--- loncom/auth/lonlogin.pm 2021/01/04 03:49:10 1.158.2.12 +++ loncom/auth/lonlogin.pm 2014/10/04 02:59:32 1.159 @@ -1,7 +1,7 @@ # The LearningOnline Network # Login Screen # -# $Id: lonlogin.pm,v 1.158.2.12 2021/01/04 03:49:10 raeburn Exp $ +# $Id: lonlogin.pm,v 1.159 2014/10/04 02:59:32 raeburn Exp $ # # Copyright Michigan State University Board of Trustees # @@ -37,8 +37,7 @@ use Apache::lonauth(); use Apache::lonlocal; use Apache::migrateuser(); use lib '/home/httpd/lib/perl/'; -use LONCAPA qw(:DEFAULT :match); -use CGI::Cookie(); +use LONCAPA; sub handler { my $r = shift; @@ -47,7 +46,7 @@ sub handler { (join('&',$ENV{'QUERY_STRING'},$env{'request.querystring'}, $ENV{'REDIRECT_QUERY_STRING'}), ['interface','username','domain','firsturl','localpath','localres', - 'token','role','symb','iptoken','btoken']); + 'token','role','symb','iptoken']); if (!defined($env{'form.firsturl'})) { &Apache::lonacc::get_posted_cgi($r,['firsturl']); } @@ -57,39 +56,9 @@ sub handler { return &Apache::migrateuser::handler($r); } -# For "public user" - remove any exising "public" cookie, as user really wants to log-in - my ($handle,$lonidsdir,$expirepub,$userdom); - $lonidsdir=$r->dir_config('lonIDsDir'); - unless ($r->header_only) { - $handle = &Apache::lonnet::check_for_valid_session($r,'lonID',undef,\$userdom); - if ($handle ne '') { - if ($handle=~/^publicuser\_/) { - unlink($r->dir_config('lonIDsDir')."/$handle.id"); - undef($handle); - undef($userdom); - $expirepub = 1; - } - } - } - &Apache::loncommon::no_cache($r); &Apache::lonlocal::get_language_handle($r); &Apache::loncommon::content_type($r,'text/html'); - if ($expirepub) { - my $c = new CGI::Cookie(-name => 'lonPubID', - -value => '', - -expires => '-10y',); - $r->header_out('Set-cookie' => $c); - } elsif (($handle eq '') && ($userdom ne '')) { - my %cookies=CGI::Cookie->parse($r->header_in('Cookie')); - foreach my $name (keys(%cookies)) { - next unless ($name =~ /^lon(|S|Link|Pub)ID$/); - my $c = new CGI::Cookie(-name => $name, - -value => '', - -expires => '-10y',); - $r->headers_out->add('Set-cookie' => $c); - } - } $r->send_http_header; return OK if $r->header_only; @@ -101,91 +70,37 @@ sub handler { return OK; } - my $lonhost = $r->dir_config('lonHostID'); $env{'form.firsturl'} =~ s/(`)/'/g; -# Check if browser sent a LON-CAPA load balancer cookie (and this is a balancer) - - my ($found_server,$balancer_cookie) = &Apache::lonnet::check_for_balancer_cookie($r,1); - if ($found_server) { - my $hostname = &Apache::lonnet::hostname($found_server); - if ($hostname ne '') { - my $protocol = $Apache::lonnet::protocol{$found_server}; - $protocol = 'http' if ($protocol ne 'https'); +# -------------------------------- Prevent users from attempting to login twice + my $handle = &Apache::lonnet::check_for_valid_session($r); + if ($handle ne '') { + my $lonidsdir=$r->dir_config('lonIDsDir'); + if ($handle=~/^publicuser\_/) { +# For "public user" - remove it, we apparently really want to login + unlink($r->dir_config('lonIDsDir')."/$handle.id"); + } else { +# Indeed, a valid token is found + &Apache::lonnet::transfer_profile_to_env($lonidsdir,$handle); + my $start_page = + &Apache::loncommon::start_page('Already logged in'); + my $end_page = + &Apache::loncommon::end_page(); my $dest = '/adm/roles'; if ($env{'form.firsturl'} ne '') { - $dest = $env{'form.firsturl'}; - } - my %info = ( - balcookie => $lonhost.':'.$balancer_cookie, - ); - my $balancer_token = &Apache::lonnet::tmpput(\%info,$found_server); - if ($balancer_token) { - $dest .= (($dest=~/\?/)?'&;':'?') . 'btoken='.$balancer_token; + $dest = $env{'form.firsturl'}; } - my $url = $protocol.'://'.$hostname.$dest; - my $start_page = - &Apache::loncommon::start_page('Switching Server ...',undef, - {'redirect' => [0,$url],}); - my $end_page = &Apache::loncommon::end_page(); - $r->print($start_page.$end_page); - return OK; - } - } - -# -# Check if a LON-CAPA load balancer sent user here because user's browser sent -# it a balancer cookie for an active session on this server. -# - - my $balcookie; - if ($env{'form.btoken'}) { - my %info = &Apache::lonnet::tmpget($env{'form.btoken'}); - $balcookie = $info{'balcookie'}; - &Apache::lonnet::tmpdel($env{'form.btoken'}); - delete($env{'form.btoken'}); - } - -# -# If browser sent an old cookie for which the session file had been removed -# check if configuration for user's domain has a portal URL set. If so -# switch user's log-in to the portal. -# - - if (($handle eq '') && ($userdom ne '')) { - my %domdefaults = &Apache::lonnet::get_domain_defaults($userdom); - if ($domdefaults{'portal_def'} =~ /^https?\:/) { - my $start_page = &Apache::loncommon::start_page('Switching Server ...',undef, - {'redirect' => [0,$domdefaults{'portal_def'}],}); - my $end_page = &Apache::loncommon::end_page(); - $r->print($start_page.$end_page); + $r->print( + $start_page + .'
'.&mt('You are already logged in!').'
' + .''.&mt('Please either [_1]continue the current session[_2] or [_3]log out[_4].', + '','','','').'
' + .$end_page + ); return OK; } } - $env{'form.firsturl'} =~ s/(`)/'/g; - -# -------------------------------- Prevent users from attempting to login twice - if ($handle ne '') { - &Apache::lonnet::transfer_profile_to_env($lonidsdir,$handle); - my $start_page = - &Apache::loncommon::start_page('Already logged in'); - my $end_page = - &Apache::loncommon::end_page(); - my $dest = '/adm/roles'; - if ($env{'form.firsturl'} ne '') { - $dest = $env{'form.firsturl'}; - } - $r->print( - $start_page - .''.&mt('You are already logged in!').'
' - .''.&mt('Please either [_1]continue the current session[_2] or [_3]log out[_4].', - '','','','').'
' - .$end_page - ); - return OK; - } - # ---------------------------------------------------- No valid token, continue # ---------------------------- Not possible to really login to domain "public" @@ -212,11 +127,11 @@ sub handler { my $iconpath= &Apache::loncommon::lonhttpdurl($r->dir_config('lonIconsURL')); + my $lonhost = $r->dir_config('lonHostID'); my $domain = &Apache::lonnet::default_login_domain(); - my $defdom = $domain; if ($lonhost ne '') { unless ($sessiondata{'sessionserver'}) { - my $redirect = &check_loginvia($domain,$lonhost,$lonidsdir,$balcookie); + my $redirect = &check_loginvia($domain,$lonhost); if ($redirect) { $r->print($redirect); return OK; @@ -225,7 +140,7 @@ sub handler { } if (($sessiondata{'domain'}) && - (&Apache::lonnet::domain($sessiondata{'domain'},'description'))) { + (&Apache::lonnet::domain($env{'form.domain'},'description'))) { $domain=$sessiondata{'domain'}; } elsif (($env{'form.domain'}) && (&Apache::lonnet::domain($env{'form.domain'},'description'))) { @@ -328,36 +243,22 @@ sub handler { &Apache::lonnet::logthis('No valid logtoken for log-in page -- unable to determine hostname for hostID: '.$lonhost.'. Check entry in hosts.tab'); } my $spares=''; - my (@sparehosts,%spareservers); - my $sparesref = &Apache::lonnet::this_host_spares($defdom); - if (ref($sparesref) eq 'HASH') { - foreach my $key (keys(%{$sparesref})) { - if (ref($sparesref->{$key}) eq 'ARRAY') { - my @sorted = sort { &Apache::lonnet::hostname($a) cmp - &Apache::lonnet::hostname($b); - } @{$sparesref->{$key}}; - if (@sorted) { - if ($key eq 'primary') { - unshift(@sparehosts,@sorted); - } elsif ($key eq 'default') { - push(@sparehosts,@sorted); - } - } - } - } - } - foreach my $hostid (@sparehosts) { + my $last; + foreach my $hostid (sort + { + &Apache::lonnet::hostname($a) cmp + &Apache::lonnet::hostname($b); + } + keys(%Apache::lonnet::spareid)) { next if ($hostid eq $lonhost); my $hostname = &Apache::lonnet::hostname($hostid); - next if (($hostname eq '') || ($spareservers{$hostname})); - $spareservers{$hostname} = 1; - my $protocol = $Apache::lonnet::protocol{$hostid}; - $protocol = 'http' if ($protocol ne 'https'); - $spares.=''.&mt('Please attempt to login to one of the following servers:')
@@ -454,7 +352,11 @@ lextkey=this.document.client.elements.le
initkeys();
this.document.server.elements.upass0.value
- =getCrypted(this.document.client.elements.upass$now.value);
+ =crypted(this.document.client.elements.upass$now.value.substr(0,15));
+this.document.server.elements.upass1.value
+ =crypted(this.document.client.elements.upass$now.value.substr(15,15));
+this.document.server.elements.upass2.value
+ =crypted(this.document.client.elements.upass$now.value.substr(30,15));
this.document.client.elements.uname.value='';
this.document.client.elements.upass$now.value='';
@@ -485,40 +387,6 @@ ENDSCRIPT
alink => "$alink",
onload => 'javascript:enableInput();',);
- my ($lonhost_in_use,$headextra,$headextra_exempt,@hosts,%defaultdomconf);
- @hosts = &Apache::lonnet::current_machine_ids();
- $lonhost_in_use = $lonhost;
- if (@hosts > 1) {
- foreach my $hostid (@hosts) {
- if (&Apache::lonnet::host_domain($hostid) eq $defdom) {
- $lonhost_in_use = $hostid;
- last;
- }
- }
- }
- %defaultdomconf = &Apache::loncommon::get_domainconf($defdom);
- $headextra = $defaultdomconf{$defdom.'.login.headtag_'.$lonhost_in_use};
- $headextra_exempt = $defaultdomconf{$domain.'.login.headtag_exempt_'.$lonhost_in_use};
- if ($headextra) {
- my $omitextra;
- if ($headextra_exempt ne '') {
- my @exempt = split(',',$headextra_exempt);
- my $ip = &Apache::lonnet::get_requestor_ip();
- if (grep(/^\Q$ip\E$/,@exempt)) {
- $omitextra = 1;
- }
- }
- unless ($omitextra) {
- my $confname = $defdom.'-domainconfig';
- if ($headextra =~ m{^\Q/res/$defdom/$confname/login/headtag/$lonhost_in_use/\E}) {
- my $extra = &Apache::lonnet::getfile(&Apache::lonnet::filelocation("",$headextra));
- unless ($extra eq '-1') {
- $js .= "\n".$extra."\n";
- }
- }
- }
- }
-
$r->print(&Apache::loncommon::start_page('The LearningOnline Network with CAPA Login',$js,
{ 'redirect' => [$expire,'/adm/roles'],
'add_entries' => \%add_entries,
@@ -569,6 +437,8 @@ ENDSCRIPT
+
+
@@ -619,7 +489,7 @@ LFORM
$r->print(<