1: # The LearningOnline Network
2: # Login Screen
3: #
4: # $Id: lonlogin.pm,v 1.131 2009/12/04 13:50:48 jms Exp $
5: #
6: # Copyright Michigan State University Board of Trustees
7: #
8: # This file is part of the LearningOnline Network with CAPA (LON-CAPA).
9: #
10: # LON-CAPA is free software; you can redistribute it and/or modify
11: # it under the terms of the GNU General Public License as published by
12: # the Free Software Foundation; either version 2 of the License, or
13: # (at your option) any later version.
14: #
15: # LON-CAPA is distributed in the hope that it will be useful,
16: # but WITHOUT ANY WARRANTY; without even the implied warranty of
17: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18: # GNU General Public License for more details.
19: #
20: # You should have received a copy of the GNU General Public License
21: # along with LON-CAPA; if not, write to the Free Software
22: # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
23: #
24: # /home/httpd/html/adm/gpl.txt
25: #
26: # http://www.lon-capa.org/
27: #
28:
29: package Apache::lonlogin;
30:
31: use strict;
32: use Apache::Constants qw(:common);
33: use Apache::File ();
34: use Apache::lonnet;
35: use Apache::loncommon();
36: use Apache::lonauth();
37: use Apache::lonlocal;
38: use Apache::migrateuser();
39: use lib '/home/httpd/lib/perl/';
40: use LONCAPA;
41:
42: sub handler {
43: my $r = shift;
44:
45: &Apache::loncommon::get_unprocessed_cgi
46: (join('&',$ENV{'QUERY_STRING'},$env{'request.querystring'},
47: $ENV{'REDIRECT_QUERY_STRING'}),
48: ['interface','username','domain','firsturl','localpath','localres',
49: 'token','role','symb']);
50: if (!defined($env{'form.firsturl'})) {
51: &Apache::lonacc::get_posted_cgi($r,['firsturl']);
52: }
53:
54: # -- check if they are a migrating user
55: if (defined($env{'form.token'})) {
56: return &Apache::migrateuser::handler($r);
57: }
58:
59: &Apache::loncommon::no_cache($r);
60: &Apache::lonlocal::get_language_handle($r);
61: &Apache::loncommon::content_type($r,'text/html');
62: $r->send_http_header;
63: return OK if $r->header_only;
64:
65:
66: # Are we re-routing?
67: if (-e '/home/httpd/html/lon-status/reroute.txt') {
68: &Apache::lonauth::reroute($r);
69: return OK;
70: }
71:
72:
73: # -------------------------------- Prevent users from attempting to login twice
74: my $handle = &Apache::lonnet::check_for_valid_session($r);
75: if ($handle=~/^publicuser\_/) {
76: # For "public user" - remove it, we apparently really want to login
77: unlink($r->dir_config('lonIDsDir')."/$handle.id");
78: } elsif ($handle ne '') {
79: # Indeed, a valid token is found
80: my $start_page =
81: &Apache::loncommon::start_page('Already logged in');
82: my $end_page =
83: &Apache::loncommon::end_page();
84: my $dest = '/adm/roles';
85: if ($env{'form.firsturl'} ne '') {
86: $dest = $env{'form.firsturl'};
87: }
88:
89: my $dom = &Apache::lonnet::default_login_domain();
90: my %helpconfig = &Apache::lonnet::get_dom('configuration',['helpsettings'],$dom);
91:
92: my $loginhelp_page = $helpconfig{'helpsettings'}{'loginhelpurl'};
93: if ($loginhelp_page eq '') {
94: $loginhelp_page = '/adm/loginproblems.html';
95: }
96: $r->print(
97: $start_page
98: .'<h1>'.&mt('You are already logged in!').'</h1>'
99: .'<p>'.&mt('Please either [_1]continue the current session[_2] or [_3]log out[_4].',
100: '<a href="'.$dest.'">','</a>','<a href="/adm/logout">','</a>').'</p>'
101: .'<p><a href="'.$loginhelp_page.'">'.&mt('Login problems?').'</a></p>'
102: .$dom.' '.$end_page
103: );
104: return OK;
105: }
106:
107: # ---------------------------------------------------- No valid token, continue
108:
109: # ---------------------------- Not possible to really login to domain "public"
110: if ($env{'form.domain'} eq 'public') {
111: $env{'form.domain'}='';
112: $env{'form.username'}='';
113: }
114: # ----------------------------------------------------------- Process Interface
115: $env{'form.interface'}=~s/\W//g;
116:
117: my $httpbrowser=$ENV{"HTTP_USER_AGENT"};
118:
119: my $iconpath=
120: &Apache::loncommon::lonhttpdurl($r->dir_config('lonIconsURL'));
121:
122: my $lonhost = $r->dir_config('lonHostID');
123: my $domain = &Apache::lonnet::default_login_domain();
124: my %domconfhash = &Apache::loncommon::get_domainconf($domain);
125: if ($lonhost ne '') {
126: my $loginvia = $domconfhash{$domain.'.login.loginvia_'.$lonhost};
127: if (($loginvia ne '') && ($loginvia ne $lonhost)) {
128: if (&Apache::lonnet::hostname($loginvia) ne '') {
129: $r->print(&redirect_page($loginvia));
130: return OK;
131: }
132: }
133: }
134:
135: if (($env{'form.domain'}) &&
136: (&Apache::lonnet::domain($env{'form.domain'},'description'))) {
137: $domain=$env{'form.domain'};
138: }
139: my $role = $r->dir_config('lonRole');
140: my $loadlim = $r->dir_config('lonLoadLim');
141: my $servadm = $r->dir_config('lonAdmEMail');
142: my $tabdir = $r->dir_config('lonTabDir');
143: my $include = $r->dir_config('lonIncludes');
144: my $expire = $r->dir_config('lonExpire');
145: my $version = $r->dir_config('lonVersion');
146: my $host_name = &Apache::lonnet::hostname($lonhost);
147:
148: # --------------------------------------------- Default values for login fields
149:
150: my $authusername=($env{'form.username'}?$env{'form.username'}:'');
151: my $authdomain=($env{'form.domain'}?$env{'form.domain'}:$domain);
152:
153: # ---------------------------------------------------------- Determine own load
154: my $loadavg;
155: {
156: my $loadfile=Apache::File->new('/proc/loadavg');
157: $loadavg=<$loadfile>;
158: }
159: $loadavg =~ s/\s.*//g;
160: my $loadpercent=sprintf("%.1f",100*$loadavg/$loadlim);
161: my $userloadpercent=&Apache::lonnet::userload();
162:
163: # ------------------------------------------------------- Do the load balancing
164: my $otherserver= &Apache::lonnet::absolute_url($host_name);
165: my $firsturl=
166: ($env{'request.firsturl'}?$env{'request.firsturl'}:$env{'form.firsturl'});
167: # ---------------------------------------------------------- Are we overloaded?
168: if ((($userloadpercent>100.0)||($loadpercent>100.0))) {
169: my $unloaded=Apache::lonnet::spareserver($loadpercent,$userloadpercent);
170: if ($unloaded) { $otherserver=$unloaded; }
171: }
172:
173: # ----------------------------------------------------------- Get announcements
174: my $announcements=&Apache::lonnet::getannounce();
175: # -------------------------------------------------------- Set login parameters
176:
177: my @hexstr=('0','1','2','3','4','5','6','7',
178: '8','9','a','b','c','d','e','f');
179: my $lkey='';
180: for (0..7) {
181: $lkey.=$hexstr[rand(15)];
182: }
183:
184: my $ukey='';
185: for (0..7) {
186: $ukey.=$hexstr[rand(15)];
187: }
188:
189: my $lextkey=hex($lkey);
190: if ($lextkey>2147483647) { $lextkey-=4294967296; }
191:
192: my $uextkey=hex($ukey);
193: if ($uextkey>2147483647) { $uextkey-=4294967296; }
194:
195: # -------------------------------------------------------- Store away log token
196: my $tokenextras;
197: if ($env{'form.role'}) {
198: $tokenextras = '&role='.&escape($env{'form.role'});
199: }
200: if ($env{'form.symb'}) {
201: if (!$tokenextras) {
202: $tokenextras = '&';
203: }
204: $tokenextras .= '&symb='.&escape($env{'form.symb'});
205: }
206: my $logtoken=Apache::lonnet::reply(
207: 'tmpput:'.$ukey.$lkey.'&'.$firsturl.$tokenextras,
208: $lonhost);
209:
210: # ------------------- If we cannot talk to ourselves, we are in serious trouble
211:
212: if ($logtoken eq 'con_lost') {
213: my $spares='';
214: my $last;
215: foreach my $hostid (sort
216: {
217: &Apache::lonnet::hostname($a) cmp
218: &Apache::lonnet::hostname($b);
219: }
220: keys(%Apache::lonnet::spareid)) {
221: next if ($hostid eq $lonhost);
222: my $hostname = &Apache::lonnet::hostname($hostid);
223: next if ($last eq $hostname);
224: $spares.='<br /><font size="+1"><a href="http://'.
225: $hostname.
226: '/adm/login?domain='.$authdomain.'">'.
227: $hostname.'</a>'.
228: ' '.&mt('(preferred)').'</font>'.$/;
229: $last=$hostname;
230: }
231: $spares.= '<br />';
232: my %all_hostnames = &Apache::lonnet::all_hostnames();
233: foreach my $hostid (sort
234: {
235: &Apache::lonnet::hostname($a) cmp
236: &Apache::lonnet::hostname($b);
237: }
238: keys(%all_hostnames)) {
239: next if ($hostid eq $lonhost || $Apache::lonnet::spareid{$hostid});
240: my $hostname = &Apache::lonnet::hostname($hostid);
241: next if ($last eq $hostname);
242: $spares.='<br /><a href="http://'.
243: $hostname.
244: '/adm/login?domain='.$authdomain.'">'.
245: $hostname.'</a>';
246: $last=$hostname;
247: }
248: $r->print(
249: '<html>'
250: .'<head><title>'
251: .&mt('The LearningOnline Network with CAPA')
252: .'</title></head>'
253: .'<body bgcolor="#FFFFFF">'
254: .'<h1>'.&mt('The LearningOnline Network with CAPA').'</h1>'
255: .'<img src="/adm/lonKaputt/lonlogo_broken.gif" align="right" />'
256: .'<h3>'.&mt('This LON-CAPA server is temporarily not available for login.').'</h3>'
257: .'<p>'.&mt('Please attempt to login to one of the following servers:').'</p>'
258: .$spares
259: .'</body>'
260: .'</html>'
261: );
262: return OK;
263: }
264:
265: # ----------------------------------------------- Apparently we are in business
266: $servadm=~s/\,/\<br \/\>/g;
267:
268: # ----------------------------------------------------------- Front page design
269: my $pgbg=&Apache::loncommon::designparm('login.pgbg',$domain);
270: my $font=&Apache::loncommon::designparm('login.font',$domain);
271: my $link=&Apache::loncommon::designparm('login.link',$domain);
272: my $vlink=&Apache::loncommon::designparm('login.vlink',$domain);
273: my $alink=&Apache::loncommon::designparm('login.alink',$domain);
274: my $mainbg=&Apache::loncommon::designparm('login.mainbg',$domain);
275: my $logo=&Apache::loncommon::designparm('login.logo',$domain);
276: my $img=&Apache::loncommon::designparm('login.img',$domain);
277: my $domainlogo=&Apache::loncommon::domainlogo($domain);
278: my $login=&Apache::loncommon::designparm('login.login',$domain);
279: if ($login eq '') {
280: $login = $iconpath.'/'.&mt('userauthentication.gif');
281: }
282: my $showbanner = 1;
283: my $showmainlogo = 1;
284: if (defined(&Apache::loncommon::designparm('login.showlogo_img',$domain))) {
285: $showbanner = &Apache::loncommon::designparm('login.showlogo_img',$domain);
286: }
287: if (defined(&Apache::loncommon::designparm('login.showlogo_logo',$domain))) {
288: $showmainlogo = &Apache::loncommon::designparm('login.showlogo_logo',$domain);
289: }
290: my $showadminmail=&Apache::loncommon::designparm('login.adminmail',$domain);
291: my $showcoursecat =
292: &Apache::loncommon::designparm('login.coursecatalog',$domain);
293: my $loginheader =&Apache::loncommon::designparm('login.loginheader',$domain);
294: my $shownewuserlink =
295: &Apache::loncommon::designparm('login.newuser',$domain);
296: my $now=time;
297: my $js = (<<ENDSCRIPT);
298:
299: <script type="text/javascript" language="JavaScript">
300: // <![CDATA[
301: function send()
302: {
303: this.document.server.elements.uname.value
304: =this.document.client.elements.uname.value;
305:
306: this.document.server.elements.udom.value
307: =this.document.client.elements.udom.value;
308:
309: uextkey=this.document.client.elements.uextkey.value;
310: lextkey=this.document.client.elements.lextkey.value;
311: initkeys();
312:
313: this.document.server.elements.upass0.value
314: =crypted(this.document.client.elements.upass$now.value.substr(0,15));
315: this.document.server.elements.upass1.value
316: =crypted(this.document.client.elements.upass$now.value.substr(15,15));
317: this.document.server.elements.upass2.value
318: =crypted(this.document.client.elements.upass$now.value.substr(30,15));
319:
320: this.document.client.elements.uname.value='';
321: this.document.client.elements.upass$now.value='';
322:
323: this.document.server.submit();
324: return false;
325: }
326: // ]]>
327: </script>
328:
329: ENDSCRIPT
330:
331: # --------------------------------------------------- Print login screen header
332:
333: my %add_entries = (
334: bgcolor => "$mainbg",
335: text => "$font",
336: link => "$link",
337: vlink => "$vlink",
338: alink => "$alink",);
339:
340: $r->print(&Apache::loncommon::start_page('The LearningOnline Network with CAPA Login',$js,
341: { 'redirect' => [$expire,'/adm/roles'],
342: 'add_entries' => \%add_entries,
343: 'only_body' => 1,}));
344:
345: # ----------------------------------------------------------------------- Texts
346:
347: my %lt=&Apache::lonlocal::texthash(
348: 'un' => 'Username',
349: 'pw' => 'Password',
350: 'dom' => 'Domain',
351: 'perc' => 'percent',
352: 'load' => 'Server Load',
353: 'userload' => 'User Load',
354: 'catalog' => 'Course/Community Catalog',
355: 'log' => 'Log in',
356: 'help' => 'Log-in Help',
357: 'serv' => 'Server',
358: 'servadm' => 'Server Administration',
359: 'helpdesk' => 'Contact Helpdesk',
360: 'forgotpw' => 'Forgot password?',
361: 'newuser' => 'New User?',
362: );
363: # -------------------------------------------------- Change password field name
364:
365: my $forgotpw = &forgotpwdisplay(%lt);
366: my $loginhelp = &loginhelpdisplay(%lt);
367:
368: # ---------------------------------------------------- Serve out DES JavaScript
369: {
370: my $jsh=Apache::File->new($include."/londes.js");
371: $r->print(<$jsh>);
372: }
373: # ---------------------------------------------------------- Serve rest of page
374:
375: $r->print(
376: '<div class="LC_loginpage_container">');
377:
378: #
379: # If the loadbalancing yielded just http:// because perhaps there's no loadbalancing?
380: # then just us a relative link to authenticate:
381: #
382:
383: $r->print(<<ENDSERVERFORM);
384: <form name="server" action="$otherserver/adm/authenticate" method="post" target="_top">
385: <input type="hidden" name="logtoken" value="$logtoken" />
386: <input type="hidden" name="serverid" value="$lonhost" />
387: <input type="hidden" name="uname" value="" />
388: <input type="hidden" name="upass0" value="" />
389: <input type="hidden" name="upass1" value="" />
390: <input type="hidden" name="upass2" value="" />
391: <input type="hidden" name="udom" value="" />
392: <input type="hidden" name="localpath" value="$env{'form.localpath'}" />
393: <input type="hidden" name="localres" value="$env{'form.localres'}" />
394: </form>
395: ENDSERVERFORM
396: my $coursecatalog;
397: if (($showcoursecat eq '') || ($showcoursecat)) {
398: $coursecatalog = &coursecatalog_link($lt{'catalog'});
399: }
400: my $newuserlink;
401: if ($shownewuserlink) {
402: $newuserlink = &newuser_link($lt{'newuser'});
403: }
404: my $logintitle;
405: if ($loginheader eq 'text') {
406: $logintitle ='<h2>'.$lt{'log'}.'</h2>';
407: } else {
408: $logintitle = '<img src="'.$login.'" alt="'.
409: &mt('User Authentication').'" />';
410: }
411:
412: my $noscript_warning='<noscript><span class="LC_warning"><b>'
413: .&mt('Use of LON-CAPA requires Javascript to be enabled in your web browser.')
414: .'</b></span></noscript>';
415: my $helpdeskscript;
416: my $contactblock = &contactdisplay(\%lt,$servadm,$showadminmail,
417: $version,$authdomain,\$helpdeskscript);
418:
419: my $loginform=(<<LFORM);
420: <form name="client" action="" onsubmit="return(send())">
421: <input type="hidden" name="lextkey" value="$lextkey" />
422: <input type="hidden" name="uextkey" value="$uextkey" />
423: <b><label for="uname">$lt{'un'}</label>:</b><br />
424: <input type="text" name="uname" id="uname" size="15" value="$authusername" /><br />
425: <b><label for="upass$now">$lt{'pw'}</label>:</b><br />
426: <input type="password" name="upass$now" id="upass$now" size="15" /><br />
427: <b><label for="udom">$lt{'dom'}</label>:</b><br />
428: <input type="text" name="udom" id="udom" size="15" value="$authdomain" /><br />
429: <input type="submit" value="$lt{'log'}" />
430: </form>
431: LFORM
432:
433: if ($showbanner) {
434: $r->print(<<HEADER);
435: <!-- The LON-CAPA Header -->
436: <table border="0" align="left" width="100%" cellspacing="0" cellpadding="1">
437: <tr>
438: <td align="left" valign="top" bgcolor="$pgbg">
439: <img src="$img" border="0" alt="The Learning Online Network with CAPA" />
440: </td>
441: </tr>
442: </table>
443: HEADER
444: }
445: $r->print(<<ENDTOP);
446: <div class="LC_loginpage_space"> </div>
447: <div class="LC_loginpage_floatLeft">
448: <div class="LC_loginpage_loginContainer">
449: $logintitle
450: <table border="0" align="left" cellspacing="1" cellpadding="2" width="100%">
451: <tr>
452: <td>
453: $loginform
454: </td>
455: </tr>
456: </table>
457: $noscript_warning
458: </div>
459:
460: <div class="LC_loginpage_loginInfo">
461: $loginhelp<br />
462: $forgotpw<br />
463: <br />
464: $contactblock<br />
465: <br />
466: $newuserlink<br />
467: $coursecatalog
468: </div>
469: </div>
470: ENDTOP
471: if ($showmainlogo) {
472: $r->print(' <img src="'.$logo.'" alt="" />'."\n");
473: }
474: $r->print(<<ENDTOP);
475: $announcements
476: $domainlogo
477: <div class="LC_loginpage_space"> </div>
478: ENDTOP
479:
480: $r->print(<<ENDDOCUMENT);
481: <table border="0" cellspacing="0" cellpadding="0">
482: <tr>
483: <td align="left" valign="top">
484: <small><b> $lt{'dom'}: </b></small>
485: </td>
486: <td align="left" valign="top">
487: <small><tt> $domain</tt></small>
488: </td>
489: </tr>
490: <tr>
491: <td align="left" valign="top">
492: <small><b> $lt{'serv'}: </b></small>
493: </td>
494: <td align="left" valign="top">
495: <small><tt> $lonhost ($role)</tt></small>
496: </td>
497: </tr>
498: <tr>
499: <td align="left" valign="top">
500: <small><b> $lt{'load'}: </b></small>
501: </td>
502: <td align="left" valign="top">
503: <small><tt> $loadpercent $lt{'perc'}</tt></small>
504: </td>
505: </tr>
506: <tr>
507: <td align="left" valign="top">
508: <small><b> $lt{'userload'}: </b></small>
509: </td>
510: <td align="left" valign="top">
511: <small><tt> $userloadpercent $lt{'perc'}</tt></small>
512: </td>
513: </tr>
514: </table>
515: </div>
516:
517: <script type="text/javascript">
518: // <![CDATA[
519: // the if prevents the script error if the browser can not handle this
520: if ( document.client.uname ) { document.client.uname.focus(); }
521: // ]]>
522: </script>
523: $helpdeskscript
524:
525: ENDDOCUMENT
526: my %endargs = ( 'noredirectlink' => 1, );
527: $r->print(&Apache::loncommon::end_page(\%endargs));
528: return OK;
529: }
530:
531: sub redirect_page {
532: my ($desthost) = @_;
533: my $protocol = $Apache::lonnet::protocol{$desthost};
534: $protocol = 'http' if ($protocol ne 'https');
535: my $url = $protocol.'://'.&Apache::lonnet::hostname($desthost).'/';
536: if ($env{'form.firsturl'} ne '') {
537: $url .='?firsturl='.$env{'form.firsturl'};
538: }
539: my $start_page = &Apache::loncommon::start_page('Switching Server',undef,
540: {'redirect' => [0,$url],});
541: my $end_page = &Apache::loncommon::end_page();
542: return $start_page.$end_page;
543: }
544:
545: sub contactdisplay {
546: my ($lt,$servadm,$showadminmail,$version,$authdomain,$helpdeskscript) = @_;
547: my $contactblock;
548: my $showhelpdesk = 0;
549: my $requestmail = $Apache::lonnet::perlvar{'lonSupportEMail'};
550: if ($requestmail =~ m/^[^\@]+\@[^\@]+$/) {
551: $showhelpdesk = 1;
552: }
553: if ($servadm && $showadminmail) {
554: $contactblock .= $$lt{'servadm'}.':<br />'.
555: '<tt>'.$servadm.'</tt><br />';
556: }
557: if ($showhelpdesk) {
558: $contactblock .= '<a href="javascript:helpdesk()">'.$lt->{'helpdesk'}.'</a><br />';
559: my $thisurl = &escape('/adm/login');
560: $$helpdeskscript = <<"ENDSCRIPT";
561: <script type="text/javascript">
562: // <![CDATA[
563: function helpdesk() {
564: var codedom = document.client.udom.value;
565: if (codedom == '') {
566: codedom = "$authdomain";
567: }
568: var querystr = "origurl=$thisurl&codedom="+codedom;
569: document.location.href = "/adm/helpdesk?"+querystr;
570: return;
571: }
572: // ]]>
573: </script>
574: ENDSCRIPT
575: }
576: $contactblock .= $version;
577: return $contactblock;
578: }
579:
580: sub forgotpwdisplay {
581: my (%lt) = @_;
582: my $prompt_for_resetpw = 1;
583: if ($prompt_for_resetpw) {
584: return '<a href="/adm/resetpw">'.$lt{'forgotpw'}.'</a>';
585: }
586: return;
587: }
588:
589: sub loginhelpdisplay {
590: my (%lt) = @_;
591: my $login_help = 1;
592: if ($login_help) {
593: my $dom = &Apache::lonnet::default_login_domain();
594: my %helpconfig = &Apache::lonnet::get_dom('configuration',['helpsettings'],$dom);
595: my $loginhelp_url = $helpconfig{'helpsettings'}{'loginhelpurl'};
596: if ($loginhelp_url ne '') {
597: return '<a href="'.$loginhelp_url.'">'.$lt{'help'}.'</a>';
598: } else {
599: return '<a href="/adm/loginproblems.html">'.$lt{'help'}.'</a>';
600: }
601: }
602: return;
603: }
604:
605: sub coursecatalog_link {
606: my ($linkname) = @_;
607: return <<"END";
608: <a href="/adm/coursecatalog">$linkname</a>
609: END
610: }
611:
612: sub newuser_link {
613: my ($linkname) = @_;
614: return '<a href="/adm/createaccount">'.$linkname.'</a>';
615: }
616:
617: 1;
618: __END__
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>