Enter Login Information
% if ($err) {
%}
% if ($m->session->{_login_msg}) {
% }
- Sessions Last for <%$session_time%> minutes.
- Administrator: If you are having login problems (Appears to accept password but still sends you back to the
login page) see the comments in netdisco_apache.conf.
<%args>
$user => undef
$cmd => undef
$pw => undef
$done => undef
%args>
<%shared>
my $userip = $r->connection->client_ip;
%shared>
<%method login>
<%args>
$user => undef
$pw => undef
$how => 'login'
$done => undef
%args>
<%perl>
my $err = '';
my $useuserdb = 0;
$user = lc($user);
my $db_user = sql_hash('users',['*'],{'username' => $user});
if ($how eq 'login') {
unless (defined $db_user->{username}){
$err .= "User Not Found.\n";
}
if ($db_user->{ldap}) {
if (!user_ldap_verify($user,$pw)) {
$err .= "Bad Login.\n";
}
} else {
# User from local Database
my $md5_pw = Digest::MD5::md5_hex($pw);
unless ($err or $md5_pw eq $db_user->{password}){
$err .= "Bad Login.\n";
}
}
$useuserdb = 1;
} else {
unless ($db_user) {
# Synthesized user with no privileges.
$db_user->{username} = $user;
$db_user->{port_control} = 0;
$db_user->{admin} = 0;
}
}
if ($err) {
$m->session->{_logged_in} = 0;
# Log Failed Attempt
insert_or_update('user_log',{},
{'username'=>$user,'event'=>'login_failure',
'userip'=>$userip,'details'=>$err});
delete $m->session->{user};
delete $m->session->{user_port_ctl};
delete $m->session->{user_admin};
delete $m->session->{start};
delete $m->session->{useuserdb};
return $err;
} else {
$m->session->{_logged_in} = 1;
$m->session->{user} = $db_user->{username};
$m->session->{user_port_ctl} = $db_user->{port_control};
$m->session->{user_admin} = $db_user->{admin};
$m->session->{start} = time;
$m->session->{useuserdb} = $useuserdb;
$r->connection->user($db_user->{username});
# Update record
if ($useuserdb) {
insert_or_update('users',{'username' => $m->session->{user}},
{'last_on' => scalar(localtime)}
);
}
# Log Login
insert_or_update('user_log',{},
{'username'=>$m->session->{user},'event'=>$how,
'userip'=>$userip,'details'=>$done});
# Remove any login message
$m->session->{_login_msg} = undef;
# Redirect
if (defined $done and length($done)) {
$m->redirect("$done");
} else {
$m->redirect('.');
}
return undef;
}
%perl>
%method>
<%init>
my $err = '';
my $secure = &is_secure;
my $session_time = $netdisco::CONFIG{websession} || 60;
# Force us to login via HTTPS if configured
if (!$secure){
my $page = $r->uri;
my $args = $r->args;
my $url = url_secure($page);
HTML::Mason::Escapes::url_escape(\$args) if $args;
$url .= "?$args" if ($args);
$m->redirect($url);
}
if ($cmd eq 'login'){
$err = $m->comp('SELF:login', %ARGS);
}
%init>
<%method title>
- Login \
%method>
%# $Id$
%# vim:syntax=mason