--- loncom/auth/lontokacc.pm	2002/07/27 18:48:19	1.1
+++ loncom/auth/lontokacc.pm	2007/03/02 23:17:48	1.17
@@ -1,8 +1,7 @@
 # The LearningOnline Network
-# Low security Access Handler for Token-based access 
-# (clearance given by other loncapa host)
+# Access Handler for User File Transfers
 #
-# $Id: lontokacc.pm,v 1.1 2002/07/27 18:48:19 www Exp $
+# $Id: lontokacc.pm,v 1.17 2007/03/02 23:17:48 albertel Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -32,25 +31,63 @@ package Apache::lontokacc;
 use strict;
 use Apache::Constants qw(:common :remotehost);
 use Apache::lonnet();
-use Apache::loncommon();
+use Apache::File();
+use IO::Socket;
 
 sub handler {
     my $r = shift;
-    &Apache::loncommon::get_unprocessed_cgi($ENV{'QUERY_STRING'},
-    ['token','server']);
-    if (($ENV{'form.token'}) || ($ENV{'form.server'})) {
-        my $tmpinfo=Apache::lonnet::reply('tmpget:'.$ENV{'form.token'},
-                                                    $ENV{'form.server'});
-
-        if ($tmpinfo eq $r->uri) {
-	   return OK;
-        }
+    my $reqhost = $r->get_remote_host(REMOTE_NOLOOKUP);
+    my %iphost=&Apache::lonnet::get_iphost();
+    my $hostids=$iphost{$reqhost};
+    if (!$hostids && $reqhost ne '127.0.0.1' ) {
+	$r->log_reason("Unable to find a host for ".
+		       $r->get_remote_host(REMOTE_NOLOOKUP));
+	return FORBIDDEN;
     }
-    $r->log_reason("Invalid token-based access",$r->filename); 
+    if ($reqhost eq '127.0.0.1') {
+       return OK;
+    }
+    my $readline;
+    my $lontabdir=$r->dir_config('lonTabDir');
+    {
+       my $fh;
+       unless ($fh=Apache::File->new("$lontabdir/hosts.tab")) {
+          $r->log_reason("Could not find host tab file");
+          return FORBIDDEN;
+       }
+       while ($readline=<$fh>) {
+	   $readline=~s/\s*$//;
+	   my ($id,$domain,$role,$name)=split(/:/,$readline);
+	   foreach my $hostid (@{$hostids}) {
+	       my $hostname=&Apache::lonnet::hostname($hostid);
+	       if ($name =~ /^\Q$hostname\E$/i) {
+		   return OK; 
+	       }
+	   }
+       }
+
+    }
+    $r->log_reason("Invalid request for user file transfer from $reqhost (".join(",",@{$hostids}).")", 
+                   $r->filename); 
     return FORBIDDEN;
 }
 
+sub removefile {
+    my $r=shift;
+    if ($r->status==200) {
+        unlink($r->filename);
+	#&Apache::lonnet::logthis('Unlinking '.$r->filename);
+    } else {
+        &Apache::lonnet::logthis('Failed to transfer '.$r->filename);
+    }
+    return OK;
+}
 1;
 __END__
 
 
+
+
+
+
+