webcit/auth.c

   1 /*
   2  * auth.c
   3  *
   4  * This file contains code which relates to authentication of users to Citadel.
   5  *
   6  * $Id$
   7  */
   8
   9 #include <stdlib.h>
  10 #ifdef HAVE_UNISTD_H
  11 #include <unistd.h>
  12 #endif
  13 #include <stdio.h>
  14 #include <ctype.h>
  15 #include <string.h>
  16 #include <errno.h>
  17 #include "webcit.h"
  18 #include "child.h"
  19
  20
  21
  22 /*
  23  * Display the login screen
  24  */
  25 void display_login(void) {
  26         char buf[256];
  27
  28         printf("HTTP/1.0 200 OK\n");
  29         output_headers();
  30
  31         wprintf("<HTML><BODY>\n");
  32         wprintf("<CENTER><TABLE border=0><TR><TD>\n");
  33
  34         /* FIX replace with the correct image */
  35         wprintf("<IMG SRC=\"/static/velma.gif\">");
  36         wprintf("</TD><TD><CENTER>\n");
  37
  38         serv_puts("MESG hello");
  39         serv_gets(buf);
  40         if (buf[0]=='1') fmout(NULL);
  41
  42         wprintf("</CENTER></TD></TR></TABLE></CENTER>\n");
  43
  44         wprintf("<HR>\n");
  45         /* FIX add instructions here */
  46         wprintf("<CENTER><FORM ACTION=\"/login\" METHOD=\"POST\">\n");
  47         wprintf("<TABLE border><TR>\n");
  48         wprintf("<TD>User Name:</TD>\n");
  49         wprintf("<TD><INPUT TYPE=\"text\" NAME=\"name\" MAXLENGTH=\"25\">\n");
  50         wprintf("</TD></TR><TR>\n");
  51         wprintf("<TD>Password:</TD>\n");
  52         wprintf("<TD><INPUT TYPE=\"password\" NAME=\"pass\" MAXLENGTH=\"20\"></TD>\n");
  53         wprintf("</TR></TABLE>\n");
  54         wprintf("<INPUT type=\"submit\" NAME=\"action\" VALUE=\"Login\">\n");
  55         wprintf("<INPUT type=\"submit\" NAME=\"action\" VALUE=\"New User\">\n");
  56         wprintf("<INPUT type=\"submit\" NAME=\"action\" VALUE=\"Exit\">\n");
  57         wprintf("</FORM></CENTER>\n");
  58         wprintf("</BODY></HTML>\n");
  59         wDumpContent();
  60         }
  61
  62
  63
  64
  65 /*
  66  * This function needs to get called whenever a PASS or NEWU succeeds
  67  */
  68 void become_logged_in(char *user, char *pass, char *serv_response) {
  69         logged_in = 1;
  70         extract(wc_username, &serv_response[4], 0);
  71         strcpy(wc_password, pass);
  72         axlevel = extract_int(&serv_response[4], 1);
  73         if (axlevel >=6) is_aide = 1;
  74         fprintf(stderr, "become_logged_in(%s,%s)\n", user, pass);
  75         }
  76
  77
  78 void do_login(void) {
  79         char buf[256];
  80
  81         fprintf(stderr, "do_login() called\n");
  82         if (!strcasecmp(bstr("action"), "Login")) {
  83                 serv_printf("USER %s", bstr("name"));
  84                 serv_gets(buf);
  85                 if (buf[0]=='3') {
  86                         serv_printf("PASS %s", bstr("pass"));
  87                         serv_gets(buf);
  88                         if (buf[0]=='2') {
  89                                 become_logged_in(bstr("name"),
  90                                         bstr("pass"), buf);
  91                                 }
  92                         }
  93                 }
  94
  95         fprintf(stderr, "logged_in==%d\n", logged_in);
  96
  97         if (logged_in) {
  98                 output_static("frameset.html");
  99                 }
 100         else {
 101                 printf("HTTP/1.0 200 OK\n");
 102                 output_headers();
 103                 wprintf("<HTML><HEAD><TITLE>Nope</TITLE></HEAD><BODY>\n");
 104                 wprintf("Your password was not accepted.\n");
 105                 wprintf("<HR><A HREF=\"/\">Try again</A>\n");
 106                 wprintf("</BODY></HTML>\n");
 107                 wDumpContent();
 108                 }
 109
 110         }
 111
 112 void do_welcome(void) {
 113         printf("HTTP/1.0 200 OK\n");
 114         output_headers();
 115         wprintf("<HTML><BODY>\n");
 116         wprintf("<CENTER><H1>");
 117         escputs(wc_username);
 118         wprintf("</H1>\n");
 119         /* other stuff here */
 120         wprintf("</BODY></HTML>\n");
 121         wDumpContent();
 122         }
 123
 124
 125 void do_logout(void) {
 126         char buf[256];
 127
 128         strcpy(wc_username, "");
 129         strcpy(wc_password, "");
 130         strcpy(wc_roomname, "");
 131         strcpy(wc_host, "");
 132         strcpy(wc_port, "");
 133
 134         printf("HTTP/1.0 200 OK\n");
 135         output_headers();
 136         printf("X-WebCit-Session: close\n");
 137
 138         wprintf("<HTML><HEAD><TITLE>Goodbye</TITLE></HEAD><BODY><CENTER>\n");
 139
 140         serv_puts("MESG goodbye");
 141         serv_gets(buf);
 142
 143         if (buf[0]=='1') fmout(NULL);
 144         else wprintf("Goodbye\n");
 145
 146         wprintf("</CENTER></BODY></HTML>\n");
 147         wDumpContent();
 148         serv_puts("QUIT");
 149         exit(0);
 150         }