projects / citadel.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Removed logging subsystem from webcit. It's all syslog now.
[citadel.git] / webcit / auth.c
diff --git a/webcit/auth.c b/webcit/auth.c
index 2dcfaf3bb8c64a1ca1d2a90e06a309a64baa2012..74ab667385cfdce1ada3dd4a30330839a6d54544 100644 (file)
--- a/webcit/auth.c
+++ b/webcit/auth.c
@@ -1,14 +1,12 @@
 /*
- * $Id$
+ * These functions handle authentication of users to a Citadel server.
  *
- * WebcitAuth; Handles authentication of users to a Citadel server.
+ * Copyright (c) 1996-2011 by the citadel.org team
  *
- * Copyright (c) 1996-2010 by the citadel.org team
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
+ * This program is open source software.  You can redistribute it and/or
+ * modify it under the terms of the GNU General Public License as
+ * published by the Free Software Foundation; either version 3 of the
+ * License, or (at your option) any later version.
  *
  * This program is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
@@ -17,7 +15,7 @@
  *
  * You should have received a copy of the GNU General Public License
  * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
  */
 
 #include "webcit.h"
@@ -35,13 +33,27 @@ void display_reg(int during_login);
 char *axdefs[7]; 
 
 void initialize_axdefs(void) {
-       axdefs[0] = _("Deleted");       /* an erased user */
-       axdefs[1] = _("New User");      /* a new user */
-       axdefs[2] = _("Problem User");  /* a trouble maker */
-       axdefs[3] = _("Local User");    /* user with normal privileges */
-       axdefs[4] = _("Network User");  /* a user that may access network resources */
-       axdefs[5] = _("Preferred User");/* a moderator */
-       axdefs[6] = _("Aide");          /* chief */
+
+       /* an erased user */
+       axdefs[0] = _("Deleted");       
+
+       /* a new user */
+       axdefs[1] = _("New User");      
+
+       /* a trouble maker */
+       axdefs[2] = _("Problem User");  
+
+       /* user with normal privileges */
+       axdefs[3] = _("Local User");    
+
+       /* a user that may access network resources */
+       axdefs[4] = _("Network User");  
+
+       /* a moderator */
+       axdefs[5] = _("Preferred User");
+
+       /* chief */
+       axdefs[6] = _("Aide");          
 }
 
 
@@ -61,59 +73,6 @@ void display_login(void)
 
 
 
-/* 
- * Display the openid-enabled login screen
- * mesg = the error message if last attempt failed.
- */
-void display_openid_login(char *mesg)
-{
-  begin_burst();
-  output_headers(1, 0, 0, 0, 1, 0);
-  do_template("openid_login", NULL);
-  end_burst();
-}
-
-
-void display_openid_name_request(const StrBuf *claimed_id, const StrBuf *username) 
-{
-       StrBuf *Buf = NULL;
-
-       output_headers(1, 1, 2, 0, 0, 0);
-       wc_printf("<div id=\"login_screen\">\n");
-
-       Buf = NewStrBufPlain(NULL, StrLength(claimed_id));
-       StrEscAppend(Buf, claimed_id, NULL, 0, 0);
-       svprintf(HKEY("VERIFIED"), WCS_STRING, _("Your OpenID <tt>%s</tt> was successfully verified."),
-                ChrPtr(Buf));
-       SVPutBuf("CLAIMED_ID", Buf, 0);
-
-
-       if (StrLength(username) > 0) {
-                       Buf = NewStrBufPlain(NULL, StrLength(username));
-                       StrEscAppend(Buf, username, NULL, 0, 0);
-                       svprintf(HKEY("REASON"), WCS_STRING,
-                                _("However, the user name '%s' conflicts with an existing user."), 
-                                ChrPtr(Buf));
-                       FreeStrBuf(&Buf);
-       }
-       else {
-               svput("REASON", WCS_STRING, "");
-       }
-
-       svput("ACTION_REQUESTED", WCS_STRING, _("Please specify the user name you would like to use."));
-
-       svput("USERNAME_BOX", WCS_STRING, _("User name:"));
-       svput("NEWUSER_BUTTON", WCS_STRING, _("New User"));
-       svput("EXIT_BUTTON", WCS_STRING, _("Exit"));
-
-       svprintf(HKEY("BOXTITLE"), WCS_STRING, _("%s - powered by <a href=\"http://www.citadel.org\">Citadel</a>"),
-                ChrPtr(WC->serv_info->serv_humannode));
-
-       do_template("openid_manual_create", NULL);
-       wDumpContent(2);
-}
-
-
 
 /* Initialize the session
  *
@@ -269,6 +228,31 @@ void do_login(void)
        FreeStrBuf(&Buf);
 }
 
+
+
+/* 
+ * modal/ajax version of 'login' (username and password)
+ */
+void ajax_login_username_password(void) {
+       StrBuf *Buf = NewStrBuf();
+
+       serv_printf("USER %s", bstr("name"));
+       StrBuf_ServGetln(Buf);
+       if (GetServerStatus(Buf, NULL) == 3) {
+               serv_printf("PASS %s", bstr("pass"));
+               StrBuf_ServGetln(Buf);
+               if (GetServerStatus(Buf, NULL) == 2) {
+                       become_logged_in(sbstr("name"), sbstr("pass"), Buf);
+               }
+       }
+
+       /* The client is expecting to read back a citadel protocol response */
+       wc_printf("%s", ChrPtr(Buf));
+       FreeStrBuf(&Buf);
+}
+
+
+
 /* 
  * Try to create an account manually after an OpenID was verified
  */
@@ -307,7 +291,15 @@ void openid_manual_create(void)
                        do_welcome();
                }
        } else {
-               display_openid_name_request(sbstr("openid_url"), sbstr("name"));
+               const StrBuf *Buf;
+
+               putbstr("__claimed_id", NewStrBufDup(sbstr("openid_url")));
+               Buf = sbstr("name");
+               if (StrLength(Buf) > 0)
+                       putbstr("__username", NewStrBufDup(Buf));
+               begin_burst();
+               do_template("openid_manual_create", NULL);
+               end_burst();
        }
 
 }
@@ -319,7 +311,6 @@ void openid_manual_create(void)
  */
 void do_openid_login(void)
 {
-       wcsession *WCC = WC;
        char buf[4096];
 
        if (havebstr("language")) {
@@ -333,27 +324,27 @@ void do_openid_login(void)
        }
        if (havebstr("login_action")) {
                snprintf(buf, sizeof buf,
-                       "OIDS %s|%s://%s/finalize_openid_login|%s://%s",
+                       "OIDS %s|%s/finalize_openid_login|%s",
                        bstr("openid_url"),
-                        (is_https ? "https" : "http"), ChrPtr(WCC->Hdr->HR.http_host),
-                        (is_https ? "https" : "http"), ChrPtr(WCC->Hdr->HR.http_host)
+                       ChrPtr(site_prefix),
+                       ChrPtr(site_prefix)
                );
 
                serv_puts(buf);
                serv_getln(buf, sizeof buf);
                if (buf[0] == '2') {
-                       lprintf(CTDL_DEBUG, "OpenID server contacted; redirecting to %s\n", &buf[4]);
+                       syslog(LOG_DEBUG, "OpenID server contacted; redirecting to %s\n", &buf[4]);
                        http_redirect(&buf[4]);
                        return;
                }
                else {
-                       display_openid_login(&buf[4]);
+                       display_login();
                        return;
                }
        }
 
        /* If we get to this point then something failed. */
-       display_openid_login(_("Your password was not accepted."));
+       display_login();
 }
 
 /* 
@@ -447,18 +438,26 @@ void finalize_openid_login(void)
         */
 
        else if (!strcasecmp(ChrPtr(result), "verify_only")) {
-               display_openid_name_request(claimed_id, username);
+               putbstr("__claimed_id", claimed_id);
+               claimed_id = NULL;
+               if (StrLength(username) > 0) {
+                       putbstr("__username", username);
+                       username = NULL;
+               }
+               begin_burst();
+               do_template("openid_manual_create", NULL);
+               end_burst();
        }
 
        /* Did we manage to log in?  If so, continue with the normal flow... */
-       if (WC->logged_in) {
+       else if (WC->logged_in) {
                if (WC->need_regi) {
                        display_reg(1);
                } else {
                        do_welcome();
                }
        } else {
-               display_openid_login(_("Your password was not accepted."));
+               display_login();
        }
 
        FreeStrBuf(&result);
@@ -530,7 +529,7 @@ void do_welcome(void)
        if (StrLength(Buf) == 0) {
                StrBufAppendBufPlain(Buf, "dotgoto?room=_BASEROOM_", -1, 0);
        }
-       lprintf(9, "Redirecting to user's start page: %s\n", ChrPtr(Buf));
+       syslog(9, "Redirecting to user's start page: %s\n", ChrPtr(Buf));
        http_redirect(ChrPtr(Buf));
 }
 
@@ -555,14 +554,20 @@ void do_logout(void)
 
        FlushStrBuf(WCC->wc_username);
        FlushStrBuf(WCC->wc_password);
-       FlushStrBuf(WCC->CurRoom.name);
        FlushStrBuf(WCC->wc_fullname);
 
-       /* FIXME: this is to suppress the iconbar displaying, because we aren't
-          actually logged out yet */
+       serv_puts("LOUT");
+       serv_getln(buf, sizeof buf);
        WCC->logged_in = 0;
 
-       /** Calling output_headers() this way causes the cookies to be un-set */
+       if (WC->serv_info->serv_supports_guest) {
+               display_default_landing_page();
+               return;
+       }
+
+       FlushStrBuf(WCC->CurRoom.name);
+
+       /* Calling output_headers() this way causes the cookies to be un-set */
        output_headers(1, 1, 0, 1, 0, 0);
 
        wc_printf("<div id=\"logout_screen\">");
@@ -594,16 +599,6 @@ void do_logout(void)
                "<span class=\"button_link\"><a href=\".\">");
        wc_printf(_("Log in again"));
        wc_printf("</a></span>");
-
-       /* The "close window" link is commented out because some browsers don't
-        * allow it to work.
-        *
-       wc_printf("&nbsp;&nbsp;&nbsp;<span class=\"button_link\">"
-               "<a href=\"javascript:window.close();\">");
-       wc_printf(_("Close window"));
-       wc_printf("</a></span>");
-        */
-
        wc_printf("</div></div></div>\n");
        wDumpContent(2);
        end_webcit_session();
@@ -657,8 +652,7 @@ void validate(void)
                return;
        }
 
-       wc_printf("<div class=\"fix_scrollbar_bug\">"
-               "<table class=\"auth_validate\"><tr><td>\n");
+       wc_printf("<table class=\"auth_validate\"><tr><td>\n");
        wc_printf("<div id=\"validate\">");
 
        safestrncpy(user, &buf[4], sizeof user);
@@ -726,22 +720,22 @@ void validate(void)
                                        atoi(buf), axdefs[atoi(buf)]);
                } while (strcmp(buf, "000"));
        } else {
-               wc_printf("<H1>%s</H1>%s<br />\n", user, &cmd[4]);
+               wc_printf("<H1>%s</H1>%s<br>\n", user, &cmd[4]);
        }
 
        wc_printf("<hr />");
        wc_printf(_("Select access level for this user:"));
-       wc_printf("<br />\n");
+       wc_printf("<br>\n");
        for (a = 0; a <= 6; ++a) {
                wc_printf("<a href=\"validate?nonce=%d?user=", WC->nonce);
                urlescputs(user);
                wc_printf("&axlevel=%d\">%s</A>&nbsp;&nbsp;&nbsp;\n",
                        a, axdefs[a]);
        }
-       wc_printf("<br />\n");
+       wc_printf("<br>\n");
 
        wc_printf("</div>\n");
-       wc_printf("</td></tr></table></div>\n");
+       wc_printf("</td></tr></table>\n");
        wDumpContent(1);
 }
 
@@ -764,7 +758,7 @@ void display_reg(int during_login)
        Buf = NewStrBuf();
        memset(&Room, 0, sizeof(folder));
        if (goto_config_room(Buf, &Room) != 0) {
-               lprintf(9, "display_reg() exiting because goto_config_room() failed\n");
+               syslog(9, "display_reg() exiting because goto_config_room() failed\n");
                if (during_login) {
                        do_welcome();
                }
@@ -780,7 +774,7 @@ void display_reg(int during_login)
        FreeStrBuf(&Buf);
        vcard_msgnum = locate_user_vcard_in_this_room(&VCMsg, &VCAtt);
        if (vcard_msgnum < 0L) {
-               lprintf(9, "display_reg() exiting because locate_user_vcard_in_this_room() failed\n");
+               syslog(9, "display_reg() exiting because locate_user_vcard_in_this_room() failed\n");
                if (during_login) {
                        do_welcome();
                }
@@ -795,7 +789,7 @@ void display_reg(int during_login)
        }
        else {
                StrBuf *ReturnTo;
-               ReturnTo = NewStrBufPlain(HKEY("display_main_menu?gotofirst="));
+               ReturnTo = NewStrBufPlain(HKEY("display_main_menu?go="));
                StrBufAppendBuf(ReturnTo, WC->CurRoom.name, 0);
                do_edit_vcard(vcard_msgnum, "1", VCMsg, VCAtt, ChrPtr(ReturnTo), USERCONFIGROOM);
                FreeStrBuf(&ReturnTo);
@@ -827,7 +821,7 @@ void display_changepw(void)
 
        if (!IsEmptyStr(WC->ImportantMessage)) {
                wc_printf("<span class=\"errormsg\">"
-                       "%s</span><br />\n", WC->ImportantMessage);
+                       "%s</span><br>\n", WC->ImportantMessage);
                safestrncpy(WC->ImportantMessage, "", sizeof WC->ImportantMessage);
        }
 
@@ -942,14 +936,11 @@ int ConditionalIsLoggedIn(StrBuf *Target, WCTemplputParams *TP)
 {
        wcsession *WCC = WC;
        return (WCC != NULL)? (WCC->logged_in == 0) : 0;
-}
-
 
-void _display_openid_login(void) {
-       display_openid_login(NULL);
 }
 
 
+
 void _display_reg(void) {
        display_reg(0);
 }
@@ -966,7 +957,7 @@ void Header_HandleAuth(StrBuf *Line, ParsedHttpHdrs *hdr)
                        hdr->HR.got_auth = AUTH_BASIC;
                }
                else 
-                       lprintf(1, "Authentication scheme not supported! [%s]\n", ChrPtr(Line));
+                       syslog(1, "Authentication scheme not supported! [%s]\n", ChrPtr(Line));
        }
 }
 
@@ -981,7 +972,7 @@ void CheckAuthBasic(ParsedHttpHdrs *hdr)
        StrBufAppendBuf(hdr->HR.plainauth, hdr->HR.user_agent, 0);
        hdr->HR.SessionKey = hashlittle(SKEY(hdr->HR.plainauth), 89479832);
 /*
-       lprintf(1, "CheckAuthBasic: calculated sessionkey %ld\n", 
+       syslog(1, "CheckAuthBasic: calculated sessionkey %ld\n", 
                hdr->HR.SessionKey);
 */
 }
@@ -1060,24 +1051,29 @@ InitModule_AUTH
        RegisterHeaderHandler(HKEY("COOKIE"), Header_HandleCookie);
        RegisterHeaderHandler(HKEY("AUTHORIZATION"), Header_HandleAuth);
 
-       WebcitAddUrlHandler(HKEY(""), "", 0, do_welcome, ANONYMOUS|COOKIEUNNEEDED); /* no url pattern at all? Show login. */
+       /* no url pattern at all? Show login. */
+       WebcitAddUrlHandler(HKEY(""), "", 0, do_welcome, ANONYMOUS|COOKIEUNNEEDED);
+
+       /* some of these will be removed soon */
        WebcitAddUrlHandler(HKEY("do_welcome"), "", 0, do_welcome, ANONYMOUS|COOKIEUNNEEDED);
        WebcitAddUrlHandler(HKEY("login"), "", 0, do_login, ANONYMOUS|COOKIEUNNEEDED);
-       WebcitAddUrlHandler(HKEY("display_openid_login"), "", 0, _display_openid_login, ANONYMOUS);
        WebcitAddUrlHandler(HKEY("openid_login"), "", 0, do_openid_login, ANONYMOUS);
        WebcitAddUrlHandler(HKEY("finalize_openid_login"), "", 0, finalize_openid_login, ANONYMOUS);
        WebcitAddUrlHandler(HKEY("openid_manual_create"), "", 0, openid_manual_create, ANONYMOUS);
-       WebcitAddUrlHandler(HKEY("do_logout"), "", 0, do_logout, ANONYMOUS|COOKIEUNNEEDED|FORCE_SESSIONCLOSE);
        WebcitAddUrlHandler(HKEY("validate"), "", 0, validate, 0);
+       WebcitAddUrlHandler(HKEY("do_welcome"), "", 0, do_welcome, 0);
        WebcitAddUrlHandler(HKEY("display_reg"), "", 0, _display_reg, 0);
        WebcitAddUrlHandler(HKEY("display_changepw"), "", 0, display_changepw, 0);
        WebcitAddUrlHandler(HKEY("changepw"), "", 0, changepw, 0);
        WebcitAddUrlHandler(HKEY("termquit"), "", 0, do_logout, 0);
+       WebcitAddUrlHandler(HKEY("do_logout"), "", 0, do_logout, ANONYMOUS|COOKIEUNNEEDED|FORCE_SESSIONCLOSE);
+       WebcitAddUrlHandler(HKEY("ajax_login_username_password"), "", 0,
+               ajax_login_username_password, AJAX|ANONYMOUS);
 
        RegisterConditional(HKEY("COND:AIDE"), 2, ConditionalAide, CTX_NONE);
        RegisterConditional(HKEY("COND:LOGGEDIN"), 2, ConditionalIsLoggedIn, CTX_NONE);
        RegisterConditional(HKEY("COND:MAY_CREATE_ROOM"), 2,  ConditionalHaveAccessCreateRoom, CTX_NONE);
-       return ;
+       return;
 }
 
 
Citadel server, clients, utilities