[LON-CAPA-cvs] cvs: loncom /auth lonlogin.pm migrateuser.pm /lonnet/perl lonnet.pm

albertel lon-capa-cvs-allow@mail.lon-capa.org
Mon, 01 Oct 2007 21:52:57 -0000 

albertel		Mon Oct  1 17:52:57 2007 EDT

  Modified files:              
    /loncom/auth	migrateuser.pm lonlogin.pm 
    /loncom/lonnet/perl	lonnet.pm 
  Log:
  - common thorough validation of an existing user session 
  
  
Index: loncom/auth/migrateuser.pm
diff -u loncom/auth/migrateuser.pm:1.11 loncom/auth/migrateuser.pm:1.12
--- loncom/auth/migrateuser.pm:1.11	Fri Sep 28 22:09:50 2007
+++ loncom/auth/migrateuser.pm	Mon Oct  1 17:52:50 2007
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # Starts a user off based of an existing token.
 #
-# $Id: migrateuser.pm,v 1.11 2007/09/29 02:09:50 albertel Exp $
+# $Id: migrateuser.pm,v 1.12 2007/10/01 21:52:50 albertel Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -87,16 +87,8 @@
     my $extra_env = &sso_check(\%data);
 
     if (!$data{'role'}) {
-	# check for exisiting valid session 
-	my %cookies=CGI::Cookie->parse($r->header_in('Cookie'));
-	my $lonid=$cookies{'lonID'};
-	my $handle;
-	if ($lonid) {
-	    $handle=&LONCAPA::clean_handle($lonid->value);
-	}
-	if ($lonid 
-	    && -e $r->dir_config('lonIDsDir').'/'.$handle.'.id' 
-	    && $handle ne '') {
+	my $handle = &Apache::lonnet::check_for_valid_session($r);
+	if ($handle) {
 	    &Apache::lonnet::transfer_profile_to_env($r->dir_config('lonIDsDir'),
 						     $handle);
 	    if ($env{'request.course.id'}) {
Index: loncom/auth/lonlogin.pm
diff -u loncom/auth/lonlogin.pm:1.94 loncom/auth/lonlogin.pm:1.95
--- loncom/auth/lonlogin.pm:1.94	Thu Aug 30 18:07:45 2007
+++ loncom/auth/lonlogin.pm	Mon Oct  1 17:52:50 2007
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # Login Screen
 #
-# $Id: lonlogin.pm,v 1.94 2007/08/30 22:07:45 albertel Exp $
+# $Id: lonlogin.pm,v 1.95 2007/10/01 21:52:50 albertel Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -69,24 +69,17 @@
 
 
 # -------------------------------- Prevent users from attempting to login twice
-    my %cookies=CGI::Cookie->parse($r->header_in('Cookie'));
-    my $lonid=$cookies{'lonID'};
-    my $cookie;
-    if ($lonid) {
-	my $handle=&LONCAPA::clean_handle($lonid->value);
-        my $lonidsdir=$r->dir_config('lonIDsDir');
-	if (-e "$lonidsdir/$handle.id") {
-# Is there an existing token file?
-	    if ($handle=~/^publicuser\_/) {
+    my $handle = &Apache::lonnet::check_for_valid_session($r);
+    if ($handle=~/^publicuser\_/) {
 # For "public user" - remove it, we apparently really want to login
-		unlink("$lonidsdir/$handle.id");
-	    } elsif ($handle ne '') {
+	unlink($r->dir_config('lonIDsDir')."/$handle.id");
+    } elsif ($handle ne '') {
 # Indeed, a valid token is found
-		my $start_page = 
-		    &Apache::loncommon::start_page('Already logged in');
-		my $end_page = 
-		    &Apache::loncommon::end_page();
-		$r->print(<<ENDFAILED);
+	my $start_page = 
+	    &Apache::loncommon::start_page('Already logged in');
+	my $end_page = 
+	    &Apache::loncommon::end_page();
+	$r->print(<<ENDFAILED);
 $start_page
 <h1>You are already logged in</h1>
 <p>Please either <a href="/adm/roles">continue the current session</a> or
@@ -95,9 +88,7 @@
 <a href="/adm/loginproblems.html">Problems?</a></p>
 $end_page
 ENDFAILED
-                return OK;
- 	    }  
-	}
+        return OK;
     }
 
 # ---------------------------------------------------- No valid token, continue
Index: loncom/lonnet/perl/lonnet.pm
diff -u loncom/lonnet/perl/lonnet.pm:1.915 loncom/lonnet/perl/lonnet.pm:1.916
--- loncom/lonnet/perl/lonnet.pm:1.915	Mon Oct  1 17:06:04 2007
+++ loncom/lonnet/perl/lonnet.pm	Mon Oct  1 17:52:57 2007
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # TCP networking package
 #
-# $Id: lonnet.pm,v 1.915 2007/10/01 21:06:04 albertel Exp $
+# $Id: lonnet.pm,v 1.916 2007/10/01 21:52:57 albertel Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -397,6 +397,34 @@
     }
 }
 
+# ---------------------------------------------------- Check for valid session 
+sub check_for_valid_session {
+    my ($r) = @_;
+    my %cookies=CGI::Cookie->parse($r->header_in('Cookie'));
+    my $lonid=$cookies{'lonID'};
+    return undef if (!$lonid);
+
+    my $handle=&LONCAPA::clean_handle($lonid->value);
+    my $lonidsdir=$r->dir_config('lonIDsDir');
+    return undef if (!-e "$lonidsdir/$handle.id");
+
+    open(my $idf,'+<',"$lonidsdir/$handle.id");
+    return undef if (!$idf);
+
+    flock($idf,LOCK_SH);
+    my %disk_env;
+    if (!tie(%disk_env,'GDBM_File',"$lonidsdir/$handle.id",
+	    &GDBM_READER(),0640)) {
+	return undef;	
+    }
+
+    if (!defined($disk_env{'user.name'})
+	|| !defined($disk_env{'user.domain'})) {
+	return undef;
+    }
+    return $handle;
+}
+
 sub timed_flock {
     my ($file,$lock_type) = @_;
     my $failed=0;