4 * Handles authentication of users to a Citadel server.
23 * Display the login screen
25 void display_login(char *mesg)
29 output_headers(1, 1, 2, 0, 0, 0, 0);
30 wprintf("<div style=\"position:absolute; top:20px; left:20px; right:20px\">\n");
32 if (mesg != NULL) if (strlen(mesg) > 0) {
33 stresc(buf, mesg, 0, 0);
34 svprintf("mesg", WCS_STRING, "%s", buf);
37 svprintf("hello", WCS_SERVCMD, "MESG hello");
38 svprintf("BOXTITLE", WCS_STRING, "%s - powered by Citadel",
39 serv_info.serv_humannode);
50 * This function needs to get called whenever the session changes from
51 * not-logged-in to logged-in, either by an explicit login by the user or
52 * by a timed-out session automatically re-establishing with a little help
53 * from the browser cookie. Either way, we need to load access controls and
54 * preferences from the server.
56 void become_logged_in(char *user, char *pass, char *serv_response)
61 extract_token(WC->wc_username, &serv_response[4], 0, '|', sizeof WC->wc_username);
62 safestrncpy(WC->wc_password, pass, sizeof WC->wc_password);
63 WC->axlevel = extract_int(&serv_response[4], 1);
64 if (WC->axlevel >= 6) {
71 serv_getln(buf, sizeof buf);
73 WC->new_mail = extract_int(&buf[4], 0);
74 WC->need_regi = extract_int(&buf[4], 1);
75 WC->need_vali = extract_int(&buf[4], 2);
76 extract_token(WC->cs_inet_email, &buf[4], 3, '|', sizeof WC->cs_inet_email);
85 if (!strcasecmp(bstr("action"), "Exit")) {
89 if (!strcasecmp(bstr("action"), "Login")) {
90 serv_printf("USER %s", bstr("name"));
91 serv_getln(buf, sizeof buf);
93 serv_printf("PASS %s", bstr("pass"));
94 serv_getln(buf, sizeof buf);
96 become_logged_in(bstr("name"),
99 display_login(&buf[4]);
103 display_login(&buf[4]);
107 if (!strcasecmp(bstr("action"), "New User")) {
108 if (strlen(bstr("pass")) == 0) {
109 display_login("Blank passwords are not allowed.");
112 serv_printf("NEWU %s", bstr("name"));
113 serv_getln(buf, sizeof buf);
115 become_logged_in(bstr("name"), bstr("pass"), buf);
116 serv_printf("SETP %s", bstr("pass"));
117 serv_getln(buf, sizeof buf);
119 display_login(&buf[4]);
130 display_login("Your password was not accepted.");
135 void do_welcome(void)
138 #ifdef XXX_NOT_FINISHED_YET_XXX
143 * See if we have to run the first-time setup wizard
147 sprintf(wizard_filename, "setupwiz.%s.%s",
149 for (i=0; i<strlen(wizard_filename); ++i) {
150 if ( (wizard_filename[i]==' ')
151 || (wizard_filename[i] == '/')
153 wizard_filename[i] = '_';
157 fp = fopen(wizard_filename, "r");
159 fgets(buf, sizeof buf, fp);
160 buf[strlen(buf)-1] = 0;
162 if (atoi(buf) == serv_info.serv_rev_level) {
163 setup_wizard = 1; /* already run */
169 http_redirect("/setup_wizard");
175 * Go to the user's preferred start page
177 get_preference("startpage", buf, sizeof buf);
178 if (strlen(buf)==0) {
179 safestrncpy(buf, "/dotskip&room=_BASEROOM_", sizeof buf);
180 set_preference("startpage", buf, 1);
187 * Disconnect from the Citadel server, and end this WebCit session
189 void end_webcit_session(void) {
192 /* close() of citadel socket will be done by do_housekeeping() */
200 safestrncpy(WC->wc_username, "", sizeof WC->wc_username);
201 safestrncpy(WC->wc_password, "", sizeof WC->wc_password);
202 safestrncpy(WC->wc_roomname, "", sizeof WC->wc_roomname);
204 /* Calling output_headers() this way causes the cookies to be un-set */
205 output_headers(1, 1, 0, 1, 0, 0, 0);
208 serv_puts("MESG goodbye");
209 serv_getln(buf, sizeof buf);
211 if (WC->serv_sock >= 0) {
213 fmout(NULL, "CENTER");
215 wprintf("Goodbye\n");
219 wprintf("This program was unable to connect or stay "
220 "connected to the Citadel server. Please report "
221 "this problem to your system administrator."
225 wprintf("<hr /><a href=\"/\">Log in again</A> "
226 "<a href=\"javascript:window.close();\">Close window</A>"
229 end_webcit_session();
243 output_headers(1, 1, 2, 0, 0, 0, 0);
244 wprintf("<div id=\"banner\">\n"
245 "<TABLE WIDTH=100%% BORDER=0 BGCOLOR=\"#444455\"><TR><TD>"
246 "<SPAN CLASS=\"titlebar\">Validate new users</SPAN>"
247 "</TD></TR></TABLE>\n"
248 "</div>\n<div id=\"content\">\n"
251 safestrncpy(buf, bstr("user"), sizeof buf);
253 if (strlen(bstr("axlevel")) > 0) {
254 serv_printf("VALI %s|%s", buf, bstr("axlevel"));
255 serv_getln(buf, sizeof buf);
257 wprintf("<b>%s</b><br />\n", &buf[4]);
261 serv_getln(buf, sizeof buf);
264 wprintf("<b>%s</b><br />\n", &buf[4]);
269 wprintf("<div id=\"fix_scrollbar_bug\">"
270 "<table border=0 width=100%% bgcolor=\"#ffffff\"><tr><td>\n");
273 safestrncpy(user, &buf[4], sizeof user);
274 serv_printf("GREG %s", user);
275 serv_getln(cmd, sizeof cmd);
279 serv_getln(buf, sizeof buf);
282 wprintf("User #%s<br /><H1>%s</H1>",
285 wprintf("PW: %s<br />\n", buf);
287 wprintf("%s<br />\n", buf);
289 wprintf("%s<br />\n", buf);
291 wprintf("%s, ", buf);
295 wprintf("%s<br />\n", buf);
297 wprintf("%s<br />\n", buf);
299 wprintf("Current access level: %d (%s)\n",
300 atoi(buf), axdefs[atoi(buf)]);
301 } while (strcmp(buf, "000"));
303 wprintf("<H1>%s</H1>%s<br />\n", user, &cmd[4]);
306 wprintf("<hr />Select access level for this user:<br />\n");
307 for (a = 0; a <= 6; ++a) {
308 wprintf("<A HREF=\"/validate&user=");
310 wprintf("&axlevel=%d\">%s</A> \n",
315 wprintf("</CENTER>\n");
316 wprintf("</td></tr></table></div>\n");
323 * Display form for registration.
324 * (Set during_login to 1 if this registration is being performed during
325 * new user login and will require chaining to the proper screen.)
327 void display_reg(int during_login)
331 if (goto_config_room() != 0) {
332 if (during_login) do_welcome();
333 else display_main_menu();
337 vcard_msgnum = locate_user_vcard(WC->wc_username, -1);
338 if (vcard_msgnum < 0L) {
339 if (during_login) do_welcome();
340 else display_main_menu();
345 do_edit_vcard(vcard_msgnum, "1", "/do_welcome");
348 do_edit_vcard(vcard_msgnum, "1", "/display_main_menu");
357 * display form for changing your password
359 void display_changepw(void)
363 output_headers(1, 1, 2, 0, 0, 0, 0);
364 wprintf("<div id=\"banner\">\n"
365 "<TABLE WIDTH=100%% BORDER=0 BGCOLOR=\"#444455\"><TR><TD>"
366 "<SPAN CLASS=\"titlebar\">Change your password</SPAN>"
367 "</TD></TR></TABLE>\n"
368 "</div>\n<div id=\"content\">\n"
371 if (strlen(WC->ImportantMessage) > 0) {
372 do_template("beginbox_nt");
373 wprintf("<SPAN CLASS=\"errormsg\">"
374 "%s</SPAN><br />\n", WC->ImportantMessage);
375 do_template("endbox");
376 safestrncpy(WC->ImportantMessage, "", sizeof WC->ImportantMessage);
379 wprintf("<div id=\"fix_scrollbar_bug\">"
380 "<table border=0 width=100%% bgcolor=\"#ffffff\"><tr><td>\n");
382 wprintf("<CENTER><br />");
383 serv_puts("MESG changepw");
384 serv_getln(buf, sizeof buf);
386 fmout(NULL, "CENTER");
389 wprintf("<form name=\"changepwform\" action=\"changepw\" method=\"post\">\n");
391 "<table border=\"0\" cellspacing=\"5\" cellpadding=\"5\" "
392 "BGCOLOR=\"#EEEEEE\">"
393 "<TR><TD>Enter new password:</TD>\n");
394 wprintf("<TD><INPUT TYPE=\"password\" NAME=\"newpass1\" VALUE=\"\" MAXLENGTH=\"20\"></TD></TR>\n");
395 wprintf("<TR><TD>Enter it again to confirm:</TD>\n");
396 wprintf("<TD><INPUT TYPE=\"password\" NAME=\"newpass2\" VALUE=\"\" MAXLENGTH=\"20\"></TD></TR>\n");
398 wprintf("</TABLE><br />\n");
399 wprintf("<INPUT type=\"submit\" name=\"action\" value=\"Change\">"
401 "<INPUT type=\"submit\" name=\"action\" value=\"Cancel\">\n");
402 wprintf("</form></center>\n");
403 wprintf("</td></tr></table></div>\n");
413 char newpass1[32], newpass2[32];
415 if (strcmp(bstr("action"), "Change")) {
416 safestrncpy(WC->ImportantMessage,
417 "Cancelled. Password was not changed.",
418 sizeof WC->ImportantMessage);
423 safestrncpy(newpass1, bstr("newpass1"), sizeof newpass1);
424 safestrncpy(newpass2, bstr("newpass2"), sizeof newpass2);
426 if (strcasecmp(newpass1, newpass2)) {
427 safestrncpy(WC->ImportantMessage,
428 "They don't match. Password was not changed.",
429 sizeof WC->ImportantMessage);
434 if (strlen(newpass1) == 0) {
435 safestrncpy(WC->ImportantMessage,
436 "Blank passwords are not allowed.",
437 sizeof WC->ImportantMessage);
442 serv_printf("SETP %s", newpass1);
443 serv_getln(buf, sizeof buf);
444 sprintf(WC->ImportantMessage, "%s", &buf[4]);
446 safestrncpy(WC->wc_password, buf, sizeof WC->wc_password);