[LON-CAPA-cvs] cvs: loncom /auth lonauth.pm lonlogin.pm
www
lon-capa-cvs@mail.lon-capa.org
Wed, 12 Nov 2003 16:55:40 -0000
www Wed Nov 12 11:55:40 2003 EDT
Modified files:
/loncom/auth lonauth.pm lonlogin.pm
Log:
Bug #2357: Multiple logins from same host detected, even for round-robin IP
(because for example s2.lite.msu.edu-cookie does not get sent to
msu.lon-capa.org/adm/login).
Bug #2060: IE does not update URL field, points to
/adm/remote?action=collapse on re-login.
Index: loncom/auth/lonauth.pm
diff -u loncom/auth/lonauth.pm:1.58 loncom/auth/lonauth.pm:1.59
--- loncom/auth/lonauth.pm:1.58 Wed Oct 29 19:54:57 2003
+++ loncom/auth/lonauth.pm Wed Nov 12 11:55:40 2003
@@ -1,7 +1,7 @@
# The LearningOnline Network
# User Authentication Module
#
-# $Id: lonauth.pm,v 1.58 2003/10/30 00:54:57 www Exp $
+# $Id: lonauth.pm,v 1.59 2003/11/12 16:55:40 www Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -277,6 +277,43 @@
&Apache::lonlocal::get_language_handle($r);
+# -------------------------------- Prevent users from attempting to login twice
+ my %cookies=CGI::Cookie->parse($r->header_in('Cookie'));
+ my $lonid=$cookies{'lonID'};
+ my $cookie;
+ if ($lonid) {
+ my $handle=$lonid->value;
+ $handle=~s/\W//g;
+ my $lonidsdir=$r->dir_config('lonIDsDir');
+ if ((-e "$lonidsdir/$handle.id") && ($handle ne '')) {
+# Indeed, a valid token is found
+ $r->send_cgi_header(<<ENDFHEADER);
+Content-type: text/html
+
+ENDFHEADER
+ my $bodytag=&Apache::loncommon::bodytag('Already logged in');
+ $r->print(<<ENDFAILED);
+<html>
+<head>
+<title>Already logged in</title>
+</head>
+<html>
+$bodytag
+<h1>You are already logged in</h1>
+<p>Please either <a href="/adm/roles">continue the current session</a> or
+<a href="/adm/logout">logout</a>.</p>
+<p>
+<a href="/adm/loginproblems.html">Problems?</a></p>
+</body>
+</html>
+ENDFAILED
+ return OK;
+ }
+ }
+
+# ---------------------------------------------------- No valid token, continue
+
+
my $buffer;
$r->read($buffer,$r->header_in('Content-length'),0);
my @pairs=split(/&/,$buffer);
@@ -347,7 +384,8 @@
return OK;
}
- if (($firsturl eq '') || ($firsturl eq '/adm/logout')) {
+ if (($firsturl eq '') ||
+ ($firsturl=~/^\/adm\/(logout|remote)/)) {
$firsturl='/adm/roles';
}
Index: loncom/auth/lonlogin.pm
diff -u loncom/auth/lonlogin.pm:1.54 loncom/auth/lonlogin.pm:1.55
--- loncom/auth/lonlogin.pm:1.54 Sun Sep 21 16:06:36 2003
+++ loncom/auth/lonlogin.pm Wed Nov 12 11:55:40 2003
@@ -1,7 +1,7 @@
# The LearningOnline Network
# Login Screen
#
-# $Id: lonlogin.pm,v 1.54 2003/09/21 20:06:36 www Exp $
+# $Id: lonlogin.pm,v 1.55 2003/11/12 16:55:40 www Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -25,18 +25,12 @@
#
# http://www.lon-capa.org/
#
-# 5/21/99,5/22,5/25,5/26,5/31,6/2,6/10,7/12,7/14,
-# 1/14/00,5/29,5/30,6/1,6/29,7/1,11/9,
-# 1/17/01 Gerd Kortemeyer
-#
-# 2/7/02,2/8,2/12,2/14,2/15,2/19 Josh Brunskole
-#
-# 7/10/02 Jeremy Bowers
package Apache::lonlogin;
use strict;
use Apache::Constants qw(:common);
+use CGI::Cookie();
use Apache::File ();
use Apache::lonnet();
use Apache::loncommon();
@@ -57,6 +51,38 @@
&Apache::lonauth::reroute($r);
return OK;
}
+
+# -------------------------------- Prevent users from attempting to login twice
+ my %cookies=CGI::Cookie->parse($r->header_in('Cookie'));
+ my $lonid=$cookies{'lonID'};
+ my $cookie;
+ if ($lonid) {
+ my $handle=$lonid->value;
+ $handle=~s/\W//g;
+ my $lonidsdir=$r->dir_config('lonIDsDir');
+ if ((-e "$lonidsdir/$handle.id") && ($handle ne '')) {
+# Indeed, a valid token is found
+ my $bodytag=&Apache::loncommon::bodytag('Already logged in');
+ $r->print(<<ENDFAILED);
+<html>
+<head>
+<title>Already logged in</title>
+</head>
+<html>
+$bodytag
+<h1>You are already logged in</h1>
+<p>Please either <a href="/adm/roles">continue the current session</a> or
+<a href="/adm/logout">logout</a>.</p>
+<p>
+<a href="/adm/loginproblems.html">Problems?</a></p>
+</body>
+</html>
+ENDFAILED
+ return OK;
+ }
+ }
+
+# ---------------------------------------------------- No valid token, continue
&Apache::loncommon::get_unprocessed_cgi
($ENV{'QUERY_STRING'}.'&'.$ENV{'request.querystring'},