1: # The LearningOnline Network
2: # User Authentication Module
3: # 5/21/99,5/22,5/25,5/26,5/27,5/29,6/2,6/11,6/14,6/15
4: # 16/11,12/16,
5: # 1/14,2/24,2/28,2/29,3/7,5/29,5/30,5/31,6/1,6/5,6/29,
6: # 7/1,7/10,10/2,10/5,10/9,10/26,10/30,11/10 Gerd Kortemeyer
7:
8: package Apache::lonauth;
9:
10: use Apache::Constants qw(:common);
11: use Apache::File;
12: use CGI qw(:standard);
13: use CGI::Cookie();
14: use Crypt::DES;
15: use Apache::lonnet();
16: use Apache::lonmenu();
17:
18: # ------------------------------------------------------------ Successful login
19:
20: sub success {
21: my ($r, $username, $domain, $authhost,$lowerurl) = @_;
22: my $lonids=$r->dir_config('lonIDsDir');
23:
24: # See if old ID present, if so, remove
25:
26: my $filename;
27: opendir(DIR,$lonids);
28: while ($filename=readdir(DIR)) {
29: if ($filename=~/^$username\_\d+\_$domain\_$authhost\.id$/) {
30: unlink($lonids.'/'.$filename);
31: }
32: }
33: closedir(DIR);
34:
35: # Give them a new cookie
36:
37: my $cookie;
38: my $now=time;
39: $cookie="$username\_$now\_$domain\_$authhost";
40:
41: # Initialize roles
42:
43: my $userroles=Apache::lonnet::rolesinit($domain,$username,$authhost);
44:
45: # ------------------------------------ Check browser type and MathML capability
46:
47: my @browsertype=split(/\&/,$r->dir_config("lonBrowsDet"));
48: my %mathcap=split(/\&/,$r->dir_config("lonMathML"));
49: my $httpbrowser=$ENV{"HTTP_USER_AGENT"};
50: my $i;
51: my $clientbrowser='unknown';
52: my $clientversion='0';
53: my $clientmathml='';
54: for ($i=0;$i<=$#browsertype;$i++) {
55: my ($bname,$match,$notmatch,$vreg,$minv)=split(/\:/,$browsertype[$i]);
56: if (($httpbrowser=~/$match/i) && ($httpbrowser!~/$notmatch/i)) {
57: $clientbrowser=$bname;
58: $httpbrowser=~/$vreg/i;
59: $clientversion=$1;
60: $clientmathml=($clientversion>=$minv);
61: }
62: }
63: my $clientos='unknown';
64: if (($httpbrowser=~/linux/i) ||
65: ($httpbrowser=~/unix/i) ||
66: ($httpbrowser=~/ux/i) ||
67: ($httpbrowser=~/solaris/i)) { $clientos='unix'; }
68: if (($httpbrowser=~/vax/i) ||
69: ($httpbrowser=~/vms/i)) { $clientos='vms'; }
70: if ($httpbrowser=~/next/i) { $clientos='next'; }
71: if (($httpbrowser=~/mac/i) ||
72: ($httpbrowser=~/powerpc/i)) { $clientos='mac'; }
73: if ($httpbrowser=~/win/i) { $clientos='win'; }
74:
75: # ------------------------------------------------------------- Get environment
76:
77: my $userenv=Apache::lonnet::reply("dump:$domain:$username:environment",
78: $authhost);
79: if (($userenv eq 'con_lost') ||
80: ($userenv =~ /^error\:/)) {
81: $userenv='';
82: }
83: $userenv=~s/\&/\nenvironment\./g;
84: if ($userenv ne '') {
85: $userenv='environment.'.$userenv;
86: }
87: # --------------------------------------------------------- Write first profile
88:
89: {
90: my $idf=Apache::File->new(">$lonids/$cookie.id");
91: if ($userenv ne '') { print $idf "$userenv\n"; }
92: print $idf "user.name=$username\n";
93: print $idf "user.domain=$domain\n";
94: print $idf "user.home=$authhost\n";
95: print $idf "browser.type=$clientbrowser\n";
96: print $idf "browser.version=$clientversion\n";
97: print $idf "browser.mathml=$clientmathml\n";
98: print $idf "browser.os=$clientos\n";
99: print $idf "request.course.fn=\n";
100: print $idf "request.course.uri=\n";
101: print $idf "request.course.sec=\n";
102: print $idf "request.role=cm\n";
103: print $idf "request.host=$ENV{'HTTP_HOST'}\n";
104: if ($userroles ne '') { print $idf "$userroles"; }
105: }
106:
107: # -------------------------------------------------------------------- Log this
108:
109: &Apache::lonnet::log($domain,$username,$authhost,
110: "Login $ENV{'REMOTE_ADDR'}");
111:
112: # ------------------------------------------------- Check for critical messages
113:
114: my @what=&Apache::lonnet::dump('critical');
115: if ($what[0]) {
116: if ($what[0] ne 'con_lost') {
117: $lowerurl='/adm/email/critical/'.$what[0];
118: }
119: }
120:
121: # ------------------------------------------------------------ Get cookie ready
122:
123: $cookie="lonID=$cookie; path=/";
124: # -------------------------------------------------------- Menu script and info
125:
126: my $windowinfo=&Apache::lonmenu::open();
127: # ------------------------------------------------- Output for successful login
128:
129: $r->send_cgi_header(<<ENDHEADER);
130: Content-type: text/html
131: Set-cookie: $cookie
132:
133: ENDHEADER
134: $r->print(<<ENDSUCCESS);
135: <html>
136: <head>
137: <title>Successful Login to the LearningOnline Network with CAPA</title>
138: <meta HTTP-EQUIV="Refresh" CONTENT="1; url=$lowerurl">
139: </head>
140: <body bgcolor="#FFFFFF">
141: $windowinfo
142: <h1>Welcome!</h1>
143: </body>
144: </html>
145: ENDSUCCESS
146: }
147:
148: # --------------------------------------------------------------- Failed login!
149:
150: sub failed {
151: my ($r,$message) = @_;
152: $r->send_cgi_header(<<ENDFHEADER);
153: Content-type: text/html
154:
155: ENDFHEADER
156: $r->print(<<ENDFAILED);
157: <html>
158: <head>
159: <title>Unsuccessful Login to the LearningOnline Network with CAPA</title>
160: </head>
161: <html>
162: <body bgcolor="#FFFFFF">
163: <h1>Sorry ...</h1>
164: <h2>$message to use the Learning<i>Online</i> Network with CAPA</h2>
165: </body>
166: </html>
167: ENDFAILED
168: }
169:
170: # ---------------------------------------------------------------- Main handler
171:
172: sub handler {
173: my $r = shift;
174:
175: my $buffer;
176: $r->read($buffer,$r->header_in('Content-length'));
177: my @pairs=split(/&/,$buffer);
178: my $pair; my $name; my $value; my %FORM;
179: foreach $pair (@pairs) {
180: ($name,$value) = split(/=/,$pair);
181: $value =~ tr/+/ /;
182: $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C",hex($1))/eg;
183: $FORM{$name}=$value;
184: }
185:
186: if ((!$FORM{'uname'}) || (!$FORM{'upass'}) || (!$FORM{'udom'})) {
187: failed($r,'Username, password and domain need to be specified');
188: return OK;
189: }
190: $FORM{'uname'} =~ s/\W//g;
191: $FORM{'udom'} =~ s/\W//g;
192:
193: my $role = $r->dir_config('lonRole');
194: my $domain = $r->dir_config('lonDefDomain');
195: my $prodir = $r->dir_config('lonUsersDir');
196:
197: # ---------------------------------------- Get the information from login token
198:
199: my $tmpinfo=Apache::lonnet::reply('tmpget:'.$FORM{'logtoken'},
200: $FORM{'serverid'});
201:
202: if (($tmpinfo=~/^error/) || ($tmpinfo eq 'con_lost')) {
203: failed($r,'Login token missing, inaccessible or expired');
204: return OK;
205: }
206:
207: my ($key,$firsturl)=split(/&/,$tmpinfo);
208:
209: my $keybin=pack("H16",$key);
210:
211: my $cipher=new DES $keybin;
212:
213: my $upass=$cipher->decrypt(
214: unpack("a8",pack("H16",substr($FORM{'upass'},0,16))));
215:
216: $upass.=$cipher->decrypt(
217: unpack("a8",pack("H16",substr($FORM{'upass'},16,16))));
218:
219: $upass=substr($upass,1,ord(substr($upass,0,1)));
220:
221: # ---------------------------------------------------------------- Authenticate
222: my $authhost=Apache::lonnet::authenticate($FORM{'uname'},
223: $upass,
224: $FORM{'udom'});
225:
226: # --------------------------------------------------------------------- Failed?
227:
228: if ($authhost eq 'no_host') {
229: failed($r,'Username and/or password could not be authenticated');
230: return OK;
231: }
232:
233: if (($firsturl eq '') || ($firsturl eq '/adm/logout')) {
234: $firsturl='/res/adm/pages/index.html';
235: }
236:
237: success($r,$FORM{'uname'},$FORM{'udom'},$authhost,$firsturl);
238: return OK;
239: }
240:
241: 1;
242: __END__
243:
244:
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/back.gif){kind=icon}
Return to lonauth.pm CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [LON-CAPA] / loncom / auth