[LON-CAPA-cvs] cvs: loncom /auth lonauth.pm

raeburn raeburn at source.lon-capa.org
Fri Mar 6 16:56:42 EST 2015 

raeburn		Fri Mar  6 21:56:42 2015 EDT

  Modified files:              
    /loncom/auth	lonauth.pm 
  Log:
  - Reinstate changes in 1.135 which were removed in 1.136  
  
  
Index: loncom/auth/lonauth.pm
diff -u loncom/auth/lonauth.pm:1.137 loncom/auth/lonauth.pm:1.138
--- loncom/auth/lonauth.pm:1.137	Mon Jan 26 22:11:52 2015
+++ loncom/auth/lonauth.pm	Fri Mar  6 21:56:41 2015
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # User Authentication Module
 #
-# $Id: lonauth.pm,v 1.137 2015/01/26 22:11:52 raeburn Exp $
+# $Id: lonauth.pm,v 1.138 2015/03/06 21:56:41 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -307,12 +307,6 @@
     my $tmpinfo=Apache::lonnet::reply('tmpget:'.$form{'logtoken'},
                                       $form{'serverid'});
 
-    my %sessiondata;
-    if ($form{'iptoken'}) {
-        %sessiondata = &Apache::lonnet::tmpget($form{'iptoken'});
-        my $delete = &Apache::lonnet::tmpdel($form{'iptoken'});
-    }
-
     if (($tmpinfo=~/^error/) || ($tmpinfo eq 'con_lost') || 
         ($tmpinfo eq 'no_such_host')) {
 	&failed($r,'Information needed to verify your login information is missing, inaccessible or expired.',\%form);
@@ -332,19 +326,25 @@
         return OK;
     }
 
-    my ($key,$firsturl,$rolestr,$symbstr)=split(/&/,$tmpinfo);
+    my ($key,$firsturl,$rolestr,$symbstr,$iptokenstr)=split(/&/,$tmpinfo);
     if ($rolestr) {
         $rolestr = &unescape($rolestr);
     }
     if ($symbstr) {
         $symbstr= &unescape($symbstr);
     }
+    if ($iptokenstr) {
+        $iptokenstr = &unescape($iptokenstr);
+    }
     if ($rolestr =~ /^role=/) {
         (undef,$form{'role'}) = split('=',$rolestr);
     }
     if ($symbstr =~ /^symb=/) { 
         (undef,$form{'symb'}) = split('=',$symbstr);
     }
+    if ($iptokenstr =~ /^iptoken=/) {
+        (undef,$form{'iptoken'}) = split('=',$iptokenstr);
+    }
 
     my $upass = $ENV{HTTPS} ? join("", @form{qw(upass0 upass1 upass2)}) 
         : decrypt($key, @form{qw(upass0 upass1 upass2)});
@@ -410,6 +410,8 @@
 
     my $hosthere;
     if ($form{'iptoken'}) {
+        my %sessiondata = &Apache::lonnet::tmpget($form{'iptoken'});
+        my $delete = &Apache::lonnet::tmpdel($form{'iptoken'});
         if (($sessiondata{'domain'} eq $form{'udom'}) &&
             ($sessiondata{'username'} eq $form{'uname'})) {
             $hosthere = 1;

More information about the LON-CAPA-cvs mailing list