\n");
+
+ if (mesg != NULL) if (!IsEmptyStr(mesg)) {
+ stresc(buf, SIZ, mesg, 0, 0);
+ svprintf(HKEY("MESG"), WCS_STRING, "%s", buf);
+ }
+
+ svprintf(HKEY("LOGIN_INSTRUCTIONS"), WCS_STRING,
+ _("
"
+ "- Enter your OpenID URL and click "Login"."
+ "
- Please log off properly when finished. "
+ "
- You must use a browser that supports frames and "
+ "cookies. "
+ "
- Also keep in mind that if your browser is "
+ "configured to block pop-up windows, you will not be able "
+ "to receive any instant messages.
"
+ "
")
+ );
+
+ svput("OPENID_BOX", WCS_STRING, _("OpenID URL:"));
+ svput("LANGUAGE_BOX", WCS_STRING, _("Language:"));
+ svput("LOGIN_BUTTON", WCS_STRING, _("Login"));
+ svput("EXIT_BUTTON", WCS_STRING, _("Exit"));
+ svput("HELLO", WCS_SERVCMD, "MESG hello");
+ svprintf(HKEY("BOXTITLE"), WCS_STRING, _("%s - powered by
Citadel"),
+ serv_info.serv_humannode);
+ svcallback("DO_LANGUAGE_BOX", offer_languages);
+
+ svprintf(HKEY("OFFER_CONVENTIONAL_LOGIN"), WCS_STRING,
+ "
"
+ ,
+ "Log in using a user name and password"
+ );
+
+ do_template("openid_login");
+ wDumpContent(2);
+}
+
+
+
+
+/* Initialize the session
+ *
* This function needs to get called whenever the session changes from
* not-logged-in to logged-in, either by an explicit login by the user or
* by a timed-out session automatically re-establishing with a little help
* from the browser cookie. Either way, we need to load access controls and
* preferences from the server.
*
- * \param user the username
- * \param pass his password
- * \param serv_response The parameters returned from a Citadel USER or NEWU command
+ * user the username
+ * pass his password
+ * serv_response The parameters returned from a Citadel USER or NEWU command
*/
void become_logged_in(char *user, char *pass, char *serv_response)
{
@@ -126,24 +196,23 @@ void become_logged_in(char *user, char *pass, char *serv_response)
}
-/**
- * \brief Login Checks
- * the logics to detect invalid passwords not to get on citservers nerves
+/*
+ * Perform authentication using a user name and password
*/
void do_login(void)
{
char buf[SIZ];
- if (strlen(bstr("language")) > 0) {
+ if (havebstr("language")) {
set_selected_language(bstr("language"));
go_selected_language();
}
- if (strlen(bstr("exit_action")) > 0) {
+ if (havebstr("exit_action")) {
do_logout();
return;
}
- if (strlen(bstr("login_action")) > 0) {
+ if (havebstr("login_action")) {
serv_printf("USER %s", bstr("name"));
serv_getln(buf, sizeof buf);
if (buf[0] == '3') {
@@ -161,8 +230,8 @@ void do_login(void)
return;
}
}
- if (strlen(bstr("newuser_action")) > 0) {
- if (strlen(bstr("pass")) == 0) {
+ if (havebstr("newuser_action")) {
+ if (!havebstr("pass")) {
display_login(_("Blank passwords are not allowed."));
return;
}
@@ -189,8 +258,86 @@ void do_login(void)
}
-/**
- * \brief display the user a welcome screen.
+
+/*
+ * Perform authentication using OpenID
+ * assemble the checkid_setup request and then redirect to the user's identity provider
+ */
+void do_openid_login(void)
+{
+ char buf[4096];
+
+ if (havebstr("language")) {
+ set_selected_language(bstr("language"));
+ go_selected_language();
+ }
+
+ if (havebstr("exit_action")) {
+ do_logout();
+ return;
+ }
+ if (havebstr("login_action")) {
+ snprintf(buf, sizeof buf,
+ "OID1 %s|%s://%s/finish_openid_login|%s://%s",
+ bstr("openid_url"),
+ (is_https ? "https" : "http"), WC->http_host,
+ (is_https ? "https" : "http"), WC->http_host
+ );
+
+ serv_puts(buf);
+ serv_getln(buf, sizeof buf);
+ if (buf[0] == '2') {
+ lprintf(CTDL_DEBUG, "OpenID server contacted; redirecting to %s\n", &buf[4]);
+ http_redirect(&buf[4]);
+ return;
+ }
+ else {
+ display_openid_login(&buf[4]);
+ return;
+ }
+ }
+
+ /* If we get to this point then something failed. */
+ display_openid_login(_("Your password was not accepted."));
+}
+
+/*
+ * Complete the authentication using OpenID
+ * This function handles the positive or negative assertion from the user's Identity Provider
+ */
+void finish_openid_login(void)
+{
+ if (havebstr("openid.mode")) {
+ if (!strcasecmp(bstr("openid.mode"), "id_res")) {
+
+ display_openid_login("FIXME id accepted but the code isn't finished");
+ //FIXME finish this
+
+ }
+ }
+
+ if (WC->logged_in) {
+ if (WC->need_regi) {
+ display_reg(1);
+ } else {
+ do_welcome();
+ }
+ } else {
+ display_openid_login(_("Your password was not accepted."));
+ }
+
+}
+
+
+
+
+
+
+
+
+/*
+ * display the user a welcome screen.
+ *
* if this is the first time login, and the web based setup is enabled,
* lead the user through the setup routines
*/
@@ -206,9 +353,11 @@ void do_welcome(void)
*/
if (WC->is_aide) {
if (!setup_wizard) {
+ int len;
sprintf(wizard_filename, "setupwiz.%s.%s",
ctdlhost, ctdlport);
- for (i=0; i
");
+ wprintf("");
+ wprintf("
");
+ wprintf("
");
+ wprintf(_("Log off"));
+ wprintf("
");
serv_puts("MESG goodbye");
serv_getln(buf, sizeof buf);
@@ -296,20 +449,24 @@ void do_logout(void)
"connected to the Citadel server. Please report "
"this problem to your system administrator.")
);
+ wprintf("
%s",
+ _("Read More..."));
}
- wprintf("
");
+ wprintf("
\n");
wDumpContent(2);
end_webcit_session();
}
-/* *
+/*
* validate new users
*/
void validate(void)
@@ -320,16 +477,18 @@ void validate(void)
int a;
output_headers(1, 1, 2, 0, 0, 0);
- wprintf("\n"
- "
"
- "");
+ wprintf(" \n");
+ wprintf(" ");
wprintf(_("Validate new users"));
- wprintf(" |
\n
\n\n");
+ wprintf("");
+ wprintf("
\n");
+
+ wprintf("\n");
- /** If the user just submitted a validation, process it... */
+ /* If the user just submitted a validation, process it... */
safestrncpy(buf, bstr("user"), sizeof buf);
- if (strlen(buf) > 0) {
- if (strlen(bstr("axlevel")) > 0) {
+ if (!IsEmptyStr(buf)) {
+ if (havebstr("axlevel")) {
serv_printf("VALI %s|%s", buf, bstr("axlevel"));
serv_getln(buf, sizeof buf);
if (buf[0] != '2') {
@@ -338,7 +497,7 @@ void validate(void)
}
}
- /** Now see if any more users require validation. */
+ /* Now see if any more users require validation. */
serv_puts("GNUR");
serv_getln(buf, sizeof buf);
if (buf[0] == '2') {
@@ -355,7 +514,7 @@ void validate(void)
}
wprintf("