webcit/auth.c

   1 /*
   2  * auth.c
   3  *
   4  * This file contains code which relates to authentication of users to Citadel.
   5  *
   6  * $Id$
   7  */
   8
   9 #include <stdlib.h>
  10 #ifdef HAVE_UNISTD_H
  11 #include <unistd.h>
  12 #endif
  13 #include <stdio.h>
  14 #include <ctype.h>
  15 #include <string.h>
  16 #include <errno.h>
  17 #include "webcit.h"
  18 #include "child.h"
  19
  20
  21
  22 /*
  23  * Display the login screen
  24  */
  25 void display_login(char *mesg) {
  26         char buf[256];
  27
  28         printf("HTTP/1.0 200 OK\n");
  29         output_headers();
  30
  31         wprintf("<HTML><BODY>\n");
  32         wprintf("<CENTER><TABLE border=0 width=100%><TR><TD>\n");
  33
  34         /* FIX replace with the correct image */
  35         wprintf("<IMG SRC=\"/static/velma.gif\">");
  36         wprintf("</TD><TD><CENTER>\n");
  37
  38         if (mesg != NULL) {
  39                 wprintf("<font size=+1><b>%s</b></font>", mesg);
  40                 }
  41         else {
  42                 serv_puts("MESG hello");
  43                 serv_gets(buf);
  44                 if (buf[0]=='1') fmout(NULL);
  45                 }
  46
  47         wprintf("</CENTER></TD></TR></TABLE></CENTER>\n");
  48
  49         wprintf("<HR>\n");
  50         /* FIX add instructions here */
  51         wprintf("<CENTER><FORM ACTION=\"/login\" METHOD=\"POST\">\n");
  52         wprintf("<TABLE border><TR>\n");
  53         wprintf("<TD>User Name:</TD>\n");
  54         wprintf("<TD><INPUT TYPE=\"text\" NAME=\"name\" MAXLENGTH=\"25\">\n");
  55         wprintf("</TD></TR><TR>\n");
  56         wprintf("<TD>Password:</TD>\n");
  57         wprintf("<TD><INPUT TYPE=\"password\" NAME=\"pass\" MAXLENGTH=\"20\"></TD>\n");
  58         wprintf("</TR></TABLE>\n");
  59         wprintf("<INPUT type=\"submit\" NAME=\"action\" VALUE=\"Login\">\n");
  60         wprintf("<INPUT type=\"submit\" NAME=\"action\" VALUE=\"New User\">\n");
  61         wprintf("<INPUT type=\"submit\" NAME=\"action\" VALUE=\"Exit\">\n");
  62         wprintf("</FORM></CENTER>\n");
  63         wprintf("</BODY></HTML>\n");
  64         wDumpContent();
  65         }
  66
  67
  68
  69
  70 /*
  71  * This function needs to get called whenever a PASS or NEWU succeeds
  72  */
  73 void become_logged_in(char *user, char *pass, char *serv_response) {
  74         logged_in = 1;
  75         extract(wc_username, &serv_response[4], 0);
  76         strcpy(wc_password, pass);
  77         axlevel = extract_int(&serv_response[4], 1);
  78         if (axlevel >=6) is_aide = 1;
  79         fprintf(stderr, "become_logged_in(%s,%s)\n", user, pass);
  80         }
  81
  82
  83 void do_login(void) {
  84         char buf[256];
  85
  86         if (!strcasecmp(bstr("action"), "Exit")) {
  87                 do_logout();
  88                 }
  89
  90         if (!strcasecmp(bstr("action"), "Login")) {
  91                 serv_printf("USER %s", bstr("name"));
  92                 serv_gets(buf);
  93                 if (buf[0]=='3') {
  94                         serv_printf("PASS %s", bstr("pass"));
  95                         serv_gets(buf);
  96                         if (buf[0]=='2') {
  97                                 become_logged_in(bstr("name"),
  98                                         bstr("pass"), buf);
  99                                 }
 100                         else {
 101                                 display_login(&buf[4]);
 102                                 return;
 103                                 }
 104                         }
 105                 else {
 106                         display_login(&buf[4]);
 107                         return;
 108                         }
 109                 }
 110
 111         if (!strcasecmp(bstr("action"), "New User")) {
 112                 serv_printf("NEWU %s", bstr("name"));
 113                 serv_gets(buf);
 114                 if (buf[0]=='2') {
 115                         become_logged_in(bstr("name"), bstr("pass"), buf);
 116                         serv_printf("SETP %s", bstr("pass"));
 117                         serv_gets(buf);
 118                         }
 119                 else {
 120                         display_login(&buf[4]);
 121                         return;
 122                         }
 123                 }
 124
 125         if (logged_in) {
 126                 output_static("frameset.html");
 127                 }
 128         else {
 129                 display_login("Your password was not accepted.");
 130                 }
 131
 132         }
 133
 134 void do_welcome(void) {
 135         printf("HTTP/1.0 200 OK\n");
 136         output_headers();
 137         wprintf("<HTML><BODY>\n");
 138         wprintf("<CENTER><H1>");
 139         escputs(wc_username);
 140         wprintf("</H1>\n");
 141         /* FIX add user stats here */
 142
 143         wprintf("<HR>");
 144         /* FIX  ---  what should we put here?  the main menu,
 145          * or new messages in the lobby?
 146          */
 147         embed_main_menu();
 148
 149         wprintf("</BODY></HTML>\n");
 150         wDumpContent();
 151         }
 152
 153
 154 void do_logout(void) {
 155         char buf[256];
 156
 157         strcpy(wc_username, "");
 158         strcpy(wc_password, "");
 159         strcpy(wc_roomname, "");
 160         strcpy(wc_host, "");
 161         strcpy(wc_port, "");
 162
 163         printf("HTTP/1.0 200 OK\n");
 164         output_headers();
 165         printf("X-WebCit-Session: close\n");
 166
 167         wprintf("<HTML><HEAD><TITLE>Goodbye</TITLE></HEAD><BODY><CENTER>\n");
 168
 169         serv_puts("MESG goodbye");
 170         serv_gets(buf);
 171
 172         if (buf[0]=='1') fmout(NULL);
 173         else wprintf("Goodbye\n");
 174
 175         wprintf("<HR><A HREF=\"/\">Log in again</A>\n");
 176
 177         wprintf("</CENTER></BODY></HTML>\n");
 178         wDumpContent();
 179         serv_puts("QUIT");
 180         exit(0);
 181         }