perl/Gedafe/Auth.pm

# Gedafe, the Generic Database Frontend
# copyright (c) 2000-2003 ETH Zurich
# see http://isg.ee.ethz.ch/tools/gedafe/

# released under the GNU General Public License

package Gedafe::Auth;
use strict;
use Gedafe::Util qw(
        ConnectToTicketsDaemon
        MakeURL
        MyURL
        Template
        UniqueFormStart
        UniqueFormEnd
        NextRefresh
);
use Gedafe::Global qw(%g);
use Gedafe::DB qw(DB_Connect);

use vars qw(@ISA @EXPORT_OK);
require Exporter;
@ISA       = qw(Exporter);
@EXPORT_OK = qw(AuthConnect);

sub Auth_GetTicket($$$$) {
        my $s = shift;
        my $ticket = shift;
        my $user = shift;
        my $pass = shift;
        my $socket = ConnectToTicketsDaemon($s);
        print $socket "SITE $s->{path}/$s->{script}\n";
        <$socket>;
        print $socket "GET $ticket\n";
        $_ = <$socket>;
        close($socket);
        chomp;
        if(! /^OK ([^ ]+) (.+)$/) {
                return 0;
        }
        $$user = $1;
        $$pass = $2;
        return 1;
}

sub Auth_ClearTicket($$) {
        my $s = shift;
        my $ticket = shift;
        my $socket = ConnectToTicketsDaemon($s);
        print $socket "SITE $s->{path}/$s->{script}\n";
        <$socket>;
        print $socket "CLEAR $ticket\n";
        <$socket>;
        close($socket);
}

sub Auth_SetTicket($$$) {
        my $s = shift;
        my $user = shift;
        my $pass = shift;
        my $socket = ConnectToTicketsDaemon($s);
        print $socket "SITE $s->{path}/$s->{script}\n";
        <$socket>;
        print $socket "SET $user $pass\n";
        my $ticket = <$socket>;
        close($socket);
        chomp $ticket;
        return $ticket;
}

sub Auth_Login($)
{
        my $s = shift;
        my $q = $s->{cgi};

        print $q->header;
        $s->{http_header_sent}=1;
        print Template({ PAGE => 'login', ELEMENT => 'header' });
        my $form_url = $q->param('form_url') || MyURL($q);
        my $next_url = $q->param('next_url') ||
                MakeURL(MyURL($q), {
                        logout=>'',
                        refresh=>NextRefresh(),
                });
        $s->{header_sent}=1;

        UniqueFormStart($s, $next_url);

        print Template({ PAGE => 'login', ELEMENT => 'login' });

        foreach($q->param) {
                if(/^(next_url|form_id|form_url|login_.*)$/ ) { next; }
                if(defined ($q->url_param($_))) { next; }
                print "<INPUT TYPE=\"hidden\" NAME=\"$_\" VALUE=\"" .
                        $q->param($_) . "\">\n";
        }

        UniqueFormEnd($s, $form_url, $next_url);

        print Template({ PAGE => 'login', ELEMENT => 'footer' });

        exit;
}

sub AuthConnect($$$$) {
        my $s = shift;
        my $q = $s->{cgi};
        my $user = shift;
        my $cookie = shift;
        my $ticket_value = shift;

        my $pass;
        my $dbh;

        # logout
        if($q->url_param('logout')) {
                my $ticket = $q->cookie(-name=>$s->{ticket_name});
                Auth_ClearTicket($s, $ticket) if $ticket;
                Auth_Login($s);
        }

        # check Ticket
        my $c = $q->cookie(-name=>$s->{ticket_name});
        
        # if ticket from cookie fails try ticket from param
        unless($c){
                $c = $q->param("ticket");
        }
        
        $$ticket_value=$c;
        if(defined $c and Auth_GetTicket($s, $c, $user, \$pass)) {
                # ticket authentication successfull
                return DB_Connect($$user, $pass);
        }

        # login response
        if(defined $q->param('login_user') or defined $q->url_param('user')) {
                $$user = $q->param('login_user');
                $$user = $q->url_param('user') unless defined $$user;
                $pass = $q->param('login_pass');
                $pass = 'anonymous' unless defined $pass;

                if(defined ($dbh = DB_Connect($$user, $pass))) {
                        # user/pass authentication successfull
                        my $ticket=Auth_SetTicket($s, $$user, $pass);
                        $$cookie=$q->cookie(-name=>$s->{ticket_name},
                                -value=>$ticket, -path=>$s->{path});
                        return $dbh;
                }
                else {
                        # login failed
                        print $q->header;
                        print Template({ PAGE => 'auth_error', TITLE => 'Authentication Error', ELEMENT => 'header' });
                        print Template({ PAGE => 'auth_error', TITLE => 'Authentication Error', ELEMENT => 'header2' });
                        print Template({ PAGE => 'auth_error', URL=>MyURL($q), ELEMENT => 'auth_error' });
                        print Template({ PAGE => 'auth_error', ELEMENT => 'footer' });
                        exit;
                }
        }

        # no login, no ticket -> login
        Auth_Login($s);
}

1;
1	# Gedafe, the Generic Database Frontend
2	# copyright (c) 2000-2003 ETH Zurich
3	# see http://isg.ee.ethz.ch/tools/gedafe/
4
5	# released under the GNU General Public License
6
7	package Gedafe::Auth;
8	use strict;
9	use Gedafe::Util qw(
10	ConnectToTicketsDaemon
11	MakeURL
12	MyURL
13	Template
14	UniqueFormStart
15	UniqueFormEnd
16	NextRefresh
17	);
18	use Gedafe::Global qw(%g);
19	use Gedafe::DB qw(DB_Connect);
20
21	use vars qw(@ISA @EXPORT_OK);
22	require Exporter;
23	@ISA = qw(Exporter);
24	@EXPORT_OK = qw(AuthConnect);
25
26	sub Auth_GetTicket($$$$) {
27	my $s = shift;
28	my $ticket = shift;
29	my $user = shift;
30	my $pass = shift;
31	my $socket = ConnectToTicketsDaemon($s);
32	print $socket "SITE $s->{path}/$s->{script}\n";
33	<$socket>;
34	print $socket "GET $ticket\n";
35	$_ = <$socket>;
36	close($socket);
37	chomp;
38	if(! /^OK ([^ ]+) (.+)$/) {
39	return 0;
40	}
41	$$user = $1;
42	$$pass = $2;
43	return 1;
44	}
45
46	sub Auth_ClearTicket($$) {
47	my $s = shift;
48	my $ticket = shift;
49	my $socket = ConnectToTicketsDaemon($s);
50	print $socket "SITE $s->{path}/$s->{script}\n";
51	<$socket>;
52	print $socket "CLEAR $ticket\n";
53	<$socket>;
54	close($socket);
55	}
56
57	sub Auth_SetTicket($$$) {
58	my $s = shift;
59	my $user = shift;
60	my $pass = shift;
61	my $socket = ConnectToTicketsDaemon($s);
62	print $socket "SITE $s->{path}/$s->{script}\n";
63	<$socket>;
64	print $socket "SET $user $pass\n";
65	my $ticket = <$socket>;
66	close($socket);
67	chomp $ticket;
68	return $ticket;
69	}
70
71	sub Auth_Login($)
72	{
73	my $s = shift;
74	my $q = $s->{cgi};
75
76	print $q->header;
77	$s->{http_header_sent}=1;
78	print Template({ PAGE => 'login', ELEMENT => 'header' });
79	my $form_url = $q->param('form_url') \|\| MyURL($q);
80	my $next_url = $q->param('next_url') \|\|
81	MakeURL(MyURL($q), {
82	logout=>'',
83	refresh=>NextRefresh(),
84	});
85	$s->{header_sent}=1;
86
87	UniqueFormStart($s, $next_url);
88
89	print Template({ PAGE => 'login', ELEMENT => 'login' });
90
91	foreach($q->param) {
92	if(/^(next_url\|form_id\|form_url\|login_.*)$/ ) { next; }
93	if(defined ($q->url_param($_))) { next; }
94	print "<INPUT TYPE=\"hidden\" NAME=\"$_\" VALUE=\"" .
95	$q->param($_) . "\">\n";
96	}
97
98	UniqueFormEnd($s, $form_url, $next_url);
99
100	print Template({ PAGE => 'login', ELEMENT => 'footer' });
101
102	exit;
103	}
104
105	sub AuthConnect($$$$) {
106	my $s = shift;
107	my $q = $s->{cgi};
108	my $user = shift;
109	my $cookie = shift;
110	my $ticket_value = shift;
111
112	my $pass;
113	my $dbh;
114
115	# logout
116	if($q->url_param('logout')) {
117	my $ticket = $q->cookie(-name=>$s->{ticket_name});
118	Auth_ClearTicket($s, $ticket) if $ticket;
119	Auth_Login($s);
120	}
121
122	# check Ticket
123	my $c = $q->cookie(-name=>$s->{ticket_name});
124
125	# if ticket from cookie fails try ticket from param
126	unless($c){
127	$c = $q->param("ticket");
128	}
129
130	$$ticket_value=$c;
131	if(defined $c and Auth_GetTicket($s, $c, $user, \$pass)) {
132	# ticket authentication successfull
133	return DB_Connect($$user, $pass);
134	}
135
136	# login response
137	if(defined $q->param('login_user') or defined $q->url_param('user')) {
138	$$user = $q->param('login_user');
139	$$user = $q->url_param('user') unless defined $$user;
140	$pass = $q->param('login_pass');
141	$pass = 'anonymous' unless defined $pass;
142
143	if(defined ($dbh = DB_Connect($$user, $pass))) {
144	# user/pass authentication successfull
145	my $ticket=Auth_SetTicket($s, $$user, $pass);
146	$$cookie=$q->cookie(-name=>$s->{ticket_name},
147	-value=>$ticket, -path=>$s->{path});
148	return $dbh;
149	}
150	else {
151	# login failed
152	print $q->header;
153	print Template({ PAGE => 'auth_error', TITLE => 'Authentication Error', ELEMENT => 'header' });
154	print Template({ PAGE => 'auth_error', TITLE => 'Authentication Error', ELEMENT => 'header2' });
155	print Template({ PAGE => 'auth_error', URL=>MyURL($q), ELEMENT => 'auth_error' });
156	print Template({ PAGE => 'auth_error', ELEMENT => 'footer' });
157	exit;
158	}
159	}
160
161	# no login, no ticket -> login
162	Auth_Login($s);
163	}
164
165	1;