]> code.citadel.org Git - citadel.git/blobdiff - webcit/auth.c
minor comments cleanup
[citadel.git] / webcit / auth.c
index cb2917b673572a0e4aa45b532cbb4328608a0b0f..5cf1a85d91e8c4bf93b12311a6116888b1b54499 100644 (file)
@@ -1,12 +1,12 @@
 /*
- * WebcitAuth; Handles authentication of users to a Citadel server.
+ * These functions handle authentication of users to a Citadel server.
  *
- * Copyright (c) 1996-2010 by the citadel.org team
+ * Copyright (c) 1996-2011 by the citadel.org team
  *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
+ * This program is open source software.  You can redistribute it and/or
+ * modify it under the terms of the GNU General Public License as
+ * published by the Free Software Foundation; either version 3 of the
+ * License, or (at your option) any later version.
  *
  * This program is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
@@ -15,7 +15,7 @@
  *
  * You should have received a copy of the GNU General Public License
  * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
  */
 
 #include "webcit.h"
@@ -73,20 +73,6 @@ void display_login(void)
 
 
 
-/* 
- * Display the openid-enabled login screen
- * mesg = the error message if last attempt failed.
- */
-void display_openid_login(char *mesg)
-{
-  begin_burst();
-  output_headers(1, 0, 0, 0, 1, 0);
-  do_template("openid_login", NULL);
-  end_burst();
-}
-
-
-
 
 /* Initialize the session
  *
@@ -155,93 +141,51 @@ void become_logged_in(const StrBuf *user, const StrBuf *pass, StrBuf *serv_respo
 
 
 /* 
- * Perform authentication using a user name and password
+ * modal/ajax version of 'login' (username and password)
  */
-void do_login(void)
-{
-       wcsession *WCC = WC;
-       StrBuf *Buf;
-       long ret, rc;
-
-       if (havebstr("language")) {
-               set_selected_language(bstr("language"));
-               go_selected_language();
-       }
+void ajax_login_username_password(void) {
+       StrBuf *Buf = NewStrBuf();
 
-       if (havebstr("exit_action")) {
-               do_logout();
-               return;
-       }
-       Buf = NewStrBuf();
-       if (havebstr("login_action")) {
-               serv_printf("USER %s", bstr("name"));
+       serv_printf("USER %s", bstr("name"));
+       StrBuf_ServGetln(Buf);
+       if (GetServerStatus(Buf, NULL) == 3) {
+               serv_printf("PASS %s", bstr("pass"));
                StrBuf_ServGetln(Buf);
-               rc = GetServerStatus(Buf, &ret);
-               StrBufCutLeft(Buf, 4);
-               switch (rc) {
-               case 3:
-                       serv_printf("PASS %s", bstr("pass"));
-                       StrBuf_ServGetln(Buf);
-                       if (GetServerStatus(Buf, NULL) == 2) {
-                               become_logged_in(sbstr("name"), sbstr("pass"), Buf);
-                       } else {
-                               StrBufCutLeft(Buf, 4);
-                               AppendImportantMessage(SKEY(Buf));
-                               display_login();
-                               FreeStrBuf(&Buf);
-                               return;
-                       }
-                       break;
-               case 5:
-                       if (ret == 541)
-                       {
-                               AppendImportantMessage(SKEY(Buf));
-                               display_main_menu();
-                               return;
-                       }
-               default:
-                       AppendImportantMessage(SKEY(Buf));
-                       display_login();
-                       FreeStrBuf(&Buf);
-                       return;
+               if (GetServerStatus(Buf, NULL) == 2) {
+                       become_logged_in(sbstr("name"), sbstr("pass"), Buf);
                }
        }
-       if (havebstr("newuser_action")) {
-               if (!havebstr("pass")) {
-                       AppendImportantMessage(_("Blank passwords are not allowed."), -1);
-                       display_login();
-                       FreeStrBuf(&Buf);
-                       return;
-               }
-               serv_printf("NEWU %s", bstr("name"));
+
+       /* The client is expecting to read back a citadel protocol response */
+       wc_printf("%s", ChrPtr(Buf));
+       FreeStrBuf(&Buf);
+}
+
+
+
+/* 
+ * modal/ajax version of 'new user' (username and password)
+ */
+void ajax_login_newuser(void) {
+       StrBuf *Buf = NewStrBuf();
+
+       serv_printf("NEWU %s", bstr("name"));
+       StrBuf_ServGetln(Buf);
+       if (GetServerStatus(Buf, NULL) == 2) {
+               serv_printf("SETP %s", bstr("pass"));
                StrBuf_ServGetln(Buf);
                if (GetServerStatus(Buf, NULL) == 2) {
                        become_logged_in(sbstr("name"), sbstr("pass"), Buf);
-                       serv_printf("SETP %s", bstr("pass"));
-                       StrBuf_ServGetln(Buf); /* Don't care? */
-               } else {
-                       StrBufCutLeft(Buf, 4);
-                       AppendImportantMessage(SKEY(Buf));
-                       display_login();
-                       FreeStrBuf(&Buf);
-                       return;
-               }
-       }
-       if (WCC->logged_in) {
-               if (WCC->need_regi) {
-                       display_reg(1);
-               } else if (WCC->need_vali) {
-                       validate();
-               } else {
-                       do_welcome();
                }
-       } else {
-               AppendImportantMessage(_("Your password was not accepted."), -1);
-               display_login();
        }
+
+       /* The client is expecting to read back a citadel protocol response */
+       wc_printf("%s", ChrPtr(Buf));
        FreeStrBuf(&Buf);
 }
 
+
+
 /* 
  * Try to create an account manually after an OpenID was verified
  */
@@ -302,40 +246,30 @@ void do_openid_login(void)
 {
        char buf[4096];
 
-       if (havebstr("language")) {
-               set_selected_language(bstr("language"));
-               go_selected_language();
-       }
+       snprintf(buf, sizeof buf,
+               "OIDS %s|%s/finalize_openid_login|%s",
+               bstr("openid_url"),
+               ChrPtr(site_prefix),
+               ChrPtr(site_prefix)
+       );
 
-       if (havebstr("exit_action")) {
-               do_logout();
+       serv_puts(buf);
+       serv_getln(buf, sizeof buf);
+       if (buf[0] == '2') {
+               syslog(LOG_DEBUG, "OpenID server contacted; redirecting to %s\n", &buf[4]);
+               http_redirect(&buf[4]);
                return;
        }
-       if (havebstr("login_action")) {
-               snprintf(buf, sizeof buf,
-                       "OIDS %s|%s/finalize_openid_login|%s",
-                       bstr("openid_url"),
-                       ChrPtr(site_prefix),
-                       ChrPtr(site_prefix)
-               );
 
-               serv_puts(buf);
-               serv_getln(buf, sizeof buf);
-               if (buf[0] == '2') {
-                       lprintf(CTDL_DEBUG, "OpenID server contacted; redirecting to %s\n", &buf[4]);
-                       http_redirect(&buf[4]);
-                       return;
-               }
-               else {
-                       display_openid_login(&buf[4]);
-                       return;
-               }
-       }
-
-       /* If we get to this point then something failed. */
-       display_openid_login(_("Your password was not accepted."));
+       begin_burst();
+       output_headers(1, 0, 0, 0, 1, 0);
+       wc_printf("<html><body>");
+       escputs(&buf[4]);
+       wc_printf("</body></html>");
+       end_burst();
 }
 
+
 /* 
  * Complete the authentication using OpenID
  * This function handles the positive or negative assertion from the user's Identity Provider
@@ -404,7 +338,8 @@ void finalize_openid_login(void)
                }
        }
 
-       /* If we were already logged in, this was an attempt to associate an OpenID account */
+       /* If we were already logged in, this was an attempt to associate an OpenID account 
+       FIXME put this back in
        if (already_logged_in) {
                display_openids();
                FreeStrBuf(&result);
@@ -414,6 +349,7 @@ void finalize_openid_login(void)
                FreeStrBuf(&logged_in_response);
                return;
        }
+       */
 
        /* If this operation logged us in, either by connecting with an existing account or by
         * auto-creating one using Simple Registration Extension, we're already on our way.
@@ -426,6 +362,9 @@ void finalize_openid_login(void)
         * or conflicts with an existing user.  Either way the user will need to specify a new name.
         */
 
+/*
+ * FIXME make this work again!!!!
+ *
        else if (!strcasecmp(ChrPtr(result), "verify_only")) {
                putbstr("__claimed_id", claimed_id);
                claimed_id = NULL;
@@ -437,16 +376,30 @@ void finalize_openid_login(void)
                do_template("openid_manual_create", NULL);
                end_burst();
        }
+*/
+
+
 
        /* Did we manage to log in?  If so, continue with the normal flow... */
-       else if (WC->logged_in) {
+       if (WC->logged_in) {
+               begin_burst();
+               output_headers(1, 0, 0, 0, 1, 0);
+               do_template("authpopup_finished", NULL);
+               end_burst();
+
+               /* FIXME make this work again.  Maybe put it in authpopup_finished?
                if (WC->need_regi) {
                        display_reg(1);
-               } else {
-                       do_welcome();
                }
+               */
+
        } else {
-               display_openid_login(_("Your password was not accepted."));
+               begin_burst();
+               output_headers(1, 0, 0, 0, 1, 0);
+               wc_printf("<html><body>");
+               wc_printf(_("An error has occurred."));         /* FIXME do something prettier here */
+               wc_printf("</body></html>");
+               end_burst();
        }
 
        FreeStrBuf(&result);
@@ -518,7 +471,7 @@ void do_welcome(void)
        if (StrLength(Buf) == 0) {
                StrBufAppendBufPlain(Buf, "dotgoto?room=_BASEROOM_", -1, 0);
        }
-       lprintf(9, "Redirecting to user's start page: %s\n", ChrPtr(Buf));
+       syslog(9, "Redirecting to user's start page: %s\n", ChrPtr(Buf));
        http_redirect(ChrPtr(Buf));
 }
 
@@ -543,14 +496,20 @@ void do_logout(void)
 
        FlushStrBuf(WCC->wc_username);
        FlushStrBuf(WCC->wc_password);
-       FlushStrBuf(WCC->CurRoom.name);
        FlushStrBuf(WCC->wc_fullname);
 
-       /* FIXME: this is to suppress the iconbar displaying, because we aren't
-          actually logged out yet */
+       serv_puts("LOUT");
+       serv_getln(buf, sizeof buf);
        WCC->logged_in = 0;
 
-       /** Calling output_headers() this way causes the cookies to be un-set */
+       if (WC->serv_info->serv_supports_guest) {
+               display_default_landing_page();
+               return;
+       }
+
+       FlushStrBuf(WCC->CurRoom.name);
+
+       /* Calling output_headers() this way causes the cookies to be un-set */
        output_headers(1, 1, 0, 1, 0, 0);
 
        wc_printf("<div id=\"logout_screen\">");
@@ -582,16 +541,6 @@ void do_logout(void)
                "<span class=\"button_link\"><a href=\".\">");
        wc_printf(_("Log in again"));
        wc_printf("</a></span>");
-
-       /* The "close window" link is commented out because some browsers don't
-        * allow it to work.
-        *
-       wc_printf("&nbsp;&nbsp;&nbsp;<span class=\"button_link\">"
-               "<a href=\"javascript:window.close();\">");
-       wc_printf(_("Close window"));
-       wc_printf("</a></span>");
-        */
-
        wc_printf("</div></div></div>\n");
        wDumpContent(2);
        end_webcit_session();
@@ -645,8 +594,7 @@ void validate(void)
                return;
        }
 
-       wc_printf("<div class=\"fix_scrollbar_bug\">"
-               "<table class=\"auth_validate\"><tr><td>\n");
+       wc_printf("<table class=\"auth_validate\"><tr><td>\n");
        wc_printf("<div id=\"validate\">");
 
        safestrncpy(user, &buf[4], sizeof user);
@@ -714,22 +662,22 @@ void validate(void)
                                        atoi(buf), axdefs[atoi(buf)]);
                } while (strcmp(buf, "000"));
        } else {
-               wc_printf("<H1>%s</H1>%s<br />\n", user, &cmd[4]);
+               wc_printf("<H1>%s</H1>%s<br>\n", user, &cmd[4]);
        }
 
        wc_printf("<hr />");
        wc_printf(_("Select access level for this user:"));
-       wc_printf("<br />\n");
+       wc_printf("<br>\n");
        for (a = 0; a <= 6; ++a) {
                wc_printf("<a href=\"validate?nonce=%d?user=", WC->nonce);
                urlescputs(user);
                wc_printf("&axlevel=%d\">%s</A>&nbsp;&nbsp;&nbsp;\n",
                        a, axdefs[a]);
        }
-       wc_printf("<br />\n");
+       wc_printf("<br>\n");
 
        wc_printf("</div>\n");
-       wc_printf("</td></tr></table></div>\n");
+       wc_printf("</td></tr></table>\n");
        wDumpContent(1);
 }
 
@@ -752,7 +700,7 @@ void display_reg(int during_login)
        Buf = NewStrBuf();
        memset(&Room, 0, sizeof(folder));
        if (goto_config_room(Buf, &Room) != 0) {
-               lprintf(9, "display_reg() exiting because goto_config_room() failed\n");
+               syslog(9, "display_reg() exiting because goto_config_room() failed\n");
                if (during_login) {
                        do_welcome();
                }
@@ -768,7 +716,7 @@ void display_reg(int during_login)
        FreeStrBuf(&Buf);
        vcard_msgnum = locate_user_vcard_in_this_room(&VCMsg, &VCAtt);
        if (vcard_msgnum < 0L) {
-               lprintf(9, "display_reg() exiting because locate_user_vcard_in_this_room() failed\n");
+               syslog(9, "display_reg() exiting because locate_user_vcard_in_this_room() failed\n");
                if (during_login) {
                        do_welcome();
                }
@@ -783,7 +731,7 @@ void display_reg(int during_login)
        }
        else {
                StrBuf *ReturnTo;
-               ReturnTo = NewStrBufPlain(HKEY("display_main_menu?gotofirst="));
+               ReturnTo = NewStrBufPlain(HKEY("display_main_menu?go="));
                StrBufAppendBuf(ReturnTo, WC->CurRoom.name, 0);
                do_edit_vcard(vcard_msgnum, "1", VCMsg, VCAtt, ChrPtr(ReturnTo), USERCONFIGROOM);
                FreeStrBuf(&ReturnTo);
@@ -815,7 +763,7 @@ void display_changepw(void)
 
        if (!IsEmptyStr(WC->ImportantMessage)) {
                wc_printf("<span class=\"errormsg\">"
-                       "%s</span><br />\n", WC->ImportantMessage);
+                       "%s</span><br>\n", WC->ImportantMessage);
                safestrncpy(WC->ImportantMessage, "", sizeof WC->ImportantMessage);
        }
 
@@ -923,21 +871,18 @@ int ConditionalHaveAccessCreateRoom(StrBuf *Target, WCTemplputParams *TP)
 int ConditionalAide(StrBuf *Target, WCTemplputParams *TP)
 {
        wcsession *WCC = WC;
-       return (WCC != NULL)? (WC->is_aide == 0) : 0;
+       return (WCC != NULL) ? ((WCC->logged_in == 0)||(WC->is_aide == 0)) : 0;
 }
 
 int ConditionalIsLoggedIn(StrBuf *Target, WCTemplputParams *TP) 
 {
        wcsession *WCC = WC;
-       return (WCC != NULL)? (WCC->logged_in == 0) : 0;
-}
+       return (WCC != NULL) ? (WCC->logged_in == 0) : 0;
 
-
-void _display_openid_login(void) {
-       display_openid_login(NULL);
 }
 
 
+
 void _display_reg(void) {
        display_reg(0);
 }
@@ -954,7 +899,7 @@ void Header_HandleAuth(StrBuf *Line, ParsedHttpHdrs *hdr)
                        hdr->HR.got_auth = AUTH_BASIC;
                }
                else 
-                       lprintf(1, "Authentication scheme not supported! [%s]\n", ChrPtr(Line));
+                       syslog(1, "Authentication scheme not supported! [%s]\n", ChrPtr(Line));
        }
 }
 
@@ -969,7 +914,7 @@ void CheckAuthBasic(ParsedHttpHdrs *hdr)
        StrBufAppendBuf(hdr->HR.plainauth, hdr->HR.user_agent, 0);
        hdr->HR.SessionKey = hashlittle(SKEY(hdr->HR.plainauth), 89479832);
 /*
-       lprintf(1, "CheckAuthBasic: calculated sessionkey %ld\n", 
+       syslog(1, "CheckAuthBasic: calculated sessionkey %ld\n", 
                hdr->HR.SessionKey);
 */
 }
@@ -1048,24 +993,27 @@ InitModule_AUTH
        RegisterHeaderHandler(HKEY("COOKIE"), Header_HandleCookie);
        RegisterHeaderHandler(HKEY("AUTHORIZATION"), Header_HandleAuth);
 
-       WebcitAddUrlHandler(HKEY(""), "", 0, do_welcome, ANONYMOUS|COOKIEUNNEEDED); /* no url pattern at all? Show login. */
+       /* no url pattern at all? Show login. */
+       WebcitAddUrlHandler(HKEY(""), "", 0, do_welcome, ANONYMOUS|COOKIEUNNEEDED);
+
+       /* some of these will be removed soon */
        WebcitAddUrlHandler(HKEY("do_welcome"), "", 0, do_welcome, ANONYMOUS|COOKIEUNNEEDED);
-       WebcitAddUrlHandler(HKEY("login"), "", 0, do_login, ANONYMOUS|COOKIEUNNEEDED);
-       WebcitAddUrlHandler(HKEY("display_openid_login"), "", 0, _display_openid_login, ANONYMOUS);
        WebcitAddUrlHandler(HKEY("openid_login"), "", 0, do_openid_login, ANONYMOUS);
        WebcitAddUrlHandler(HKEY("finalize_openid_login"), "", 0, finalize_openid_login, ANONYMOUS);
        WebcitAddUrlHandler(HKEY("openid_manual_create"), "", 0, openid_manual_create, ANONYMOUS);
-       WebcitAddUrlHandler(HKEY("do_logout"), "", 0, do_logout, ANONYMOUS|COOKIEUNNEEDED|FORCE_SESSIONCLOSE);
        WebcitAddUrlHandler(HKEY("validate"), "", 0, validate, 0);
+       WebcitAddUrlHandler(HKEY("do_welcome"), "", 0, do_welcome, 0);
        WebcitAddUrlHandler(HKEY("display_reg"), "", 0, _display_reg, 0);
        WebcitAddUrlHandler(HKEY("display_changepw"), "", 0, display_changepw, 0);
        WebcitAddUrlHandler(HKEY("changepw"), "", 0, changepw, 0);
        WebcitAddUrlHandler(HKEY("termquit"), "", 0, do_logout, 0);
-
+       WebcitAddUrlHandler(HKEY("do_logout"), "", 0, do_logout, ANONYMOUS|COOKIEUNNEEDED|FORCE_SESSIONCLOSE);
+       WebcitAddUrlHandler(HKEY("ajax_login_username_password"), "", 0, ajax_login_username_password, AJAX|ANONYMOUS);
+       WebcitAddUrlHandler(HKEY("ajax_login_newuser"), "", 0, ajax_login_newuser, AJAX|ANONYMOUS);
        RegisterConditional(HKEY("COND:AIDE"), 2, ConditionalAide, CTX_NONE);
        RegisterConditional(HKEY("COND:LOGGEDIN"), 2, ConditionalIsLoggedIn, CTX_NONE);
        RegisterConditional(HKEY("COND:MAY_CREATE_ROOM"), 2,  ConditionalHaveAccessCreateRoom, CTX_NONE);
-       return ;
+       return;
 }