if StrBuf_ServGetln() is called in a loop, its return value has to be checked for...

[citadel.git] / webcit / auth.c

diff --git a/webcit/auth.c b/webcit/auth.c
index 9dbbb5a827c311c8b63c39f9f21435fef50c4db8..35c2063b3f2e14a22bb97d46d0df3a9c480956ce 100644 (file)
--- a/webcit/auth.c
+++ b/webcit/auth.c
@@ -112,7 +112,7 @@ void become_logged_in(const StrBuf *user, const StrBuf *pass, StrBuf *serv_respo
        }
 
        WCC->axlevel = StrBufExtract_int(serv_response, 1, '|');
-       if (WCC->axlevel >= 6) { /* TODO: make this a define, else it might trick us later */
+       if (WCC->axlevel >= 6) {
                WCC->is_aide = 1;
        }
 
@@ -135,6 +135,7 @@ void become_logged_in(const StrBuf *user, const StrBuf *pass, StrBuf *serv_respo
        get_preference("floordiv_expanded", &FloorDiv);
        WCC->floordiv_expanded = FloorDiv;
        FreeStrBuf(&Buf);
+       FlushRoomlist();
 }
 
 
@@ -186,51 +187,58 @@ void ajax_login_newuser(void) {
 
 /* 
  * Try to create an account manually after an OpenID was verified
- * FIXME make this all sorts of wonderful extra window goodness
  */
 void openid_manual_create(void)
 {
        StrBuf *Buf;
 
+       /* Did the user change his mind?  Pack up and go home. */
        if (havebstr("exit_action")) {
-               do_logout();
+               begin_burst();
+               output_headers(1, 0, 0, 0, 1, 0);
+               do_template("authpopup_finished", NULL);
+               end_burst();
                return;
        }
 
-       if (havebstr("newuser_action")) {
-               Buf = NewStrBuf();
-               serv_printf("OIDC %s", bstr("name"));
-               StrBuf_ServGetln(Buf);
-               if (GetServerStatus(Buf, NULL) == 2) {
-                       StrBuf *gpass;
-
-                       gpass = NewStrBuf();
-                       serv_puts("SETP GENERATE_RANDOM_PASSWORD");
-                       StrBuf_ServGetln(gpass);
-                       StrBufCutLeft(gpass, 4);
-                       become_logged_in(sbstr("name"), gpass, Buf);
-                       FreeStrBuf(&gpass);
-               }
-               FreeStrBuf(&Buf);
+
+       /* Ok, let's give this a try.  Can we create the new user? */
+
+       Buf = NewStrBuf();
+       serv_printf("OIDC %s", bstr("name"));
+       StrBuf_ServGetln(Buf);
+       if (GetServerStatus(Buf, NULL) == 2) {
+               StrBuf *gpass;
+
+               gpass = NewStrBuf();
+               serv_puts("SETP GENERATE_RANDOM_PASSWORD");
+               StrBuf_ServGetln(gpass);
+               StrBufCutLeft(gpass, 4);
+               become_logged_in(sbstr("name"), gpass, Buf);
+               FreeStrBuf(&gpass);
        }
+       FreeStrBuf(&Buf);
 
+       /* Did we manage to log in?  If so, continue with the normal flow... */
        if (WC->logged_in) {
-               if (WC->need_regi) {
-                       display_reg(1);
-               } else if (WC->need_vali) {
-                       validate();
-               } else {
-                       do_welcome();
+               if (WC->logged_in) {
+                       begin_burst();
+                       output_headers(1, 0, 0, 0, 1, 0);
+                       do_template("authpopup_finished", NULL);
+                       end_burst();
                }
        } else {
+               /* Still no good!  Go back to teh dialog to select a username */
                const StrBuf *Buf;
-
                putbstr("__claimed_id", NewStrBufDup(sbstr("openid_url")));
                Buf = sbstr("name");
                if (StrLength(Buf) > 0)
                        putbstr("__username", NewStrBufDup(Buf));
                begin_burst();
+               output_headers(1, 0, 0, 0, 1, 0);
+               wc_printf("<html><body>");
                do_template("openid_manual_create", NULL);
+               wc_printf("</body></html>");
                end_burst();
        }
 
@@ -295,6 +303,7 @@ void finalize_openid_login(void)
                                long HKLen;
                                const char *HKey;
                                HashPos *Cursor;
+                               int len;
                                
                                Cursor = GetNewHashPos (WCC->Hdr->urlstrings, 0);
                                while (GetNextHashPos(WCC->Hdr->urlstrings, Cursor, &HKLen, &HKey, &U)) {
@@ -307,7 +316,9 @@ void finalize_openid_login(void)
                                serv_puts("000");
 
                                linecount = 0;
-                               while (StrBuf_ServGetln(Buf), strcmp(ChrPtr(Buf), "000")) 
+                               while (len = StrBuf_ServGetln(Buf), 
+                                      ((len >= 0) &&
+                                       ((len != 3) || strcmp(ChrPtr(Buf), "000") )))
                                {
                                        if (linecount == 0) result = NewStrBufDup(Buf);
                                        if (!strcasecmp(ChrPtr(result), "authenticate")) {
@@ -438,7 +449,7 @@ void do_welcome(void)
                                buf[strlen(buf)-1] = 0;
                                fclose(fp);
                                if (atoi(buf) == serv_info.serv_rev_level) {
-                                       setup_wizard = 1; /**< already run */
+                                       setup_wizard = 1;       /* already run */
                                }
                        }
                }
@@ -478,8 +489,9 @@ void end_webcit_session(void) {
        /* close() of citadel socket will be done by do_housekeeping() */
 }
 
+
 /* 
- * execute the logout
+ * Log out the session with the Citadel server
  */
 void do_logout(void)
 {
@@ -489,6 +501,7 @@ void do_logout(void)
        FlushStrBuf(WCC->wc_username);
        FlushStrBuf(WCC->wc_password);
        FlushStrBuf(WCC->wc_fullname);
+       FlushRoomlist();
 
        serv_puts("LOUT");
        serv_getln(buf, sizeof buf);
@@ -549,14 +562,11 @@ void validate(void)
        char buf[SIZ];
        int a;
 
-       output_headers(1, 1, 2, 0, 0, 0);
-       wc_printf("<div id=\"banner\">\n");
-       wc_printf("<h1>");
-       wc_printf(_("Validate new users"));
-       wc_printf("</h1>");
-       wc_printf("</div>\n");
+       output_headers(1, 1, 1, 0, 0, 0);
 
-       wc_printf("<div id=\"content\" class=\"service\">\n");
+        do_template("beginbox_1", NULL);
+        StrBufAppendBufPlain(WC->WBuf, _("Validate new users"), -1, 0);
+        do_template("beginbox_2", NULL);
 
        /* If the user just submitted a validation, process it... */
        safestrncpy(buf, bstr("user"), sizeof buf);
@@ -670,11 +680,11 @@ void validate(void)
 
        wc_printf("</div>\n");
        wc_printf("</td></tr></table>\n");
+       do_template("endbox", NULL);
        wDumpContent(1);
 }
 
 
-
 /*
  * Display form for registration.
  *
@@ -732,8 +742,6 @@ void display_reg(int during_login)
 }
 
 
-
-
 /*
  * display form for changing your password
  */
@@ -841,6 +849,7 @@ void changepw(void)
        }
 }
 
+
 int ConditionalHaveAccessCreateRoom(StrBuf *Target, WCTemplputParams *TP)
 {
        StrBuf *Buf;    
@@ -859,12 +868,14 @@ int ConditionalHaveAccessCreateRoom(StrBuf *Target, WCTemplputParams *TP)
        return 1;
 }
 
+
 int ConditionalAide(StrBuf *Target, WCTemplputParams *TP)
 {
        wcsession *WCC = WC;
        return (WCC != NULL) ? ((WCC->logged_in == 0)||(WC->is_aide == 0)) : 0;
 }
 
+
 int ConditionalIsLoggedIn(StrBuf *Target, WCTemplputParams *TP) 
 {
        wcsession *WCC = WC;
@@ -873,6 +884,14 @@ int ConditionalIsLoggedIn(StrBuf *Target, WCTemplputParams *TP)
 }
 
 
+/* 
+ * toggle the session over to a different language
+ */
+void switch_language(void) {
+       set_selected_language(bstr("lang"));
+       pop_destination();
+}
+
 
 void _display_reg(void) {
        display_reg(0);
@@ -894,6 +913,7 @@ void Header_HandleAuth(StrBuf *Line, ParsedHttpHdrs *hdr)
        }
 }
 
+
 void CheckAuthBasic(ParsedHttpHdrs *hdr)
 {
 /*
@@ -910,6 +930,7 @@ void CheckAuthBasic(ParsedHttpHdrs *hdr)
 */
 }
 
+
 void GetAuthBasic(ParsedHttpHdrs *hdr)
 {
        const char *Pos = NULL;
@@ -921,6 +942,7 @@ void GetAuthBasic(ParsedHttpHdrs *hdr)
        StrBufExtract_NextToken(hdr->c_password, hdr->HR.plainauth, &Pos, ':');
 }
 
+
 void Header_HandleCookie(StrBuf *Line, ParsedHttpHdrs *hdr)
 {
        const char *pch;
@@ -947,6 +969,7 @@ void Header_HandleCookie(StrBuf *Line, ParsedHttpHdrs *hdr)
        hdr->HR.got_auth = AUTH_COOKIE;
 }
 
+
 void 
 HttpNewModule_AUTH
 (ParsedHttpHdrs *httpreq)
@@ -956,6 +979,8 @@ HttpNewModule_AUTH
        httpreq->c_roomname = NewStrBuf();
        httpreq->c_language = NewStrBuf();
 }
+
+
 void 
 HttpDetachModule_AUTH
 (ParsedHttpHdrs *httpreq)
@@ -966,6 +991,7 @@ HttpDetachModule_AUTH
        FLUSHStrBuf(httpreq->c_language);
 }
 
+
 void 
 HttpDestroyModule_AUTH
 (ParsedHttpHdrs *httpreq)
@@ -976,6 +1002,7 @@ HttpDestroyModule_AUTH
        FreeStrBuf(&httpreq->c_language);
 }
 
+
 void 
 InitModule_AUTH
 (void)
@@ -987,7 +1014,6 @@ InitModule_AUTH
        /* no url pattern at all? Show login. */
        WebcitAddUrlHandler(HKEY(""), "", 0, do_welcome, ANONYMOUS|COOKIEUNNEEDED);
 
-       /* some of these will be removed soon */
        WebcitAddUrlHandler(HKEY("do_welcome"), "", 0, do_welcome, ANONYMOUS|COOKIEUNNEEDED);
        WebcitAddUrlHandler(HKEY("openid_login"), "", 0, do_openid_login, ANONYMOUS);
        WebcitAddUrlHandler(HKEY("finalize_openid_login"), "", 0, finalize_openid_login, ANONYMOUS);
@@ -1001,6 +1027,7 @@ InitModule_AUTH
        WebcitAddUrlHandler(HKEY("do_logout"), "", 0, do_logout, ANONYMOUS|COOKIEUNNEEDED|FORCE_SESSIONCLOSE);
        WebcitAddUrlHandler(HKEY("ajax_login_username_password"), "", 0, ajax_login_username_password, AJAX|ANONYMOUS);
        WebcitAddUrlHandler(HKEY("ajax_login_newuser"), "", 0, ajax_login_newuser, AJAX|ANONYMOUS);
+       WebcitAddUrlHandler(HKEY("switch_language"), "", 0, switch_language, ANONYMOUS);
        RegisterConditional(HKEY("COND:AIDE"), 2, ConditionalAide, CTX_NONE);
        RegisterConditional(HKEY("COND:LOGGEDIN"), 2, ConditionalIsLoggedIn, CTX_NONE);
        RegisterConditional(HKEY("COND:MAY_CREATE_ROOM"), 2,  ConditionalHaveAccessCreateRoom, CTX_NONE);