OpenPKG CVS Repository
http://cvs.openpkg.org/
____________________________________________________________________________
Server: cvs.openpkg.org Name: Thomas Lotterer
Root: /v/openpkg/cvs Email: [EMAIL PROTECTED]
Module: openpkg-registry Date: 07-Feb-2006 22:09:20
Branch: HEAD Handle: 2006020721091900
Modified files:
openpkg-registry registry-ui.pl
Log:
implement and cleanup other authentication schemes; more robust
session handling
Summary:
Revision Changes Path
1.51 +81 -61 openpkg-registry/registry-ui.pl
____________________________________________________________________________
patch -p0 <<'@@ .'
Index: openpkg-registry/registry-ui.pl
============================================================================
$ cvs diff -u -r1.50 -r1.51 registry-ui.pl
--- openpkg-registry/registry-ui.pl 29 Nov 2005 20:17:18 -0000 1.50
+++ openpkg-registry/registry-ui.pl 7 Feb 2006 21:09:19 -0000 1.51
@@ -87,8 +87,8 @@
# create objects
my $cgi = new CGI;
my $myurl = $cgi->url(-relative => 1) || ".";
-my $requestedpage = $cgi->url_param("page");
-$requestedpage = $cfg->{page}->{default} if (not defined $requestedpage);
+my $sid = $cgi->cookie("registry-sid") || undef;
+my $requestedpage = $cgi->url_param("page") || $cfg->{page}->{default};
$cgi->delete(-name=>'page');
my $out = undef;
@@ -174,7 +174,7 @@
$session = undef;
CGI::Session->name("registry-sid");
$session = new CGI::Session(
- "driver:sqlite;serializer:Storable;id:uuid", $cgi, { Handle => $dbs,
TableName => 'session' }
+ "driver:sqlite;serializer:Storable;id:uuid", $sid, { Handle => $dbs,
TableName => 'session' }
);
if (not defined $session) {
&printprettyerror("Session handling failed", "");
@@ -213,7 +213,7 @@
#
if ($requestedpage eq "login") {
$out = '';
- $out .= &viewhttplogin("association");
+ $out .= &viewhttp();
$out .= &viewhtmlhead(-menu);
$out .= &viewlogin();
$out .= &viewhtmltail();
@@ -221,7 +221,10 @@
}
elsif ($requestedpage eq "logout") {
$out = '';
+ $out .= &viewhttp();
+ $out .= &viewhtmlhead(-menu);
$out .= &viewlogout();
+ $out .= &viewhtmltail();
print STDOUT &canvas($out);
}
elsif ($requestedpage eq "asecomeback") {
@@ -328,30 +331,12 @@
$username = &identifyusername();
if (not defined $username or $username eq '') {
if ($cfg->{identification}->{mode} eq "ase") {
- $header->{redirect} = $cgi->redirect(-uri => $ase->url(-action
=> "login", -mode_during => "ase", -mode_after => "association"));
+ $header->{redirect} = $cgi->redirect(-uri => $ase->url(-action
=> "login", -mode_during => "ase", -mode_after => $page));
}
}
return $cgi->header($header);
}
-sub viewhttplogin($)
-{
- my ($page) = @_;
- my ($header, $username);
-
- $header = &httpheader();
-
- $username = $cgi->param("username");
- $header->{cookie} = $cgi->cookie(
- -name => 'username',
- -value => $username,
- -expires => '+3600s',
- -path => '/'
- );
- $header->{redirect} = $cgi->redirect("?page=$page");
- return $cgi->header($header);
-}
-
sub viewhtmlhead (;$)
{
my ($menu) = @_;
@@ -360,6 +345,9 @@
$head .= "<html>\n";
$head .= " <head>\n";
$head .= " <link rel=\"stylesheet\" type=\"text/css\"
href=\"$myurl?page=css\"/>\n";
+ if ($cfg->{identification}->{mode} eq "ase") {
+ $head .= $ase->canvas(-part => "head") . "\n";
+ }
$head .= &printjscheckallboxes();
$head .= " </head>\n";
$head .= " <body class=\"registry\"><div class=\"registry\">\n";
@@ -377,44 +365,48 @@
$head .= " </tr>\n";
$head .= " <tr>\n";
$head .= " <td colspan=\"" . $td . "\">\n";
- $head .= &prettyauthinfo;
+ $head .= &prettyauthinfo("fancy");
$head .= " </td>\n";
$head .= " </tr>\n";
$head .= " </table>\n";
}
- if ($cfg->{identification}->{mode} eq "ase") {
- $head .= $ase->canvas(-part => "head") . "\n";
- }
return $head;
}
-sub prettyauthinfo ()
+sub prettyauthinfo ($)
{
- my ($html, $username);
- $html = "";
+ my ($mode) = @_;
+ my ($boldon, $boldoff, $text, $username);
+
+ ($boldon, $boldoff) = '';
+ ($boldon, $boldoff) = ('<b>', '</b>') if ($mode eq 'fancy');
+
+ $text = "";
+
$username = &identifyusername();
if ($username ne "") {
- $html .= "authenticated as <b>" . $username . "</b> ";
+ $text .= "authenticated as " . $boldon . $username . $boldoff;
}
else {
- $html .= "you are <b>not authenticated</b>\n";
+ $text .= "you are " . $boldon . "not authenticated" . $boldoff;
}
+
if ($cfg->{identification}->{mode} eq "ase") {
- $html .= " via ase login";
+ $text .= " via ase login";
}
elsif ($cfg->{identification}->{mode} eq "basicauth") {
- $html .= " via basic authentication";
+ $text .= " via basic authentication";
}
elsif ($cfg->{identification}->{mode} eq "naive") {
- $html .= " via naive input";
+ $text .= " via naive input";
}
elsif ($cfg->{identification}->{mode} eq "constant") {
- $html .= " via constant setting";
+ $text .= " via constant setting";
}
else {
- $html .= " through magic";
+ $text .= " through magic";
}
- return $html;
+ return $text;
}
sub viewhtmltail ()
@@ -434,11 +426,11 @@
}
if ($cfg->{status}->{showuser}) {
$msg .= ($msg ? " | " : "" );
- $msg .= &prettyauthinfo;
+ $msg .= &prettyauthinfo('dumb');
}
if ($cfg->{status}->{showsid}) {
$msg .= ($msg ? " | " : "" );
- $msg .= "sid=" . $session->id;
+ $msg .= "sid=" . ( defined $session ? $session->id : "undef" );
}
if ($msg) {
$html .= "<p/>\n";
@@ -1052,7 +1044,7 @@
}
return $html if ($html);
- $header->{redirect} = $cgi->redirect(-uri => "$myurl?page=association");
+ $header->{redirect} = $cgi->redirect(-uri => "$myurl?page=login");
return $cgi->header($header);
}
@@ -1094,10 +1086,32 @@
sub viewlogin()
{
my ($html, $username);
-
$html = '';
+
+ if ($cfg->{identification}->{mode} eq "ase") {
+ # nop
+ }
+ elsif ($cfg->{identification}->{mode} eq "basicauth") {
+ # nop
+ }
+ elsif ($cfg->{identification}->{mode} eq "naive") {
+ $session->param('username', $cgi->param("username"));
+ }
+ elsif ($cfg->{identification}->{mode} eq "constant") {
+ # nop
+ }
+ else {
+ # nop, misconfigured
+ }
+
$username = &identifyusername();
- $html .= "Welcome, <b>$username</b><br>\n";
+ if ($username ne "") {
+ $html .= "<h2>Login successful</h2>\n";
+ $html .= "Welcome,<br>\n" . $username . "<br>\n";
+ }
+ else {
+ $html .= "<h2>Login failed</h2>\n";
+ }
return $html;
}
@@ -1107,7 +1121,7 @@
$html = '';
$html .= '<td>';
if ($cfg->{identification}->{mode} eq "ase") {
- $html .= $cgi->start_form(-action => $ase->url(-action => "logout",
-mode_during => "ase", -mode_after => "asecomeback"));
+ $html .= $cgi->start_form(-action => $ase->url(-action => "logout",
-mode_during => "ase", -mode_after => "logout"));
$html .= "<div>" . $cgi->submit('submit','logout') . "</div>";
$html .= $cgi->end_form;
}
@@ -1131,23 +1145,29 @@
sub viewlogout()
{
- my ($header, $cookie, $redirect);
- $header = {};
- $cookie = $cgi->cookie(
- -name => 'username',
- -value => ' ',
- -expires => 1,
- -path => '/'
- );
- $redirect = $cgi->redirect(
- -uri => $myurl
- );
+ my ($html);
+ $html = '';
- $header = {
- -redirect => $redirect,
- -cookie => $cookie
- };
- return $cgi->redirect($header);
+ if ($cfg->{identification}->{mode} eq "ase") {
+ # nop
+ }
+ elsif ($cfg->{identification}->{mode} eq "basicauth") {
+ # nop
+ }
+ elsif ($cfg->{identification}->{mode} eq "naive") {
+ $session->clear('username');
+ }
+ elsif ($cfg->{identification}->{mode} eq "constant") {
+ # nop
+ }
+ else {
+ # nop, misconfigured
+ }
+
+ $session->delete();
+ $session = undef;
+ $html .= "<h2>Logout completed</h2>\n";
+ return $html;
}
sub viewdropxmlform()
@@ -1779,7 +1799,7 @@
$username = $ENV{'REMOTE_USER'};
}
elsif ($cfg->{identification}->{mode} eq "naive") {
- $username = $cgi->cookie("username");
+ $username = $session->param('username') if ($session);
}
elsif ($cfg->{identification}->{mode} eq "constant") {
$username = $cfg->{identification}->{default};
@@ .
______________________________________________________________________
The OpenPKG Project www.openpkg.org
CVS Repository Commit List [email protected]
