perl/Gedafe/Auth.pm

# Gedafe, the Generic Database Frontend
# copyright (c) 2000-2003 ETH Zurich
# see http://isg.ee.ethz.ch/tools/gedafe/

# released under the GNU General Public License

package Gedafe::Auth;
use strict;
use Gedafe::Util qw(
        ConnectToTicketsDaemon
        MakeURL
        MyURL
        Template
        UniqueFormStart
        UniqueFormEnd
        NextRefresh
);
use Gedafe::Global qw(%g);
use Gedafe::DB qw(DB_Connect);

use vars qw(@ISA @EXPORT_OK);
require Exporter;
@ISA       = qw(Exporter);
@EXPORT_OK = qw(AuthConnect);

sub Auth_GetTicket($$$$) {
        my $s = shift;
        my $ticket = shift;
        my $user = shift;
        my $pass = shift;
        my $socket = ConnectToTicketsDaemon($s);
        print $socket "SITE $s->{path}/$s->{script}\n";
        <$socket>;
        print $socket "GET $ticket\n";
        $_ = <$socket>;
        close($socket);
        chomp;
        if(! /^OK ([^ ]+) (.+)$/) {
                return 0;
        }
        $$user = $1;
        $$pass = $2;
        return 1;
}

sub Auth_ClearTicket($$) {
        my $s = shift;
        my $ticket = shift;
        my $socket = ConnectToTicketsDaemon($s);
        print $socket "SITE $s->{path}/$s->{script}\n";
        <$socket>;
        print $socket "CLEAR $ticket\n";
        <$socket>;
        close($socket);
}

sub Auth_SetTicket($$$) {
        my $s = shift;
        my $user = shift;
        my $pass = shift;
        my $socket = ConnectToTicketsDaemon($s);
        print $socket "SITE $s->{path}/$s->{script}\n";
        <$socket>;
        print $socket "SET $user $pass\n";
        my $ticket = <$socket>;
        close($socket);
        chomp $ticket;
        return $ticket;
}

sub Auth_Login($)
{
        my $s = shift;
        my $q = $s->{cgi};

        print $q->header;
        $s->{http_header_sent}=1;
        print Template({ PAGE => 'login', ELEMENT => 'header' });
        my $form_url = $q->param('form_url') || MyURL($q);
        my $next_url = $q->param('next_url') ||
                MakeURL(MyURL($q), {
                        logout=>'',
                        refresh=>NextRefresh(),
                });
        $s->{header_sent}=1;

        UniqueFormStart($s, $next_url);

        print Template({ PAGE => 'login', ELEMENT => 'login' });

        foreach($q->param) {
                if(/^(next_url|form_id|form_url|login_.*)$/ ) { next; }
                if(defined ($q->url_param($_))) { next; }
                print "<INPUT TYPE=\"hidden\" NAME=\"$_\" VALUE=\"" .
                        $q->param($_) . "\">\n";
        }

        UniqueFormEnd($s, $form_url, $next_url);

        print Template({ PAGE => 'login', ELEMENT => 'footer' });

        exit;
}

sub AuthConnect($$$$) {
        my $s = shift;
        my $q = $s->{cgi};
        my $user = shift;
        my $cookie = shift;
        my $ticket_value = shift;

        my $pass;
        my $dbh;

        # logout
        if($q->url_param('logout')) {
                my $ticket = $q->cookie(-name=>$s->{ticket_name});
                Auth_ClearTicket($s, $ticket) if $ticket;
                Auth_Login($s);
        }

        # check Ticket
        my $c = $q->cookie(-name=>$s->{ticket_name});
        
        # if ticket from cookie fails try ticket from param
        unless($c){
                $c = $q->param("ticket");
        }
        
        $$ticket_value=$c;
        if(defined $c and Auth_GetTicket($s, $c, $user, \$pass)) {
                # ticket authentication successfull
                return DB_Connect($$user, $pass);
        }

        # login response
        if(defined $q->param('login_user') or defined $q->url_param('user')) {
                $$user = $q->param('login_user');
                $$user = $q->url_param('user') unless defined $$user;
                $pass = $q->param('login_pass');
                $pass = 'anonymous' unless defined $pass;

                if(defined ($dbh = DB_Connect($$user, $pass))) {
                        # user/pass authentication successfull
                        my $ticket=Auth_SetTicket($s, $$user, $pass);
                        $$cookie=$q->cookie(-name=>$s->{ticket_name},
                                -value=>$ticket, -path=>$s->{path});
                        return $dbh;
                }
                else {
                        # login failed
                        print $q->header;
                        print Template({ PAGE => 'auth_error', TITLE => 'Authentication Error', ELEMENT => 'header' });
                        print Template({ PAGE => 'auth_error', TITLE => 'Authentication Error', ELEMENT => 'header2' });
                        print Template({ PAGE => 'auth_error', URL=>MyURL($q), ELEMENT => 'auth_error' });
                        print Template({ PAGE => 'auth_error', ELEMENT => 'footer' });
                        exit;
                }
        }

        # no login, no ticket -> login
        Auth_Login($s);
}

1;
1	dpavlin	1	# Gedafe, the Generic Database Frontend
2			# copyright (c) 2000-2003 ETH Zurich
3			# see http://isg.ee.ethz.ch/tools/gedafe/
4
5			# released under the GNU General Public License
6
7			package Gedafe::Auth;
8			use strict;
9			use Gedafe::Util qw(
10			ConnectToTicketsDaemon
11			MakeURL
12			MyURL
13			Template
14			UniqueFormStart
15			UniqueFormEnd
16			NextRefresh
17			);
18			use Gedafe::Global qw(%g);
19			use Gedafe::DB qw(DB_Connect);
20
21			use vars qw(@ISA @EXPORT_OK);
22			require Exporter;
23			@ISA = qw(Exporter);
24			@EXPORT_OK = qw(AuthConnect);
25
26			sub Auth_GetTicket($$$$) {
27			my $s = shift;
28			my $ticket = shift;
29			my $user = shift;
30			my $pass = shift;
31			my $socket = ConnectToTicketsDaemon($s);
32			print $socket "SITE $s->{path}/$s->{script}\n";
33			<$socket>;
34			print $socket "GET $ticket\n";
35			$_ = <$socket>;
36			close($socket);
37			chomp;
38			if(! /^OK ([^ ]+) (.+)$/) {
39			return 0;
40			}
41			$$user = $1;
42			$$pass = $2;
43			return 1;
44			}
45
46			sub Auth_ClearTicket($$) {
47			my $s = shift;
48			my $ticket = shift;
49			my $socket = ConnectToTicketsDaemon($s);
50			print $socket "SITE $s->{path}/$s->{script}\n";
51			<$socket>;
52			print $socket "CLEAR $ticket\n";
53			<$socket>;
54			close($socket);
55			}
56
57			sub Auth_SetTicket($$$) {
58			my $s = shift;
59			my $user = shift;
60			my $pass = shift;
61			my $socket = ConnectToTicketsDaemon($s);
62			print $socket "SITE $s->{path}/$s->{script}\n";
63			<$socket>;
64			print $socket "SET $user $pass\n";
65			my $ticket = <$socket>;
66			close($socket);
67			chomp $ticket;
68			return $ticket;
69			}
70
71			sub Auth_Login($)
72			{
73			my $s = shift;
74			my $q = $s->{cgi};
75
76			print $q->header;
77			$s->{http_header_sent}=1;
78			print Template({ PAGE => 'login', ELEMENT => 'header' });
79			my $form_url = $q->param('form_url') \|\| MyURL($q);
80			my $next_url = $q->param('next_url') \|\|
81			MakeURL(MyURL($q), {
82			logout=>'',
83			refresh=>NextRefresh(),
84			});
85			$s->{header_sent}=1;
86
87			UniqueFormStart($s, $next_url);
88
89			print Template({ PAGE => 'login', ELEMENT => 'login' });
90
91			foreach($q->param) {
92			if(/^(next_url\|form_id\|form_url\|login_.*)$/ ) { next; }
93			if(defined ($q->url_param($_))) { next; }
94			print "<INPUT TYPE=\"hidden\" NAME=\"$_\" VALUE=\"" .
95			$q->param($_) . "\">\n";
96			}
97
98			UniqueFormEnd($s, $form_url, $next_url);
99
100			print Template({ PAGE => 'login', ELEMENT => 'footer' });
101
102			exit;
103			}
104
105			sub AuthConnect($$$$) {
106			my $s = shift;
107			my $q = $s->{cgi};
108			my $user = shift;
109			my $cookie = shift;
110			my $ticket_value = shift;
111
112			my $pass;
113			my $dbh;
114
115			# logout
116			if($q->url_param('logout')) {
117			my $ticket = $q->cookie(-name=>$s->{ticket_name});
118			Auth_ClearTicket($s, $ticket) if $ticket;
119			Auth_Login($s);
120			}
121
122			# check Ticket
123			my $c = $q->cookie(-name=>$s->{ticket_name});
124
125			# if ticket from cookie fails try ticket from param
126			unless($c){
127			$c = $q->param("ticket");
128			}
129
130			$$ticket_value=$c;
131			if(defined $c and Auth_GetTicket($s, $c, $user, \$pass)) {
132			# ticket authentication successfull
133			return DB_Connect($$user, $pass);
134			}
135
136			# login response
137			if(defined $q->param('login_user') or defined $q->url_param('user')) {
138			$$user = $q->param('login_user');
139			$$user = $q->url_param('user') unless defined $$user;
140			$pass = $q->param('login_pass');
141			$pass = 'anonymous' unless defined $pass;
142
143			if(defined ($dbh = DB_Connect($$user, $pass))) {
144			# user/pass authentication successfull
145			my $ticket=Auth_SetTicket($s, $$user, $pass);
146			$$cookie=$q->cookie(-name=>$s->{ticket_name},
147			-value=>$ticket, -path=>$s->{path});
148			return $dbh;
149			}
150			else {
151			# login failed
152			print $q->header;
153			print Template({ PAGE => 'auth_error', TITLE => 'Authentication Error', ELEMENT => 'header' });
154			print Template({ PAGE => 'auth_error', TITLE => 'Authentication Error', ELEMENT => 'header2' });
155			print Template({ PAGE => 'auth_error', URL=>MyURL($q), ELEMENT => 'auth_error' });
156			print Template({ PAGE => 'auth_error', ELEMENT => 'footer' });
157			exit;
158			}
159			}
160
161			# no login, no ticket -> login
162			Auth_Login($s);
163			}
164
165			1;