1 |
dpavlin |
1 |
# Gedafe, the Generic Database Frontend |
2 |
|
|
# copyright (c) 2000-2003 ETH Zurich |
3 |
|
|
# see http://isg.ee.ethz.ch/tools/gedafe/ |
4 |
|
|
|
5 |
|
|
# released under the GNU General Public License |
6 |
|
|
|
7 |
|
|
package Gedafe::Auth; |
8 |
|
|
use strict; |
9 |
|
|
use Gedafe::Util qw( |
10 |
|
|
ConnectToTicketsDaemon |
11 |
|
|
MakeURL |
12 |
|
|
MyURL |
13 |
|
|
Template |
14 |
|
|
UniqueFormStart |
15 |
|
|
UniqueFormEnd |
16 |
|
|
NextRefresh |
17 |
|
|
); |
18 |
|
|
use Gedafe::Global qw(%g); |
19 |
|
|
use Gedafe::DB qw(DB_Connect); |
20 |
|
|
|
21 |
|
|
use vars qw(@ISA @EXPORT_OK); |
22 |
|
|
require Exporter; |
23 |
|
|
@ISA = qw(Exporter); |
24 |
|
|
@EXPORT_OK = qw(AuthConnect); |
25 |
|
|
|
26 |
|
|
sub Auth_GetTicket($$$$) { |
27 |
|
|
my $s = shift; |
28 |
|
|
my $ticket = shift; |
29 |
|
|
my $user = shift; |
30 |
|
|
my $pass = shift; |
31 |
|
|
my $socket = ConnectToTicketsDaemon($s); |
32 |
|
|
print $socket "SITE $s->{path}/$s->{script}\n"; |
33 |
|
|
<$socket>; |
34 |
|
|
print $socket "GET $ticket\n"; |
35 |
|
|
$_ = <$socket>; |
36 |
|
|
close($socket); |
37 |
|
|
chomp; |
38 |
|
|
if(! /^OK ([^ ]+) (.+)$/) { |
39 |
|
|
return 0; |
40 |
|
|
} |
41 |
|
|
$$user = $1; |
42 |
|
|
$$pass = $2; |
43 |
|
|
return 1; |
44 |
|
|
} |
45 |
|
|
|
46 |
|
|
sub Auth_ClearTicket($$) { |
47 |
|
|
my $s = shift; |
48 |
|
|
my $ticket = shift; |
49 |
|
|
my $socket = ConnectToTicketsDaemon($s); |
50 |
|
|
print $socket "SITE $s->{path}/$s->{script}\n"; |
51 |
|
|
<$socket>; |
52 |
|
|
print $socket "CLEAR $ticket\n"; |
53 |
|
|
<$socket>; |
54 |
|
|
close($socket); |
55 |
|
|
} |
56 |
|
|
|
57 |
|
|
sub Auth_SetTicket($$$) { |
58 |
|
|
my $s = shift; |
59 |
|
|
my $user = shift; |
60 |
|
|
my $pass = shift; |
61 |
|
|
my $socket = ConnectToTicketsDaemon($s); |
62 |
|
|
print $socket "SITE $s->{path}/$s->{script}\n"; |
63 |
|
|
<$socket>; |
64 |
|
|
print $socket "SET $user $pass\n"; |
65 |
|
|
my $ticket = <$socket>; |
66 |
|
|
close($socket); |
67 |
|
|
chomp $ticket; |
68 |
|
|
return $ticket; |
69 |
|
|
} |
70 |
|
|
|
71 |
|
|
sub Auth_Login($) |
72 |
|
|
{ |
73 |
|
|
my $s = shift; |
74 |
|
|
my $q = $s->{cgi}; |
75 |
|
|
|
76 |
|
|
print $q->header; |
77 |
|
|
$s->{http_header_sent}=1; |
78 |
|
|
print Template({ PAGE => 'login', ELEMENT => 'header' }); |
79 |
|
|
my $form_url = $q->param('form_url') || MyURL($q); |
80 |
|
|
my $next_url = $q->param('next_url') || |
81 |
|
|
MakeURL(MyURL($q), { |
82 |
|
|
logout=>'', |
83 |
|
|
refresh=>NextRefresh(), |
84 |
|
|
}); |
85 |
|
|
$s->{header_sent}=1; |
86 |
|
|
|
87 |
|
|
UniqueFormStart($s, $next_url); |
88 |
|
|
|
89 |
|
|
print Template({ PAGE => 'login', ELEMENT => 'login' }); |
90 |
|
|
|
91 |
|
|
foreach($q->param) { |
92 |
|
|
if(/^(next_url|form_id|form_url|login_.*)$/ ) { next; } |
93 |
|
|
if(defined ($q->url_param($_))) { next; } |
94 |
|
|
print "<INPUT TYPE=\"hidden\" NAME=\"$_\" VALUE=\"" . |
95 |
|
|
$q->param($_) . "\">\n"; |
96 |
|
|
} |
97 |
|
|
|
98 |
|
|
UniqueFormEnd($s, $form_url, $next_url); |
99 |
|
|
|
100 |
|
|
print Template({ PAGE => 'login', ELEMENT => 'footer' }); |
101 |
|
|
|
102 |
|
|
exit; |
103 |
|
|
} |
104 |
|
|
|
105 |
|
|
sub AuthConnect($$$$) { |
106 |
|
|
my $s = shift; |
107 |
|
|
my $q = $s->{cgi}; |
108 |
|
|
my $user = shift; |
109 |
|
|
my $cookie = shift; |
110 |
|
|
my $ticket_value = shift; |
111 |
|
|
|
112 |
|
|
my $pass; |
113 |
|
|
my $dbh; |
114 |
|
|
|
115 |
|
|
# logout |
116 |
|
|
if($q->url_param('logout')) { |
117 |
|
|
my $ticket = $q->cookie(-name=>$s->{ticket_name}); |
118 |
|
|
Auth_ClearTicket($s, $ticket) if $ticket; |
119 |
|
|
Auth_Login($s); |
120 |
|
|
} |
121 |
|
|
|
122 |
|
|
# check Ticket |
123 |
|
|
my $c = $q->cookie(-name=>$s->{ticket_name}); |
124 |
|
|
|
125 |
|
|
# if ticket from cookie fails try ticket from param |
126 |
|
|
unless($c){ |
127 |
|
|
$c = $q->param("ticket"); |
128 |
|
|
} |
129 |
|
|
|
130 |
|
|
$$ticket_value=$c; |
131 |
|
|
if(defined $c and Auth_GetTicket($s, $c, $user, \$pass)) { |
132 |
|
|
# ticket authentication successfull |
133 |
|
|
return DB_Connect($$user, $pass); |
134 |
|
|
} |
135 |
|
|
|
136 |
|
|
# login response |
137 |
|
|
if(defined $q->param('login_user') or defined $q->url_param('user')) { |
138 |
|
|
$$user = $q->param('login_user'); |
139 |
|
|
$$user = $q->url_param('user') unless defined $$user; |
140 |
|
|
$pass = $q->param('login_pass'); |
141 |
|
|
$pass = 'anonymous' unless defined $pass; |
142 |
|
|
|
143 |
|
|
if(defined ($dbh = DB_Connect($$user, $pass))) { |
144 |
|
|
# user/pass authentication successfull |
145 |
|
|
my $ticket=Auth_SetTicket($s, $$user, $pass); |
146 |
|
|
$$cookie=$q->cookie(-name=>$s->{ticket_name}, |
147 |
|
|
-value=>$ticket, -path=>$s->{path}); |
148 |
|
|
return $dbh; |
149 |
|
|
} |
150 |
|
|
else { |
151 |
|
|
# login failed |
152 |
|
|
print $q->header; |
153 |
|
|
print Template({ PAGE => 'auth_error', TITLE => 'Authentication Error', ELEMENT => 'header' }); |
154 |
|
|
print Template({ PAGE => 'auth_error', TITLE => 'Authentication Error', ELEMENT => 'header2' }); |
155 |
|
|
print Template({ PAGE => 'auth_error', URL=>MyURL($q), ELEMENT => 'auth_error' }); |
156 |
|
|
print Template({ PAGE => 'auth_error', ELEMENT => 'footer' }); |
157 |
|
|
exit; |
158 |
|
|
} |
159 |
|
|
} |
160 |
|
|
|
161 |
|
|
# no login, no ticket -> login |
162 |
|
|
Auth_Login($s); |
163 |
|
|
} |
164 |
|
|
|
165 |
|
|
1; |