1 |
# Gedafe, the Generic Database Frontend |
2 |
# copyright (c) 2000-2003 ETH Zurich |
3 |
# see http://isg.ee.ethz.ch/tools/gedafe/ |
4 |
|
5 |
# released under the GNU General Public License |
6 |
|
7 |
package Gedafe::Auth; |
8 |
use strict; |
9 |
use Gedafe::Util qw( |
10 |
ConnectToTicketsDaemon |
11 |
MakeURL |
12 |
MyURL |
13 |
Template |
14 |
UniqueFormStart |
15 |
UniqueFormEnd |
16 |
NextRefresh |
17 |
); |
18 |
use Gedafe::Global qw(%g); |
19 |
use Gedafe::DB qw(DB_Connect); |
20 |
|
21 |
use vars qw(@ISA @EXPORT_OK); |
22 |
require Exporter; |
23 |
@ISA = qw(Exporter); |
24 |
@EXPORT_OK = qw(AuthConnect); |
25 |
|
26 |
sub Auth_GetTicket($$$$) { |
27 |
my $s = shift; |
28 |
my $ticket = shift; |
29 |
my $user = shift; |
30 |
my $pass = shift; |
31 |
my $socket = ConnectToTicketsDaemon($s); |
32 |
print $socket "SITE $s->{path}/$s->{script}\n"; |
33 |
<$socket>; |
34 |
print $socket "GET $ticket\n"; |
35 |
$_ = <$socket>; |
36 |
close($socket); |
37 |
chomp; |
38 |
if(! /^OK ([^ ]+) (.+)$/) { |
39 |
return 0; |
40 |
} |
41 |
$$user = $1; |
42 |
$$pass = $2; |
43 |
return 1; |
44 |
} |
45 |
|
46 |
sub Auth_ClearTicket($$) { |
47 |
my $s = shift; |
48 |
my $ticket = shift; |
49 |
my $socket = ConnectToTicketsDaemon($s); |
50 |
print $socket "SITE $s->{path}/$s->{script}\n"; |
51 |
<$socket>; |
52 |
print $socket "CLEAR $ticket\n"; |
53 |
<$socket>; |
54 |
close($socket); |
55 |
} |
56 |
|
57 |
sub Auth_SetTicket($$$) { |
58 |
my $s = shift; |
59 |
my $user = shift; |
60 |
my $pass = shift; |
61 |
my $socket = ConnectToTicketsDaemon($s); |
62 |
print $socket "SITE $s->{path}/$s->{script}\n"; |
63 |
<$socket>; |
64 |
print $socket "SET $user $pass\n"; |
65 |
my $ticket = <$socket>; |
66 |
close($socket); |
67 |
chomp $ticket; |
68 |
return $ticket; |
69 |
} |
70 |
|
71 |
sub Auth_Login($) |
72 |
{ |
73 |
my $s = shift; |
74 |
my $q = $s->{cgi}; |
75 |
|
76 |
print $q->header; |
77 |
$s->{http_header_sent}=1; |
78 |
print Template({ PAGE => 'login', ELEMENT => 'header' }); |
79 |
my $form_url = $q->param('form_url') || MyURL($q); |
80 |
my $next_url = $q->param('next_url') || |
81 |
MakeURL(MyURL($q), { |
82 |
logout=>'', |
83 |
refresh=>NextRefresh(), |
84 |
}); |
85 |
$s->{header_sent}=1; |
86 |
|
87 |
UniqueFormStart($s, $next_url); |
88 |
|
89 |
print Template({ PAGE => 'login', ELEMENT => 'login' }); |
90 |
|
91 |
foreach($q->param) { |
92 |
if(/^(next_url|form_id|form_url|login_.*)$/ ) { next; } |
93 |
if(defined ($q->url_param($_))) { next; } |
94 |
print "<INPUT TYPE=\"hidden\" NAME=\"$_\" VALUE=\"" . |
95 |
$q->param($_) . "\">\n"; |
96 |
} |
97 |
|
98 |
UniqueFormEnd($s, $form_url, $next_url); |
99 |
|
100 |
print Template({ PAGE => 'login', ELEMENT => 'footer' }); |
101 |
|
102 |
exit; |
103 |
} |
104 |
|
105 |
sub AuthConnect($$$$) { |
106 |
my $s = shift; |
107 |
my $q = $s->{cgi}; |
108 |
my $user = shift; |
109 |
my $cookie = shift; |
110 |
my $ticket_value = shift; |
111 |
|
112 |
my $pass; |
113 |
my $dbh; |
114 |
|
115 |
# logout |
116 |
if($q->url_param('logout')) { |
117 |
my $ticket = $q->cookie(-name=>$s->{ticket_name}); |
118 |
Auth_ClearTicket($s, $ticket) if $ticket; |
119 |
Auth_Login($s); |
120 |
} |
121 |
|
122 |
# check Ticket |
123 |
my $c = $q->cookie(-name=>$s->{ticket_name}); |
124 |
|
125 |
# if ticket from cookie fails try ticket from param |
126 |
unless($c){ |
127 |
$c = $q->param("ticket"); |
128 |
} |
129 |
|
130 |
$$ticket_value=$c; |
131 |
if(defined $c and Auth_GetTicket($s, $c, $user, \$pass)) { |
132 |
# ticket authentication successfull |
133 |
return DB_Connect($$user, $pass); |
134 |
} |
135 |
|
136 |
# login response |
137 |
if(defined $q->param('login_user') or defined $q->url_param('user')) { |
138 |
$$user = $q->param('login_user'); |
139 |
$$user = $q->url_param('user') unless defined $$user; |
140 |
$pass = $q->param('login_pass'); |
141 |
$pass = 'anonymous' unless defined $pass; |
142 |
|
143 |
if(defined ($dbh = DB_Connect($$user, $pass))) { |
144 |
# user/pass authentication successfull |
145 |
my $ticket=Auth_SetTicket($s, $$user, $pass); |
146 |
$$cookie=$q->cookie(-name=>$s->{ticket_name}, |
147 |
-value=>$ticket, -path=>$s->{path}); |
148 |
return $dbh; |
149 |
} |
150 |
else { |
151 |
# login failed |
152 |
print $q->header; |
153 |
print Template({ PAGE => 'auth_error', TITLE => 'Authentication Error', ELEMENT => 'header' }); |
154 |
print Template({ PAGE => 'auth_error', TITLE => 'Authentication Error', ELEMENT => 'header2' }); |
155 |
print Template({ PAGE => 'auth_error', URL=>MyURL($q), ELEMENT => 'auth_error' }); |
156 |
print Template({ PAGE => 'auth_error', ELEMENT => 'footer' }); |
157 |
exit; |
158 |
} |
159 |
} |
160 |
|
161 |
# no login, no ticket -> login |
162 |
Auth_Login($s); |
163 |
} |
164 |
|
165 |
1; |