[Koha-cvs] CVS: koha/C4 Auth.pm,1.3,1.4

Thu Jul 4 23:22:23 CEST 2002

Update of /cvsroot/koha/koha/C4
In directory usw-pr-cvs1:/tmp/cvs-serv22979

Modified Files:
	Auth.pm 
Log Message:
Checks for a basic authentication userid.  If found, it skips the cookie stuff.
Also now supports scripts that do not _require_ authentication, but might
display differently if they get an authenticated userid (might be useful for
opac pages, where pages could be tailored to meet a patron's preferences).


Index: Auth.pm
===================================================================
RCS file: /cvsroot/koha/koha/C4/Auth.pm,v
retrieving revision 1.3
retrieving revision 1.4
diff -C2 -r1.3 -r1.4
*** Auth.pm	4 Jul 2002 21:09:43 -0000	1.3
--- Auth.pm	4 Jul 2002 21:22:21 -0000	1.4
***************
*** 19,22 ****
--- 19,31 ----
  sub checkauth {
      my $query=shift;
+     # $authnotrequired will be set for scripts which will run without authentication
+     my $authnotrequired=shift;
+     if (my $userid=$ENV{'REMOTE_USERNAME'}) {
+ 	# Using Basic Authentication, no cookies required
+ 	my $cookie=$query->cookie(-name => 'sessionID',
+ 				  -value => '',
+ 				  -expires => '+1y');
+ 	return ($userid, $cookie, '');
+     }
      my $sessionID=$query->cookie('sessionID');
      my $message='';
***************
*** 55,89 ****
  
      warn "$sessionID wasn't in sessions table.";
!     
!     ($sessionID) || ($sessionID=int(rand()*100000).'-'.time());
!     my $userid=$query->param('userid');
!     my $password=$query->param('password');
!     if ($userid eq 'librarian' && $password eq 'koha') {
! 	my $sti=$dbh->prepare("insert into sessions (sessionID, userid, ip,lasttime) values (?, ?, ?, ?)");
! 	$sti->execute($sessionID, $userid, $ENV{'REMOTE_ADDR'}, time());
! 	open L, ">>/tmp/sessionlog";
! 	print L "$userid from ".$ENV{'REMOTE_ADDR'}." logged in at ".localtime(time()).".\n";
! 	close L;
! 	return ($userid, $sessionID, $sessionID);
!     } elsif ($userid eq 'patron' && $password eq 'koha') {
! 	my $sti=$dbh->prepare("insert into sessions (sessionID, userid, ip,lasttime) values (?, ?, ?, ?)");
! 	$sti->execute($sessionID, $userid, $ENV{'REMOTE_ADDR'}, time());
! 	open L, ">>/tmp/sessionlog";
! 	print L "$userid from ".$ENV{'REMOTE_ADDR'}." at ".localtime(time()).".\n";
! 	close L;
! 	return ($userid, $sessionID, $sessionID);
!     } else {
! 	if ($userid) {
! 	    $message="Invalid userid or password entered.";
! 	}
! 	my $parameters;
! 	foreach (param $query) {
! 	    $parameters->{$_}=$query->{$_};
! 	}
  	my $cookie=$query->cookie(-name => 'sessionID',
! 				  -value => $sessionID,
  				  -expires => '+1y');
! 	print $query->header(-cookie=>$cookie);
! 	print qq|
  <html>
  <body background=/images/kohaback.jpg>
--- 64,103 ----
  
      warn "$sessionID wasn't in sessions table.";
!     if ($authnotrequired) {
  	my $cookie=$query->cookie(-name => 'sessionID',
! 				  -value => '',
  				  -expires => '+1y');
! 	return('', $cookie, '');
!     } else {
! 	($sessionID) || ($sessionID=int(rand()*100000).'-'.time());
! 	my $userid=$query->param('userid');
! 	my $password=$query->param('password');
! 	if ($userid eq 'librarian' && $password eq 'koha') {
! 	    my $sti=$dbh->prepare("insert into sessions (sessionID, userid, ip,lasttime) values (?, ?, ?, ?)");
! 	    $sti->execute($sessionID, $userid, $ENV{'REMOTE_ADDR'}, time());
! 	    open L, ">>/tmp/sessionlog";
! 	    print L "$userid from ".$ENV{'REMOTE_ADDR'}." logged in at ".localtime(time()).".\n";
! 	    close L;
! 	    return ($userid, $sessionID, $sessionID);
! 	} elsif ($userid eq 'patron' && $password eq 'koha') {
! 	    my $sti=$dbh->prepare("insert into sessions (sessionID, userid, ip,lasttime) values (?, ?, ?, ?)");
! 	    $sti->execute($sessionID, $userid, $ENV{'REMOTE_ADDR'}, time());
! 	    open L, ">>/tmp/sessionlog";
! 	    print L "$userid from ".$ENV{'REMOTE_ADDR'}." at ".localtime(time()).".\n";
! 	    close L;
! 	    return ($userid, $sessionID, $sessionID);
! 	} else {
! 	    if ($userid) {
! 		$message="Invalid userid or password entered.";
! 	    }
! 	    my $parameters;
! 	    foreach (param $query) {
! 		$parameters->{$_}=$query->{$_};
! 	    }
! 	    my $cookie=$query->cookie(-name => 'sessionID',
! 				      -value => $sessionID,
! 				      -expires => '+1y');
! 	    print $query->header(-cookie=>$cookie);
! 	    print qq|
  <html>
  <body background=/images/kohaback.jpg>
***************
*** 101,105 ****
  </html>
  |;
! 	exit
      }
  }
--- 115,120 ----
  </html>
  |;
! 	    exit;
! 	}
      }
  }