/\?/)?'&;':'?') . 'btoken='.$balancer_token;
138: }
139: my $url = $protocol.'://'.$hostname.$dest;
140: my $start_page =
141: &Apache::loncommon::start_page('Switching Server ...',undef,
142: {'redirect' => [0,$url],});
143: my $end_page = &Apache::loncommon::end_page();
144: $r->print($start_page.$end_page);
145: return OK;
146: }
147: }
148:
149: #
150: # Check if a LON-CAPA load balancer sent user here because user's browser sent
151: # it a balancer cookie for an active session on this server.
152: #
153:
154: my ($balcookie,$linkprot);
155: if ($env{'form.btoken'}) {
156: my %info = &Apache::lonnet::tmpget($env{'form.btoken'});
157: $balcookie = $info{'balcookie'};
158: if ($balcookie) {
159: if ($info{'linkprot'}) {
160: $linkprot = $info{'linkprot'};
161: }
162: }
163: &Apache::lonnet::tmpdel($env{'form.btoken'});
164: delete($env{'form.btoken'});
165: }
166:
167: #
168: # If browser sent an old cookie for which the session file had been removed
169: # check if configuration for user's domain has a portal URL set. If so
170: # switch user's log-in to the portal.
171: #
172:
173: if (($handle eq '') && ($userdom ne '')) {
174: my %domdefaults = &Apache::lonnet::get_domain_defaults($userdom);
175: if ($domdefaults{'portal_def'} =~ /^https?\:/) {
176: my $start_page = &Apache::loncommon::start_page('Switching Server ...',undef,
177: {'redirect' => [0,$domdefaults{'portal_def'}],});
178: my $end_page = &Apache::loncommon::end_page();
179: $r->print($start_page.$end_page);
180: return OK;
181: }
182: }
183:
184: # -------------------------------- Prevent users from attempting to login twice
185: if ($handle ne '') {
186: &Apache::lonnet::transfer_profile_to_env($lonidsdir,$handle);
187: my $start_page =
188: &Apache::loncommon::start_page('Already logged in');
189: my $end_page =
190: &Apache::loncommon::end_page();
191: my $dest = '/adm/roles';
192: if ($env{'form.firsturl'} ne '') {
193: $dest = $env{'form.firsturl'};
194: }
195: if (($env{'form.ltoken'}) || ($linkprot)) {
196: unless ($linkprot) {
197: my %info = &Apache::lonnet::tmpget($env{'form.ltoken'});
198: $linkprot = $info{'linkprot'};
199: my $delete = &Apache::lonnet::tmpdel($env{'form.ltoken'});
200: delete($env{'form.ltoken'});
201: }
202: if ($linkprot) {
203: my ($linkprotector,$deeplink) = split(/:/,$linkprot,2);
204: if ($env{'user.linkprotector'}) {
205: my @protectors = split(/,/,$env{'user.linkprotector'});
206: unless (grep(/^\Q$linkprotector\E$/,@protectors)) {
207: push(@protectors,$linkprotector);
208: @protectors = sort { $a <=> $b } @protectors;
209: &Apache::lonnet::appenv({'user.linkprotector' => join(',',@protectors)});
210: }
211: } else {
212: &Apache::lonnet::appenv({'user.linkprotector' => $linkprotector });
213: }
214: if ($env{'user.linkproturi'}) {
215: my @proturis = split(/,/,$env{'user.linkproturi'});
216: unless(grep(/^\Q$deeplink\E$/,@proturis)) {
217: push(@proturis,$deeplink);
218: @proturis = sort @proturis;
219: &Apache::lonnet::appenv({'user.linkproturi' => join(',',@proturis)});
220: }
221: } else {
222: &Apache::lonnet::appenv({'user.linkproturi' => $deeplink});
223: }
224: }
225: }
226: $r->print(
227: $start_page
228: .'<p class="LC_warning">'.&mt('You are already logged in!').'</p>'
229: .'<p>'.&mt('Please either [_1]continue the current session[_2] or [_3]log out[_4].',
230: '<a href="'.$dest.'">','</a>','<a href="/adm/logout">','</a>').'</p>'
231: .$end_page
232: );
233: return OK;
234: }
235:
236: # ---------------------------------------------------- No valid token, continue
237:
238: # ---------------------------- Not possible to really login to domain "public"
239: if ($env{'form.domain'} eq 'public') {
240: $env{'form.domain'}='';
241: $env{'form.username'}='';
242: }
243:
244: # ------ Is this page requested because /adm/migrateuser detected an IP change?
245: my %sessiondata;
246: if ($env{'form.iptoken'}) {
247: %sessiondata = &Apache::lonnet::tmpget($env{'form.iptoken'});
248: unless ($sessiondata{'sessionserver'}) {
249: my $delete = &Apache::lonnet::tmpdel($env{'form.iptoken'});
250: delete($env{'form.iptoken'});
251: }
252: }
253: # ----------------------------------------------------------- Process Interface
254: $env{'form.interface'}=~s/\W//g;
255:
256: (undef,undef,undef,undef,undef,undef,my $clientmobile) =
257: &Apache::loncommon::decode_user_agent();
258:
259: my $iconpath=
260: &Apache::loncommon::lonhttpdurl($r->dir_config('lonIconsURL'));
261:
262: my $domain = &Apache::lonnet::default_login_domain();
263: my $defdom = $domain;
264: if ($lonhost ne '') {
265: unless ($sessiondata{'sessionserver'}) {
266: my $redirect = &check_loginvia($domain,$lonhost,$lonidsdir,$balcookie,$linkprot);
267: if ($redirect) {
268: $r->print($redirect);
269: return OK;
270: }
271: }
272: }
273:
274: if (($sessiondata{'domain'}) &&
275: (&Apache::lonnet::domain($sessiondata{'domain'},'description'))) {
276: $domain=$sessiondata{'domain'};
277: } elsif (($env{'form.domain'}) &&
278: (&Apache::lonnet::domain($env{'form.domain'},'description'))) {
279: $domain=$env{'form.domain'};
280: }
281:
282: my $role = $r->dir_config('lonRole');
283: my $loadlim = $r->dir_config('lonLoadLim');
284: my $uloadlim= $r->dir_config('lonUserLoadLim');
285: my $servadm = $r->dir_config('lonAdmEMail');
286: my $tabdir = $r->dir_config('lonTabDir');
287: my $include = $r->dir_config('lonIncludes');
288: my $expire = $r->dir_config('lonExpire');
289: my $version = $r->dir_config('lonVersion');
290: my $host_name = &Apache::lonnet::hostname($lonhost);
291:
292: # --------------------------------------------- Default values for login fields
293:
294: my ($authusername,$authdomain);
295: if ($sessiondata{'username'}) {
296: $authusername=$sessiondata{'username'};
297: } else {
298: $env{'form.username'} = &Apache::loncommon::cleanup_html($env{'form.username'});
299: $authusername=($env{'form.username'}?$env{'form.username'}:'');
300: }
301: if ($sessiondata{'domain'}) {
302: $authdomain=$sessiondata{'domain'};
303: } else {
304: $env{'form.domain'} = &Apache::loncommon::cleanup_html($env{'form.domain'});
305: $authdomain=($env{'form.domain'}?$env{'form.domain'}:$domain);
306: }
307:
308: # ---------------------------------------------------------- Determine own load
309: my $loadavg;
310: {
311: my $loadfile=Apache::File->new('/proc/loadavg');
312: $loadavg=<$loadfile>;
313: }
314: $loadavg =~ s/\s.*//g;
315:
316: my ($loadpercent,$userloadpercent);
317: if ($loadlim) {
318: $loadpercent=sprintf("%.1f",100*$loadavg/$loadlim);
319: }
320: if ($uloadlim) {
321: $userloadpercent=&Apache::lonnet::userload();
322: }
323:
324: my $firsturl=
325: ($env{'request.firsturl'}?$env{'request.firsturl'}:$env{'form.firsturl'});
326:
327: # ----------------------------------------------------------- Get announcements
328: my $announcements=&Apache::lonnet::getannounce();
329: # -------------------------------------------------------- Set login parameters
330:
331: my @hexstr=('0','1','2','3','4','5','6','7',
332: '8','9','a','b','c','d','e','f');
333: my $lkey='';
334: for (0..7) {
335: $lkey.=$hexstr[rand(15)];
336: }
337:
338: my $ukey='';
339: for (0..7) {
340: $ukey.=$hexstr[rand(15)];
341: }
342:
343: my $lextkey=hex($lkey);
344: if ($lextkey>2147483647) { $lextkey-=4294967296; }
345:
346: my $uextkey=hex($ukey);
347: if ($uextkey>2147483647) { $uextkey-=4294967296; }
348:
349: # -------------------------------------------------------- Store away log token
350: my $tokenextras;
351: if ($env{'form.role'}) {
352: $tokenextras = '&role='.&escape($env{'form.role'});
353: }
354: if ($env{'form.symb'}) {
355: if (!$tokenextras) {
356: $tokenextras = '&';
357: }
358: $tokenextras .= '&symb='.&escape($env{'form.symb'});
359: }
360: if ($env{'form.iptoken'}) {
361: if (!$tokenextras) {
362: $tokenextras = '&&';
363: }
364: $tokenextras .= '&iptoken='.&escape($env{'form.iptoken'});
365: }
366: if ($env{'form.ltoken'}) {
367: my %info = &Apache::lonnet::tmpget($env{'form.ltoken'});
368: &Apache::lonnet::tmpdel($env{'form.ltoken'});
369: delete($env{'form.ltoken'});
370: if ($info{'linkprot'}) {
371: if (!$tokenextras) {
372: $tokenextras = '&&&';
373: }
374: $tokenextras .= '&linkprot='.&escape($info{'linkprot'});
375: }
376: }
377: my $logtoken=Apache::lonnet::reply(
378: 'tmpput:'.$ukey.$lkey.'&'.$firsturl.$tokenextras,
379: $lonhost);
380:
381: # -- If we cannot talk to ourselves, or hostID does not map to a hostname
382: # we are in serious trouble
383:
384: if (($logtoken eq 'con_lost') || ($logtoken eq 'no_such_host')) {
385: if ($logtoken eq 'no_such_host') {
386: &Apache::lonnet::logthis('No valid logtoken for log-in page -- unable to determine hostname for hostID: '.$lonhost.'. Check entry in hosts.tab');
387: }
388: my $spares='';
389: my $last;
390: foreach my $hostid (sort
391: {
392: &Apache::lonnet::hostname($a) cmp
393: &Apache::lonnet::hostname($b);
394: }
395: keys(%Apache::lonnet::spareid)) {
396: next if ($hostid eq $lonhost);
397: my $hostname = &Apache::lonnet::hostname($hostid);
398: next if (($last eq $hostname) || ($hostname eq ''));
399: $spares.='<br /><font size="+1"><a href="http://'.
400: $hostname.
401: '/adm/login?domain='.$authdomain.'">'.
402: $hostname.'</a>'.
403: ' '.&mt('(preferred)').'</font>'.$/;
404: $last=$hostname;
405: }
406: if ($spares) {
407: $spares.= '<br />';
408: }
409: my %all_hostnames = &Apache::lonnet::all_hostnames();
410: foreach my $hostid (sort
411: {
412: &Apache::lonnet::hostname($a) cmp
413: &Apache::lonnet::hostname($b);
414: }
415: keys(%all_hostnames)) {
416: next if ($hostid eq $lonhost || $Apache::lonnet::spareid{$hostid});
417: my $hostname = &Apache::lonnet::hostname($hostid);
418: next if (($last eq $hostname) || ($hostname eq ''));
419: $spares.='<br /><a href="http://'.
420: $hostname.
421: '/adm/login?domain='.$authdomain.'">'.
422: $hostname.'</a>';
423: $last=$hostname;
424: }
425: $r->print(
426: '<html>'
427: .'<head><title>'
428: .&mt('The LearningOnline Network with CAPA')
429: .'</title></head>'
430: .'<body bgcolor="#FFFFFF">'
431: .'<h1>'.&mt('The LearningOnline Network with CAPA').'</h1>'
432: .'<img src="/adm/lonKaputt/lonlogo_broken.gif" align="right" />'
433: .'<h3>'.&mt('This LON-CAPA server is temporarily not available for login.').'</h3>');
434: if ($spares) {
435: $r->print('<p>'.&mt('Please attempt to login to one of the following servers:')
436: .'</p>'
437: .$spares);
438: }
439: $r->print('</body>'
440: .'</html>'
441: );
442: return OK;
443: }
444:
445: # ----------------------------------------------- Apparently we are in business
446: $servadm=~s/\,/\<br \/\>/g;
447:
448: # ----------------------------------------------------------- Front page design
449: my $pgbg=&Apache::loncommon::designparm('login.pgbg',$domain);
450: my $font=&Apache::loncommon::designparm('login.font',$domain);
451: my $link=&Apache::loncommon::designparm('login.link',$domain);
452: my $vlink=&Apache::loncommon::designparm('login.vlink',$domain);
453: my $alink=&Apache::loncommon::designparm('login.alink',$domain);
454: my $mainbg=&Apache::loncommon::designparm('login.mainbg',$domain);
455: my $loginbox_bg=&Apache::loncommon::designparm('login.sidebg',$domain);
456: my $loginbox_header_bgcol=&Apache::loncommon::designparm('login.bgcol',$domain);
457: my $loginbox_header_textcol=&Apache::loncommon::designparm('login.textcol',$domain);
458: my $logo=&Apache::loncommon::designparm('login.logo',$domain);
459: my $img=&Apache::loncommon::designparm('login.img',$domain);
460: my $domainlogo=&Apache::loncommon::domainlogo($domain);
461: my $showbanner = 1;
462: my $showmainlogo = 1;
463: if (defined(&Apache::loncommon::designparm('login.showlogo_img',$domain))) {
464: $showbanner = &Apache::loncommon::designparm('login.showlogo_img',$domain);
465: }
466: if (defined(&Apache::loncommon::designparm('login.showlogo_logo',$domain))) {
467: $showmainlogo = &Apache::loncommon::designparm('login.showlogo_logo',$domain);
468: }
469: my $showadminmail;
470: my @possdoms = &Apache::lonnet::current_machine_domains();
471: if (grep(/^\Q$domain\E$/,@possdoms)) {
472: $showadminmail=&Apache::loncommon::designparm('login.adminmail',$domain);
473: }
474: my $showcoursecat =
475: &Apache::loncommon::designparm('login.coursecatalog',$domain);
476: my $shownewuserlink =
477: &Apache::loncommon::designparm('login.newuser',$domain);
478: my $showhelpdesk =
479: &Apache::loncommon::designparm('login.helpdesk',$domain);
480: my $now=time;
481: my $js = (<<ENDSCRIPT);
482:
483: <script type="text/javascript" language="JavaScript">
484: // <![CDATA[
485: function send()
486: {
487: this.document.server.elements.uname.value
488: =this.document.client.elements.uname.value;
489:
490: this.document.server.elements.udom.value
491: =this.document.client.elements.udom.value;
492:
493: uextkey=this.document.client.elements.uextkey.value;
494: lextkey=this.document.client.elements.lextkey.value;
495: initkeys();
496:
497: if(this.document.server.action.substr(0,5) === 'http:'){
498: this.document.server.elements.upass0.value
499: =getCrypted(this.document.client.elements.upass$now.value);
500: } else {
501: this.document.server.elements.upass0.value
502: =this.document.client.elements.upass$now.value;
503: }
504:
505: this.document.client.elements.uname.value='';
506: this.document.client.elements.upass$now.value='';
507:
508: this.document.server.submit();
509: return false;
510: }
511:
512: function enableInput() {
513: this.document.client.elements.upass$now.removeAttribute("readOnly");
514: this.document.client.elements.uname.removeAttribute("readOnly");
515: this.document.client.elements.udom.removeAttribute("readOnly");
516: return;
517: }
518:
519: // ]]>
520: </script>
521:
522: ENDSCRIPT
523:
524: # --------------------------------------------------- Print login screen header
525:
526: my %add_entries = (
527: bgcolor => "$mainbg",
528: text => "$font",
529: link => "$link",
530: vlink => "$vlink",
531: alink => "$alink",
532: onload => 'javascript:enableInput();',);
533:
534: my ($lonhost_in_use,$headextra,$headextra_exempt,@hosts,%defaultdomconf);
535: @hosts = &Apache::lonnet::current_machine_ids();
536: $lonhost_in_use = $lonhost;
537: if (@hosts > 1) {
538: foreach my $hostid (@hosts) {
539: if (&Apache::lonnet::host_domain($hostid) eq $defdom) {
540: $lonhost_in_use = $hostid;
541: last;
542: }
543: }
544: }
545: %defaultdomconf = &Apache::loncommon::get_domainconf($defdom);
546: $headextra = $defaultdomconf{$defdom.'.login.headtag_'.$lonhost_in_use};
547: $headextra_exempt = $defaultdomconf{$domain.'.login.headtag_exempt_'.$lonhost_in_use};
548: if ($headextra) {
549: my $omitextra;
550: if ($headextra_exempt ne '') {
551: my @exempt = split(',',$headextra_exempt);
552: my $ip = $ENV{'REMOTE_ADDR'};
553: if (grep(/^\Q$ip\E$/,@exempt)) {
554: $omitextra = 1;
555: }
556: }
557: unless ($omitextra) {
558: my $confname = $defdom.'-domainconfig';
559: if ($headextra =~ m{^\Q/res/$defdom/$confname/login/headtag/$lonhost_in_use/\E}) {
560: my $extra = &Apache::lonnet::getfile(&Apache::lonnet::filelocation("",$headextra));
561: unless ($extra eq '-1') {
562: $js .= "\n".$extra."\n";
563: }
564: }
565: }
566: }
567:
568: $r->print(&Apache::loncommon::start_page('The LearningOnline Network with CAPA Login',$js,
569: { 'redirect' => [$expire,'/adm/roles'],
570: 'add_entries' => \%add_entries,
571: 'only_body' => 1,}));
572:
573: # ----------------------------------------------------------------------- Texts
574:
575: my %lt=&Apache::lonlocal::texthash(
576: 'un' => 'Username',
577: 'pw' => 'Password',
578: 'dom' => 'Domain',
579: 'perc' => 'percent',
580: 'load' => 'Server Load',
581: 'userload' => 'User Load',
582: 'catalog' => 'Course/Community Catalog',
583: 'log' => 'Log in',
584: 'help' => 'Log-in Help',
585: 'serv' => 'Server',
586: 'servadm' => 'Server Administration',
587: 'helpdesk' => 'Contact Helpdesk',
588: 'forgotpw' => 'Forgot password?',
589: 'newuser' => 'New User?',
590: );
591: # -------------------------------------------------- Change password field name
592:
593: my $forgotpw = &forgotpwdisplay(%lt);
594: $forgotpw .= '<br />' if $forgotpw;
595: my $loginhelp = &Apache::lonauth::loginhelpdisplay($authdomain);
596: if ($loginhelp) {
597: $loginhelp = '<a href="'.$loginhelp.'">'.$lt{'help'}.'</a><br />';
598: }
599:
600: # ---------------------------------------------------- Serve out DES JavaScript
601: {
602: my $jsh=Apache::File->new($include."/londes.js");
603: $r->print(<$jsh>);
604: }
605: # ---------------------------------------------------------- Serve rest of page
606:
607: $r->print(
608: '<div class="LC_Box"'
609: .' style="margin:0 auto; padding:10px; width:90%; height: auto; background-color:#FFFFFF;">'
610: );
611:
612: $r->print(<<ENDSERVERFORM);
613: <form name="server" action="/adm/authenticate" method="post" target="_top">
614: <input type="hidden" name="logtoken" value="$logtoken" />
615: <input type="hidden" name="serverid" value="$lonhost" />
616: <input type="hidden" name="uname" value="" />
617: <input type="hidden" name="upass0" value="" />
618: <input type="hidden" name="udom" value="" />
619: <input type="hidden" name="localpath" value="$env{'form.localpath'}" />
620: <input type="hidden" name="localres" value="$env{'form.localres'}" />
621: </form>
622: ENDSERVERFORM
623: my $coursecatalog;
624: if (($showcoursecat eq '') || ($showcoursecat)) {
625: $coursecatalog = &coursecatalog_link($lt{'catalog'}).'<br />';
626: }
627: my $newuserlink;
628: if ($shownewuserlink) {
629: $newuserlink = &newuser_link($lt{'newuser'}).'<br />';
630: }
631: my $logintitle =
632: '<h2 class="LC_hcell"'
633: .' style="background:'.$loginbox_header_bgcol.';'
634: .' color:'.$loginbox_header_textcol.'">'
635: .$lt{'log'}
636: .'</h2>';
637:
638: my $noscript_warning='<noscript><span class="LC_warning"><b>'
639: .&mt('Use of LON-CAPA requires Javascript to be enabled in your web browser.')
640: .'</b></span></noscript>';
641: my $helpdeskscript;
642: my $contactblock = &contactdisplay(\%lt,$servadm,$showadminmail,
643: $authdomain,\$helpdeskscript,
644: $showhelpdesk,\@possdoms);
645:
646: my $mobileargs;
647: if ($clientmobile) {
648: $mobileargs = 'autocapitalize="off" autocorrect="off"';
649: }
650: my $loginform=(<<LFORM);
651: <form name="client" action="" onsubmit="return(send())">
652: <input type="hidden" name="lextkey" value="$lextkey" />
653: <input type="hidden" name="uextkey" value="$uextkey" />
654: <b><label for="uname">$lt{'un'}</label>:</b><br />
655: <input type="text" name="uname" id="uname" size="15" value="$authusername" readonly="readonly" $mobileargs /><br />
656: <b><label for="upass$now">$lt{'pw'}</label>:</b><br />
657: <input type="password" name="upass$now" id="upass$now" size="15" readonly="readonly" /><br />
658: <b><label for="udom">$lt{'dom'}</label>:</b><br />
659: <input type="text" name="udom" id="udom" size="15" value="$authdomain" readonly="readonly" $mobileargs /><br />
660: <input type="submit" value="$lt{'log'}" />
661: </form>
662: LFORM
663:
664: if ($showbanner) {
665: $r->print(<<HEADER);
666: <!-- The LON-CAPA Header -->
667: <div style="background:$pgbg;margin:0;width:100%;">
668: <img src="$img" border="0" alt="The Learning Online Network with CAPA" class="LC_maxwidth" />
669: </div>
670: HEADER
671: }
672: $r->print(<<ENDTOP);
673: <div style="float:left;margin-top:0;">
674: <div class="LC_Box" style="background:$loginbox_bg;">
675: $logintitle
676: $loginform
677: $noscript_warning
678: </div>
679:
680: <div class="LC_Box" style="padding-top: 10px;">
681: $loginhelp
682: $forgotpw
683: $contactblock
684: $newuserlink
685: $coursecatalog
686: </div>
687: </div>
688:
689: <div>
690: ENDTOP
691: if ($showmainlogo) {
692: $r->print(' <img src="'.$logo.'" alt="" class="LC_maxwidth" />'."\n");
693: }
694: $r->print(<<ENDTOP);
695: $announcements
696: </div>
697: <hr style="clear:both;" />
698: ENDTOP
699: my ($domainrow,$serverrow,$loadrow,$userloadrow,$versionrow);
700: $domainrow = <<"END";
701: <tr>
702: <td align="left" valign="top">
703: <small><b>$lt{'dom'}: </b></small>
704: </td>
705: <td align="left" valign="top">
706: <small><tt> $domain</tt></small>
707: </td>
708: </tr>
709: END
710: $serverrow = <<"END";
711: <tr>
712: <td align="left" valign="top">
713: <small><b>$lt{'serv'}: </b></small>
714: </td>
715: <td align="left" valign="top">
716: <small><tt> $lonhost ($role)</tt></small>
717: </td>
718: </tr>
719: END
720: if ($loadlim) {
721: $loadrow = <<"END";
722: <tr>
723: <td align="left" valign="top">
724: <small><b>$lt{'load'}: </b></small>
725: </td>
726: <td align="left" valign="top">
727: <small><tt> $loadpercent $lt{'perc'}</tt></small>
728: </td>
729: </tr>
730: END
731: }
732: if ($uloadlim) {
733: $userloadrow = <<"END";
734: <tr>
735: <td align="left" valign="top">
736: <small><b>$lt{'userload'}: </b></small>
737: </td>
738: <td align="left" valign="top">
739: <small><tt> $userloadpercent $lt{'perc'}</tt></small>
740: </td>
741: </tr>
742: END
743: }
744: if (($version ne '') && ($version ne '<!-- VERSION -->')) {
745: $versionrow = <<"END";
746: <tr>
747: <td colspan="2" align="left">
748: <small>$version</small>
749: </td>
750: </tr>
751: END
752: }
753:
754: $r->print(<<ENDDOCUMENT);
755: <div style="float: left;">
756: <table border="0" cellspacing="0" cellpadding="0">
757: $domainrow
758: $serverrow
759: $loadrow
760: $userloadrow
761: $versionrow
762: </table>
763: </div>
764: <div style="float: right;">
765: $domainlogo
766: </div>
767: <br style="clear:both;" />
768: </div>
769:
770: <script type="text/javascript">
771: // <![CDATA[
772: // the if prevents the script error if the browser can not handle this
773: if ( document.client.uname ) { document.client.uname.focus(); }
774: // ]]>
775: </script>
776: $helpdeskscript
777:
778: ENDDOCUMENT
779: my %endargs = ( 'noredirectlink' => 1, );
780: $r->print(&Apache::loncommon::end_page(\%endargs));
781: return OK;
782: }
783:
784: sub check_loginvia {
785: my ($domain,$lonhost,$lonidsdir,$balcookie,$linkprot) = @_;
786: if ($domain eq '' || $lonhost eq '' || $lonidsdir eq '') {
787: return;
788: }
789: my %domconfhash = &Apache::loncommon::get_domainconf($domain);
790: my $loginvia = $domconfhash{$domain.'.login.loginvia_'.$lonhost};
791: my $loginvia_exempt = $domconfhash{$domain.'.login.loginvia_exempt_'.$lonhost};
792: my $output;
793: if ($loginvia ne '') {
794: my $noredirect;
795: my $ip = $ENV{'REMOTE_ADDR'};
796: if ($ip eq '127.0.0.1') {
797: $noredirect = 1;
798: } else {
799: if ($loginvia_exempt ne '') {
800: my @exempt = split(',',$loginvia_exempt);
801: if (grep(/^\Q$ip\E$/,@exempt)) {
802: $noredirect = 1;
803: }
804: }
805: }
806: unless ($noredirect) {
807: my ($newhost,$path);
808: if ($loginvia =~ /:/) {
809: ($newhost,$path) = split(':',$loginvia);
810: } else {
811: $newhost = $loginvia;
812: }
813: if ($newhost ne $lonhost) {
814: if (&Apache::lonnet::hostname($newhost) ne '') {
815: if ($balcookie) {
816: my ($balancer,$cookie) = split(/:/,$balcookie);
817: if ($cookie =~ /^($match_domain)_($match_username)_([a-f0-9]+)$/) {
818: my ($udom,$uname,$cookieid) = ($1,$2,$3);
819: unless (&Apache::lonnet::delbalcookie($cookie,$balancer) eq 'ok') {
820: if ((-d $lonidsdir) && (opendir(my $dh,$lonidsdir))) {
821: while (my $filename=readdir($dh)) {
822: if ($filename=~/^(\Q$uname\E_\d+_\Q$udom\E_$match_lonid)\.id$/) {
823: my $handle = $1;
824: my %hash =
825: &Apache::lonnet::get_sessionfile_vars($handle,$lonidsdir,
826: ['request.balancercookie',
827: 'user.linkedenv']);
828: if ($hash{'request.balancercookie'} eq "$balancer:$cookieid") {
829: if (unlink("$lonidsdir/$filename")) {
830: if (($hash{'user.linkedenv'} =~ /^[a-f0-9]+_linked$/) &&
831: (-l "$lonidsdir/$hash{'user.linkedenv'}.id") &&
832: (readlink("$lonidsdir/$hash{'user.linkedenv'}.id") eq "$lonidsdir/$filename")) {
833: unlink("$lonidsdir/$hash{'user.linkedenv'}.id");
834: }
835: }
836: }
837: last;
838: }
839: }
840: closedir($dh);
841: }
842: }
843: }
844: }
845: $output = &redirect_page($newhost,$path,$linkprot);
846: }
847: }
848: }
849: }
850: return $output;
851: }
852:
853: sub redirect_page {
854: my ($desthost,$path,$linkprot) = @_;
855: my $protocol = $Apache::lonnet::protocol{$desthost};
856: $protocol = 'http' if ($protocol ne 'https');
857: unless ($path =~ m{^/}) {
858: $path = '/'.$path;
859: }
860: my $url = $protocol.'://'.&Apache::lonnet::hostname($desthost).$path;
861: if ($env{'form.firsturl'} ne '') {
862: $url .='?firsturl='.$env{'form.firsturl'};
863: }
864: if ($linkprot) {
865: my $ltoken = &Apache::lonnet::tmpput({linkprot => $linkprot},$desthost);
866: if ($ltoken) {
867: $url .= (($url =~ /\?/) ? '&' : '?').'ltoken='.$ltoken;
868: }
869: }
870: my $start_page = &Apache::loncommon::start_page('Switching Server ...',undef,
871: {'redirect' => [0,$url],});
872: my $end_page = &Apache::loncommon::end_page();
873: return $start_page.$end_page;
874: }
875:
876: sub contactdisplay {
877: my ($lt,$servadm,$showadminmail,$authdomain,$helpdeskscript,$showhelpdesk,
878: $possdoms) = @_;
879: my $contactblock;
880: my $origmail;
881: if (ref($possdoms) eq 'ARRAY') {
882: if (grep(/^\Q$authdomain\E$/,@{$possdoms})) {
883: $origmail = $Apache::lonnet::perlvar{'lonSupportEMail'};
884: }
885: }
886: my $requestmail =
887: &Apache::loncommon::build_recipient_list(undef,'helpdeskmail',
888: $authdomain,$origmail);
889: unless ($showhelpdesk eq '0') {
890: if ($requestmail =~ m/[^\@]+\@[^\@]+/) {
891: $showhelpdesk = 1;
892: } else {
893: $showhelpdesk = 0;
894: }
895: }
896: if ($servadm && $showadminmail) {
897: $contactblock .= $$lt{'servadm'}.':<br />'.
898: '<tt>'.$servadm.'</tt><br />';
899: }
900: if ($showhelpdesk) {
901: $contactblock .= '<a href="javascript:helpdesk()">'.$lt->{'helpdesk'}.'</a><br />';
902: my $thisurl = &escape('/adm/login');
903: $$helpdeskscript = <<"ENDSCRIPT";
904: <script type="text/javascript">
905: // <![CDATA[
906: function helpdesk() {
907: var possdom = document.client.udom.value;
908: var codedom = possdom.replace( new RegExp("[^A-Za-z0-9.\\-]","g"),'');
909: if (codedom == '') {
910: codedom = "$authdomain";
911: }
912: var querystr = "origurl=$thisurl&codedom="+codedom;
913: document.location.href = "/adm/helpdesk?"+querystr;
914: return;
915: }
916: // ]]>
917: </script>
918: ENDSCRIPT
919: }
920: return $contactblock;
921: }
922:
923: sub forgotpwdisplay {
924: my (%lt) = @_;
925: my $prompt_for_resetpw = 1;
926: if ($prompt_for_resetpw) {
927: return '<a href="/adm/resetpw">'.$lt{'forgotpw'}.'</a>';
928: }
929: return;
930: }
931:
932: sub coursecatalog_link {
933: my ($linkname) = @_;
934: return <<"END";
935: <a href="/adm/coursecatalog">$linkname</a>
936: END
937: }
938:
939: sub newuser_link {
940: my ($linkname) = @_;
941: return '<a href="/adm/createaccount">'.$linkname.'</a>';
942: }
943:
944: 1;
945: __END__
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/back.gif){kind=icon}
Return to lonlogin.pm CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [LON-CAPA] / loncom / auth