1: # The LearningOnline Network
2: # Login Screen
3: #
4: # $Id: lonlogin.pm,v 1.126 2009/10/06 21:58:30 raeburn Exp $
5: #
6: # Copyright Michigan State University Board of Trustees
7: #
8: # This file is part of the LearningOnline Network with CAPA (LON-CAPA).
9: #
10: # LON-CAPA is free software; you can redistribute it and/or modify
11: # it under the terms of the GNU General Public License as published by
12: # the Free Software Foundation; either version 2 of the License, or
13: # (at your option) any later version.
14: #
15: # LON-CAPA is distributed in the hope that it will be useful,
16: # but WITHOUT ANY WARRANTY; without even the implied warranty of
17: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18: # GNU General Public License for more details.
19: #
20: # You should have received a copy of the GNU General Public License
21: # along with LON-CAPA; if not, write to the Free Software
22: # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
23: #
24: # /home/httpd/html/adm/gpl.txt
25: #
26: # http://www.lon-capa.org/
27: #
28:
29: package Apache::lonlogin;
30:
31: use strict;
32: use Apache::Constants qw(:common);
33: use Apache::File ();
34: use Apache::lonnet;
35: use Apache::loncommon();
36: use Apache::lonauth();
37: use Apache::lonlocal;
38: use Apache::migrateuser();
39: use lib '/home/httpd/lib/perl/';
40: use LONCAPA;
41:
42: sub handler {
43: my $r = shift;
44:
45: &Apache::loncommon::get_unprocessed_cgi
46: (join('&',$ENV{'QUERY_STRING'},$env{'request.querystring'},
47: $ENV{'REDIRECT_QUERY_STRING'}),
48: ['interface','username','domain','firsturl','localpath','localres',
49: 'token','role','symb']);
50: if (!defined($env{'form.firsturl'})) {
51: &Apache::lonacc::get_posted_cgi($r,['firsturl']);
52: }
53:
54: # -- check if they are a migrating user
55: if (defined($env{'form.token'})) {
56: return &Apache::migrateuser::handler($r);
57: }
58:
59: &Apache::loncommon::no_cache($r);
60: &Apache::lonlocal::get_language_handle($r);
61: &Apache::loncommon::content_type($r,'text/html');
62: $r->send_http_header;
63: return OK if $r->header_only;
64:
65:
66: # Are we re-routing?
67: if (-e '/home/httpd/html/lon-status/reroute.txt') {
68: &Apache::lonauth::reroute($r);
69: return OK;
70: }
71:
72:
73: # -------------------------------- Prevent users from attempting to login twice
74: my $handle = &Apache::lonnet::check_for_valid_session($r);
75: if ($handle=~/^publicuser\_/) {
76: # For "public user" - remove it, we apparently really want to login
77: unlink($r->dir_config('lonIDsDir')."/$handle.id");
78: } elsif ($handle ne '') {
79: # Indeed, a valid token is found
80: my $start_page =
81: &Apache::loncommon::start_page('Already logged in');
82: my $end_page =
83: &Apache::loncommon::end_page();
84: my $dest = '/adm/roles';
85: if ($env{'form.firsturl'} ne '') {
86: $dest = $env{'form.firsturl'};
87: }
88: $r->print(
89: $start_page
90: .'<h1>'.&mt('You are already logged in!').'</h1>'
91: .'<p>'.&mt('Please either [_1]continue the current session[_2] or [_3]log out[_4].',
92: '<a href="'.$dest.'">','</a>','<a href="/adm/logout">','</a>').'</p>'
93: .'<p><a href="/adm/loginproblems.html">'.&mt('Login problems?').'</a></p>'
94: .$end_page
95: );
96: return OK;
97: }
98:
99: # ---------------------------------------------------- No valid token, continue
100:
101: # ---------------------------- Not possible to really login to domain "public"
102: if ($env{'form.domain'} eq 'public') {
103: $env{'form.domain'}='';
104: $env{'form.username'}='';
105: }
106: # ----------------------------------------------------------- Process Interface
107: $env{'form.interface'}=~s/\W//g;
108:
109: my $httpbrowser=$ENV{"HTTP_USER_AGENT"};
110:
111: my $iconpath=
112: &Apache::loncommon::lonhttpdurl($r->dir_config('lonIconsURL'));
113:
114: my $lonhost = $r->dir_config('lonHostID');
115: my $domain = &Apache::lonnet::default_login_domain();
116: my %domconfig = &Apache::loncommon::get_domainconf($domain);
117: if ($lonhost ne '') {
118: if (ref($domconfig{login}) eq 'HASH') {
119: if (ref($domconfig{login}{loginvia}) eq 'HASH') {
120: if ($domconfig{login}{loginvia}{$lonhost}) {
121: my $loginvia = $domconfig{login}{loginvia}{$lonhost};
122: my %servers = &Apache::lonnet::get_servers($domain);
123: if (($servers{$loginvia} ne '') && ($loginvia ne $lonhost)) {
124: $r->print(&redirect_page($loginvia));
125: return OK;
126: }
127: }
128: }
129: }
130: }
131:
132: if (($env{'form.domain'}) &&
133: (&Apache::lonnet::domain($env{'form.domain'},'description'))) {
134: $domain=$env{'form.domain'};
135: }
136: my $role = $r->dir_config('lonRole');
137: my $loadlim = $r->dir_config('lonLoadLim');
138: my $servadm = $r->dir_config('lonAdmEMail');
139: my $tabdir = $r->dir_config('lonTabDir');
140: my $include = $r->dir_config('lonIncludes');
141: my $expire = $r->dir_config('lonExpire');
142: my $version = $r->dir_config('lonVersion');
143: my $host_name = &Apache::lonnet::hostname($lonhost);
144:
145: # --------------------------------------------- Default values for login fields
146:
147: my $authusername=($env{'form.username'}?$env{'form.username'}:'');
148: my $authdomain=($env{'form.domain'}?$env{'form.domain'}:$domain);
149:
150: # ---------------------------------------------------------- Determine own load
151: my $loadavg;
152: {
153: my $loadfile=Apache::File->new('/proc/loadavg');
154: $loadavg=<$loadfile>;
155: }
156: $loadavg =~ s/\s.*//g;
157: my $loadpercent=sprintf("%.1f",100*$loadavg/$loadlim);
158: my $userloadpercent=&Apache::lonnet::userload();
159:
160: # ------------------------------------------------------- Do the load balancing
161: my $otherserver= &Apache::lonnet::absolute_url($host_name);
162: my $firsturl=
163: ($env{'request.firsturl'}?$env{'request.firsturl'}:$env{'form.firsturl'});
164: # ---------------------------------------------------------- Are we overloaded?
165: if ((($userloadpercent>100.0)||($loadpercent>100.0))) {
166: my $unloaded=Apache::lonnet::spareserver($loadpercent,$userloadpercent);
167: if ($unloaded) { $otherserver=$unloaded; }
168: }
169:
170: # ----------------------------------------------------------- Get announcements
171: my $announcements=&Apache::lonnet::getannounce();
172: # -------------------------------------------------------- Set login parameters
173:
174: my @hexstr=('0','1','2','3','4','5','6','7',
175: '8','9','a','b','c','d','e','f');
176: my $lkey='';
177: for (0..7) {
178: $lkey.=$hexstr[rand(15)];
179: }
180:
181: my $ukey='';
182: for (0..7) {
183: $ukey.=$hexstr[rand(15)];
184: }
185:
186: my $lextkey=hex($lkey);
187: if ($lextkey>2147483647) { $lextkey-=4294967296; }
188:
189: my $uextkey=hex($ukey);
190: if ($uextkey>2147483647) { $uextkey-=4294967296; }
191:
192: # -------------------------------------------------------- Store away log token
193: my $tokenextras;
194: if ($env{'form.role'}) {
195: $tokenextras = '&role='.&escape($env{'form.role'});
196: }
197: if ($env{'form.symb'}) {
198: if (!$tokenextras) {
199: $tokenextras = '&';
200: }
201: $tokenextras .= '&symb='.&escape($env{'form.symb'});
202: }
203: my $logtoken=Apache::lonnet::reply(
204: 'tmpput:'.$ukey.$lkey.'&'.$firsturl.$tokenextras,
205: $lonhost);
206:
207: # ------------------- If we cannot talk to ourselves, we are in serious trouble
208:
209: if ($logtoken eq 'con_lost') {
210: my $spares='';
211: my $last;
212: foreach my $hostid (sort
213: {
214: &Apache::lonnet::hostname($a) cmp
215: &Apache::lonnet::hostname($b);
216: }
217: keys(%Apache::lonnet::spareid)) {
218: next if ($hostid eq $lonhost);
219: my $hostname = &Apache::lonnet::hostname($hostid);
220: next if ($last eq $hostname);
221: $spares.='<br /><font size="+1"><a href="http://'.
222: $hostname.
223: '/adm/login?domain='.$authdomain.'">'.
224: $hostname.'</a>'.
225: ' '.&mt('(preferred)').'</font>'.$/;
226: $last=$hostname;
227: }
228: $spares.= '<br />';
229: my %all_hostnames = &Apache::lonnet::all_hostnames();
230: foreach my $hostid (sort
231: {
232: &Apache::lonnet::hostname($a) cmp
233: &Apache::lonnet::hostname($b);
234: }
235: keys(%all_hostnames)) {
236: next if ($hostid eq $lonhost || $Apache::lonnet::spareid{$hostid});
237: my $hostname = &Apache::lonnet::hostname($hostid);
238: next if ($last eq $hostname);
239: $spares.='<br /><a href="http://'.
240: $hostname.
241: '/adm/login?domain='.$authdomain.'">'.
242: $hostname.'</a>';
243: $last=$hostname;
244: }
245: $r->print(
246: '<html>'
247: .'<head><title>'
248: .&mt('The LearningOnline Network with CAPA')
249: .'</title></head>'
250: .'<body bgcolor="#FFFFFF">'
251: .'<h1>'.&mt('The LearningOnline Network with CAPA').'</h1>'
252: .'<img src="/adm/lonKaputt/lonlogo_broken.gif" align="right" />'
253: .'<h3>'.&mt('This LON-CAPA server is temporarily not available for login.').'</h3>'
254: .'<p>'.&mt('Please attempt to login to one of the following servers:').'</p>'
255: .$spares
256: .'</body>'
257: .'</html>'
258: );
259: return OK;
260: }
261:
262: # ----------------------------------------------- Apparently we are in business
263: $servadm=~s/\,/\<br \/\>/g;
264:
265: # ----------------------------------------------------------- Front page design
266: my $pgbg=&Apache::loncommon::designparm('login.pgbg',$domain);
267: my $font=&Apache::loncommon::designparm('login.font',$domain);
268: my $link=&Apache::loncommon::designparm('login.link',$domain);
269: my $vlink=&Apache::loncommon::designparm('login.vlink',$domain);
270: my $alink=&Apache::loncommon::designparm('login.alink',$domain);
271: my $mainbg=&Apache::loncommon::designparm('login.mainbg',$domain);
272: my $logo=&Apache::loncommon::designparm('login.logo',$domain);
273: my $img=&Apache::loncommon::designparm('login.img',$domain);
274: my $domainlogo=&Apache::loncommon::domainlogo($domain);
275: my $login=&Apache::loncommon::designparm('login.login',$domain);
276: if ($login eq '') {
277: $login = $iconpath.'/'.&mt('userauthentication.gif');
278: }
279: my $showbanner = 1;
280: my $showmainlogo = 1;
281: if (defined(&Apache::loncommon::designparm('login.showlogo_img',$domain))) {
282: $showbanner = &Apache::loncommon::designparm('login.showlogo_img',$domain);
283: }
284: if (defined(&Apache::loncommon::designparm('login.showlogo_logo',$domain))) {
285: $showmainlogo = &Apache::loncommon::designparm('login.showlogo_logo',$domain);
286: }
287: my $showadminmail=&Apache::loncommon::designparm('login.adminmail',$domain);
288: my $showcoursecat =
289: &Apache::loncommon::designparm('login.coursecatalog',$domain);
290: my $loginheader =&Apache::loncommon::designparm('login.loginheader',$domain);
291: my $shownewuserlink =
292: &Apache::loncommon::designparm('login.newuser',$domain);
293: my $now=time;
294: my $js = (<<ENDSCRIPT);
295:
296: <script type="text/javascript" language="JavaScript">
297: // <![CDATA[
298: function send()
299: {
300: this.document.server.elements.uname.value
301: =this.document.client.elements.uname.value;
302:
303: this.document.server.elements.udom.value
304: =this.document.client.elements.udom.value;
305:
306: uextkey=this.document.client.elements.uextkey.value;
307: lextkey=this.document.client.elements.lextkey.value;
308: initkeys();
309:
310: this.document.server.elements.upass0.value
311: =crypted(this.document.client.elements.upass$now.value.substr(0,15));
312: this.document.server.elements.upass1.value
313: =crypted(this.document.client.elements.upass$now.value.substr(15,15));
314: this.document.server.elements.upass2.value
315: =crypted(this.document.client.elements.upass$now.value.substr(30,15));
316:
317: this.document.client.elements.uname.value='';
318: this.document.client.elements.upass$now.value='';
319:
320: this.document.server.submit();
321: return false;
322: }
323: // ]]>
324: </script>
325:
326: ENDSCRIPT
327:
328: # --------------------------------------------------- Print login screen header
329:
330: my %add_entries = (
331: bgcolor => "$mainbg",
332: text => "$font",
333: link => "$link",
334: vlink => "$vlink",
335: alink => "$alink",);
336:
337: $r->print(&Apache::loncommon::start_page('The LearningOnline Network with CAPA Login',$js,
338: { 'redirect' => [$expire,'/adm/roles'],
339: 'add_entries' => \%add_entries,
340: 'only_body' => 1,}));
341:
342: # ----------------------------------------------------------------------- Texts
343:
344: my %lt=&Apache::lonlocal::texthash(
345: 'un' => 'Username',
346: 'pw' => 'Password',
347: 'dom' => 'Domain',
348: 'perc' => 'percent',
349: 'load' => 'Server Load',
350: 'userload' => 'User Load',
351: 'catalog' => 'Course Catalog',
352: 'log' => 'Log in',
353: 'help' => 'Log-in Help',
354: 'serv' => 'Server',
355: 'servadm' => 'Server Administration',
356: 'helpdesk' => 'Contact Helpdesk',
357: 'forgotpw' => 'Forgot password?',
358: 'newuser' => 'New User?',
359: );
360: # -------------------------------------------------- Change password field name
361: my $forgotpw = &forgotpwdisplay(%lt);
362: my $loginhelp = &loginhelpdisplay(%lt);
363:
364: # ---------------------------------------------------- Serve out DES JavaScript
365: {
366: my $jsh=Apache::File->new($include."/londes.js");
367: $r->print(<$jsh>);
368: }
369: # ---------------------------------------------------------- Serve rest of page
370:
371: $r->print(
372: '<div class="LC_loginpage_container">');
373:
374: #
375: # If the loadbalancing yielded just http:// because perhaps there's no loadbalancing?
376: # then just us a relative link to authenticate:
377: #
378:
379: $r->print(<<ENDSERVERFORM);
380: <form name="server" action="$otherserver/adm/authenticate" method="post" target="_top">
381: <input type="hidden" name="logtoken" value="$logtoken" />
382: <input type="hidden" name="serverid" value="$lonhost" />
383: <input type="hidden" name="uname" value="" />
384: <input type="hidden" name="upass0" value="" />
385: <input type="hidden" name="upass1" value="" />
386: <input type="hidden" name="upass2" value="" />
387: <input type="hidden" name="udom" value="" />
388: <input type="hidden" name="localpath" value="$env{'form.localpath'}" />
389: <input type="hidden" name="localres" value="$env{'form.localres'}" />
390: </form>
391: ENDSERVERFORM
392: my $coursecatalog;
393: if (($showcoursecat eq '') || ($showcoursecat)) {
394: $coursecatalog = &coursecatalog_link($lt{'catalog'});
395: }
396: my $newuserlink;
397: if ($shownewuserlink) {
398: $newuserlink = &newuser_link($lt{'newuser'}).'<br />';
399: }
400: my $logintitle;
401: if ($loginheader eq 'text') {
402: $logintitle ='<h2>'.$lt{'log'}.'</h2>';
403: } else {
404: $logintitle = '<img src="'.$login.'" alt="'.
405: &mt('User Authentication').'" />';
406: }
407:
408: my $noscript_warning='<noscript><span class="LC_warning"><b>'
409: .&mt('Use of LON-CAPA requires Javascript to be enabled in your web browser.')
410: .'</b></span></noscript>';
411: my $helpdeskscript;
412: my $contactblock = &contactdisplay(\%lt,$servadm,$showadminmail,
413: $version,$authdomain,\$helpdeskscript);
414:
415: my $loginform=(<<LFORM);
416: <form name="client" action="" onsubmit="return(send())">
417: <input type="hidden" name="lextkey" value="$lextkey" />
418: <input type="hidden" name="uextkey" value="$uextkey" />
419: <b><label for="uname">$lt{'un'}</label>:</b><br />
420: <input type="text" name="uname" size="15" value="$authusername" /><br />
421: <b><label for="upass$now">$lt{'pw'}</label>:</b><br />
422: <input type="password" name="upass$now" size="15" /><br />
423: <b><label for="udom">$lt{'dom'}</label>:</b><br />
424: <input type="text" name="udom" size="15" value="$authdomain" /><br />
425: <input type="submit" value="$lt{'log'}" />
426: </form>
427: LFORM
428:
429: if ($showbanner) {
430: $r->print(<<HEADER);
431: <!-- The LON-CAPA Header -->
432: <table border="0" align="left" width="100%" cellspacing="0" cellpadding="1">
433: <tr>
434: <td align="left" valign="top" bgcolor="$pgbg">
435: <img src="$img" border="0" alt="The Learning Online Network with CAPA" />
436: </td>
437: </tr>
438: </table>
439: HEADER
440: }
441: $r->print(<<ENDTOP);
442: <div class="LC_loginpage_space"> </div>
443: <div class="LC_loginpage_floatLeft">
444: <div class="LC_loginpage_loginContainer">
445: $logintitle
446: <table border="0" align="left" cellspacing="1" cellpadding="2" width="100%">
447: <tr>
448: <td>
449: $loginform
450: </td>
451: </tr>
452: </table>
453: $noscript_warning
454: </div>
455:
456: <div class="LC_loginpage_loginInfo">
457: $loginhelp<br />
458: $forgotpw<br />
459: $contactblock<br />
460: $newuserlink
461: $coursecatalog
462: </div>
463: </div>
464: ENDTOP
465: if ($showmainlogo) {
466: $r->print(' <img src="'.$logo.'" alt="" />'."\n");
467: }
468: $r->print(<<ENDTOP);
469: $announcements
470: $domainlogo
471: <div class="LC_loginpage_space"> </div>
472: ENDTOP
473:
474: $r->print(<<ENDDOCUMENT);
475: <table border="0" cellspacing="0" cellpadding="0">
476: <tr>
477: <td align="left" valign="top">
478: <small><b> $lt{'dom'}: </b></small>
479: </td>
480: <td align="left" valign="top">
481: <small><tt> $domain</tt></small>
482: </td>
483: </tr>
484: <tr>
485: <td align="left" valign="top">
486: <small><b> $lt{'serv'}: </b></small>
487: </td>
488: <td align="left" valign="top">
489: <small><tt> $lonhost ($role)</tt></small>
490: </td>
491: </tr>
492: <tr>
493: <td align="left" valign="top">
494: <small><b> $lt{'load'}: </b></small>
495: </td>
496: <td align="left" valign="top">
497: <small><tt> $loadpercent $lt{'perc'}</tt></small>
498: </td>
499: </tr>
500: <tr>
501: <td align="left" valign="top">
502: <small><b> $lt{'userload'}: </b></small>
503: </td>
504: <td align="left" valign="top">
505: <small><tt> $userloadpercent $lt{'perc'}</tt></small>
506: </td>
507: </tr>
508: </table>
509: </div>
510:
511: <script type="text/javascript">
512: // <![CDATA[
513: // the if prevents the script error if the browser can not handle this
514: if ( document.client.uname ) { document.client.uname.focus(); }
515: // ]]>
516: </script>
517: $helpdeskscript
518:
519: ENDDOCUMENT
520: my %endargs = ( 'noredirectlink' => 1, );
521: $r->print(&Apache::loncommon::end_page(\%endargs));
522: return OK;
523: }
524:
525: sub redirect_page {
526: my ($desthost) = @_;
527: my $protocol = $Apache::lonnet::protocol{$desthost};
528: $protocol = 'http' if ($protocol ne 'https');
529: my $url = $protocol.'://'.&Apache::lonnet::hostname($desthost).'/';
530: if ($env{'form.firsturl'} ne '') {
531: $url .='?firsturl='.$env{'form.firsturl'};
532: }
533: my $start_page = &Apache::loncommon::start_page('Switching Server',undef,
534: {'redirect' => [0,$url],});
535: my $end_page = &Apache::loncommon::end_page();
536: return $start_page.$end_page;
537: }
538:
539: sub contactdisplay {
540: my ($lt,$servadm,$showadminmail,$version,$authdomain,$helpdeskscript) = @_;
541: my $contactblock;
542: my $showhelpdesk = 0;
543: my $requestmail = $Apache::lonnet::perlvar{'lonSupportEMail'};
544: if ($requestmail =~ m/^[^\@]+\@[^\@]+$/) {
545: $showhelpdesk = 1;
546: }
547: if ($servadm && $showadminmail) {
548: $contactblock .= '<b> '.$$lt{'servadm'}.':</b><br />'.
549: '<tt> '.$servadm.'</tt><br /> <br />';
550: }
551: if ($showhelpdesk) {
552: $contactblock .= '<a href="javascript:helpdesk()">'.$lt->{'helpdesk'}.'</a><br />';
553: my $thisurl = &escape('/adm/login');
554: $$helpdeskscript = <<"ENDSCRIPT";
555: <script type="text/javascript">
556: // <![CDATA[
557: function helpdesk() {
558: var codedom = document.client.udom.value;
559: if (codedom == '') {
560: codedom = "$authdomain";
561: }
562: var querystr = "origurl=$thisurl&codedom="+codedom;
563: document.location.href = "/adm/helpdesk?"+querystr;
564: return;
565: }
566: // ]]>
567: </script>
568: ENDSCRIPT
569: }
570: $contactblock .= <<"ENDBLOCK";
571: $version
572: ENDBLOCK
573: return $contactblock;
574: }
575:
576: sub forgotpwdisplay {
577: my (%lt) = @_;
578: my $prompt_for_resetpw = 1;
579: if ($prompt_for_resetpw) {
580: return '<a href="/adm/resetpw">'.$lt{'forgotpw'}.'</a>';
581: }
582: return;
583: }
584:
585: sub loginhelpdisplay {
586: my (%lt) = @_;
587: my $login_help = 1;
588: if ($login_help) {
589: return '<a href="/adm/loginproblems.html">'.$lt{'help'}.'</a>';
590: }
591: return;
592: }
593:
594: sub coursecatalog_link {
595: my ($linkname) = @_;
596: return <<"END";
597: <a href="/adm/coursecatalog">$linkname</a>
598: END
599: }
600:
601: sub newuser_link {
602: my ($linkname) = @_;
603: return ' <a href="/adm/createaccount"><b>'.$linkname.'</b></a><br />';
604: }
605:
606: 1;
607: __END__
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>