[LON-CAPA-cvs] cvs: loncom /interface createaccount.pm
raeburn
lon-capa-cvs-allow@mail.lon-capa.org
Sat, 08 Mar 2008 04:17:12 -0000
This is a MIME encoded message
--raeburn1204949832
Content-Type: text/plain
raeburn Fri Mar 7 23:17:12 2008 EDT
Modified files:
/loncom/interface createaccount.pm
Log:
- user is automatically logged in after completing the account creation process
- if account creation occurred in the context of a request for self-enrollment, the course ID for the intended course is retained, the user proceeds to self-enrollment after auto log-in.
--raeburn1204949832
Content-Type: text/plain
Content-Disposition: attachment; filename="raeburn-20080307231712.txt"
Index: loncom/interface/createaccount.pm
diff -u loncom/interface/createaccount.pm:1.2 loncom/interface/createaccount.pm:1.3
--- loncom/interface/createaccount.pm:1.2 Fri Feb 29 16:01:36 2008
+++ loncom/interface/createaccount.pm Fri Mar 7 23:17:11 2008
@@ -3,7 +3,7 @@
# institutional log-in ID (institutional authentication required - localauth
# or kerberos) or an e-mail address.
#
-# $Id: createaccount.pm,v 1.2 2008/02/29 21:01:36 raeburn Exp $
+# $Id: createaccount.pm,v 1.3 2008/03/08 04:17:11 raeburn Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -36,11 +36,12 @@
use Apache::lonnet;
use Apache::loncommon;
use Apache::lonlocal;
+use Apache::lonauth;
use Apache::resetpw;
use Authen::Captcha;
use DynaLoader; # for Crypt::DES version
use Crypt::DES;
-use LONCAPA;
+use LONCAPA qw(:DEFAULT :match);
sub handler {
my $r = shift;
@@ -49,65 +50,140 @@
if ($r->header_only) {
return OK;
}
+
my $domain = &Apache::lonnet::default_login_domain();
my $domdesc = &Apache::lonnet::domain($domain,'description');
- my $start_page =
- &Apache::loncommon::start_page('Create a user account in LON-CAPA','',
- {
- 'no_inline_link' => 1,});
- $r->print($start_page);
- &Apache::lonhtmlcommon::clear_breadcrumbs();
- &Apache::lonhtmlcommon::add_breadcrumb
- ({href=>"/adm/createuser",
- text=>"New username"});
my $contact_name = &mt('LON-CAPA helpdesk');
my $contact_email = $r->dir_config('lonSupportEMail');
my $lonhost = $r->dir_config('lonHostID');
my $include = $r->dir_config('lonIncludes');
+
+ &Apache::loncommon::get_unprocessed_cgi($ENV{'QUERY_STRING'},['token','courseid']);
&Apache::lonacc::get_posted_cgi($r);
&Apache::lonlocal::get_language_handle($r);
- &Apache::loncommon::get_unprocessed_cgi($ENV{'QUERY_STRING'},['token']);
- my $token = $env{'form.token'};
- my $output;
+
+ my $handle = &Apache::lonnet::check_for_valid_session($r);
+ if ($handle ne '') {
+ my $start_page =
+ &Apache::loncommon::start_page('Already logged in');
+ my $end_page =
+ &Apache::loncommon::end_page();
+ $r->print($start_page."\n".'<h2>'.&mt('You are already logged in').'</h2>'.
+ '<p>'.&mt('Please either [_1]continue the current session[_2] or [_3]logout[_4].','<a href="/adm/roles">','</a>','<a href="/adm/logout">','</a>').
+ '</p><p><a href="/adm/loginproblems.html">'.&mt('Problems?').'</a></p>'.$end_page);
+ return OK;
+ }
+
my $cancreate;
my %domconfig = &Apache::lonnet::get_dom('configuration',['usercreation'],$domain);
if (ref($domconfig{'usercreation'}) eq 'HASH') {
- if (ref($domconfig{'usercreation'}{'cancreate'}) eq 'HASH') {
+ if (ref($domconfig{'usercreation'}{'cancreate'}) eq 'HASH') {
if ($domconfig{'usercreation'}{'cancreate'}{'selfcreate'} ne 'none') {
$cancreate = $domconfig{'usercreation'}{'cancreate'}{'selfcreate'};
}
}
}
- $r->print(&Apache::lonhtmlcommon::breadcrumbs('Create account'));
+
+ my $start_page =
+ &Apache::loncommon::start_page('Create a user account in LON-CAPA','',
+ {
+ 'no_inline_link' => 1,});
if (!$cancreate) {
- $output = &mt('Creation of a new user account using an e-mail address as username or a loginID from your institution is not permitted in the domain: [_1] ([_2])',$domain,$domdesc);
- } elsif ($token) {
- $output = &process_mailtoken($r,$token,$contact_name,$contact_email,$domain,
- $domdesc,$lonhost,$include);
- } elsif ($env{'form.create_with_email'}) {
+ &print_header($r,$start_page);
+ my $output = &mt('Creation of a new user account using an e-mail address as username or a loginID from your institution is not permitted in the domain: [_1] ([_2]).',$domain,$domdesc);
+ $r->print($output);
+ $r->print(&Apache::loncommon::end_page());
+ return OK;
+ }
+
+ my $token = $env{'form.token'};
+ my ($output,$nostart,$noend);
+ if ($token) {
+ ($output,$nostart,$noend) =
+ &process_mailtoken($r,$token,$contact_name,$contact_email,$domain,
+ $domain,$domdesc,$lonhost,$include,$start_page);
+ if ($nostart) {
+ if ($noend) {
+ return OK;
+ } else {
+ $r->print($output);
+ $r->print(&Apache::loncommon::end_page());
+ return OK;
+ }
+ } else {
+ &print_header($r,$start_page);
+ $r->print($output);
+ $r->print(&Apache::loncommon::end_page());
+ return OK;
+ }
+ }
+
+ my $courseid;
+ if (defined($env{'form.courseid'})) {
+ $courseid = &validate_course($env{'form.courseid'});
+ }
+
+ if ($env{'form.phase'} eq 'username_activation') {
+ (my $result,$output,$nostart) =
+ &username_activation($r,$env{'form.uname'},$domain,$domdesc,
+ $lonhost,$courseid);
+ if ($result eq 'ok') {
+ if ($nostart) {
+ return OK;
+ }
+ }
+ &print_header($r,$start_page);
+ $r->print($output);
+ $r->print(&Apache::loncommon::end_page());
+ return OK;
+ }
+
+ &print_header($r,$start_page);
+ if ($env{'form.create_with_email'}) {
$output = &process_email_request($env{'form.useremail'},$domain,$domdesc,
$contact_name,$contact_email,$cancreate,
- $lonhost,$domconfig{'usercreation'});
+ $lonhost,$domconfig{'usercreation'},
+ $courseid);
} elsif ($env{'form.phase'} eq 'username_validation') {
$output = &username_validation($env{'form.uname'},$domain,$domdesc,
- $contact_name,$contact_email);
- } elsif ($env{'form.phase'} eq 'username_activation') {
- (my $result,$output) = &username_activation($env{'form.uname'},
- $domain,$domdesc);
- } else {
+ $contact_name,$contact_email,$courseid);
+ } elsif (!$token) {
my $now=time;
if ($cancreate eq 'any' || $cancreate eq 'login') {
my $jsh=Apache::File->new($include."/londes.js");
$r->print(<$jsh>);
$r->print(&javascript_setforms($now));
}
- $output = &print_username_form($domain,$domdesc,$cancreate,$now,$lonhost);
+ $output = &print_username_form($domain,$domdesc,$cancreate,$now,$lonhost,
+ $courseid);
}
$r->print($output);
$r->print(&Apache::loncommon::end_page());
return OK;
}
+sub print_header {
+ my ($r,$start_page) = @_;
+ $r->print($start_page);
+ &Apache::lonhtmlcommon::clear_breadcrumbs();
+ &Apache::lonhtmlcommon::add_breadcrumb
+ ({href=>"/adm/createuser",
+ text=>"New username"});
+ $r->print(&Apache::lonhtmlcommon::breadcrumbs('Create account'));
+ return;
+}
+
+sub validate_course {
+ my ($courseid) = @_;
+ my ($cdom,$cnum) = ($courseid =~ /^($match_domain)_($match_courseid)$/);
+ if (($cdom ne '') && ($cnum ne '')) {
+ if (&Apache::lonnet::is_course($cdom,$cnum)) {
+ return ($courseid);
+ }
+ }
+ return;
+}
+
sub javascript_setforms {
my ($now) = @_;
my $js = <<ENDSCRIPT;
@@ -161,7 +237,7 @@
}
sub print_username_form {
- my ($domain,$domdesc,$cancreate,$now,$lonhost) = @_;
+ my ($domain,$domdesc,$cancreate,$now,$lonhost,$courseid) = @_;
my %lt = &Apache::lonlocal::texthash(
unam => 'username',
udom => 'domain',
@@ -177,11 +253,11 @@
my ($lextkey,$uextkey) = &getkeys($lkey,$ukey);
my $logtoken=Apache::lonnet::reply('tmpput:'.$ukey.$lkey.'&createaccount',
$lonhost);
- $output .= &serverform($logtoken,$lonhost);
+ $output .= &serverform($logtoken,$lonhost,undef,$courseid);
my $unameform = '<input type="text" name="uname" size="10" value="" />';
my $upassform = '<input type="password" name="upass'.$now.'" size="10" />';
my $submit_text = &mt('Create LON-CAPA account');
- $output .= '<form name="client" method="post" />'."\n".
+ $output .= '<form name="client" method="post" action="/adm/createaccount">'."\n".
&Apache::lonhtmlcommon::start_pick_box()."\n".
&Apache::lonhtmlcommon::row_title(&mt('Log-in ID'),
'LC_pick_box_title')."\n".
@@ -209,7 +285,7 @@
my $emailform = '<input type="text" name="useremail" size="25" value="" />';
my $captchaform = &create_captcha();
my $submit_text = &mt('Request LON-CAPA account');
- $output .= '<form name="createaccount" method="post" onsubmit="validate_email();" >'.
+ $output .= '<form name="createaccount" method="post" onsubmit="validate_email();" action="/adm/createaccount">'.
&Apache::lonhtmlcommon::start_pick_box()."\n".
&Apache::lonhtmlcommon::row_title(&mt('E-mail address'),
'LC_pick_box_title')."\n".
@@ -217,8 +293,11 @@
&Apache::lonhtmlcommon::row_closure(1).
&Apache::lonhtmlcommon::row_title(&mt('Validation'),
'LC_pick_box_title')."\n".
- $captchaform."\n".'<br /><br />'.
- '<input type="submit" name="create_with_email" value="'.
+ $captchaform."\n".'<br /><br />';
+ if ($courseid ne '') {
+ $output .= '<input type="hidden" name="courseid" value="'.$courseid.'"/>'."\n";
+ }
+ $output .= '<input type="submit" name="create_with_email" value="'.
$submit_text.'" />'.
&Apache::lonhtmlcommon::row_closure(1).
&Apache::lonhtmlcommon::end_pick_box().'<br /><br /></form>'.
@@ -234,7 +313,7 @@
sub process_email_request {
my ($useremail,$domain,$domdesc,$contact_name,$contact_email,$cancreate,
- $server,$settings) = @_;
+ $server,$settings,$courseid) = @_;
my $useremail = $env{'form.useremail'};
my $output;
if ($cancreate ne 'any' && $cancreate ne 'email') {
@@ -301,18 +380,19 @@
}
}
$output = &send_token($domain,$useremail,$server,$domdesc,$contact_name,
- $contact_email);
+ $contact_email,$courseid);
return $output;
}
sub send_token {
- my ($domain,$email,$server,$domdesc,$contact_name,$contact_email) = @_;
+ my ($domain,$email,$server,$domdesc,$contact_name,$contact_email,$courseid) = @_;
my $msg = &mt('Thank you for your request to create a new LON-CAPA account.').'<br /><br />';
my $now = time;
my %info = ('ip' => $ENV{'REMOTE_ADDR'},
'time' => $now,
'domain' => $domain,
- 'username' => $email);
+ 'username' => $email,
+ 'courseid' => $courseid);
my $token = &Apache::lonnet::tmpput(\%info,$server);
if ($token !~ /^error/ && $token ne 'no_such_host') {
my $esc_token = &escape($token);
@@ -333,8 +413,9 @@
}
sub process_mailtoken {
- my ($r,$token,$contact_name,$contact_email,$domain,$domdesc,$lonhost,$include) = @_;
- my $msg;
+ my ($r,$token,$contact_name,$contact_email,$domain,$domdesc,$lonhost,
+ $include,$start_page) = @_;
+ my ($msg,$nostart,$noend);
my %data = &Apache::lonnet::tmpget($token);
my $now = time;
if (keys(%data) == 0) {
@@ -347,11 +428,10 @@
my $reqtime = localtime($data{'time'});
if ($now - $data{'time'} < 7200) {
if ($env{'form.phase'} eq 'createaccount') {
- my ($result,$output) = &create_account($r,$domain,$lonhost,$token,
+ my ($result,$output) = &create_account($r,$domain,$lonhost,
$data{'username'},$domdesc);
if ($result eq 'ok') {
$msg = $output;
- my $delete = &Apache::lonnet::tmpdel($token);
my $now = localtime(time);
my $mailmsg = &mt('A LON-CAPA account in the [_1] domain has been created [_2] from IP address: [_3]. If you did not perform this action or authorize it, please contact the [_4] ([_5]).',$domdesc,$now,$ENV{'REMOTE_ADDR'},$contact_name,$contact_email)."\n";
my $mailresult = &Apache::resetpw::send_mail($domdesc,$data{'email'},
@@ -362,14 +442,19 @@
} else {
$msg .= &mt('An error occurred when sending e-mail to [_1] confirming creation of your LON-CAPA account.',$data{'username'});
}
- $msg .= '<br /><br />'.&mt('<a href="/adm/login">Go to the login page</a>.');
+ my %form = &start_session($r,$data{'username'},$domain,
+ $lonhost,$data{'courseid'},
+ $token);
+ $nostart = 1;
+ $noend = 1;
} else {
$msg .= &mt('A problem occurred when attempting to create your new LON-CAPA account').'<br />'.$output.&mt('Please contact the [_1] - (<a href="mailto:[_2]">[_2]</a>) for assistance.',$contact_name,$contact_email);
}
+ my $delete = &Apache::lonnet::tmpdel($token);
} else {
- $r->print(&mt('Please provide user information and a password for your new account.').'<br />'.&mt('Your password, which must contain at least seven characters, will be sent to the LON-CAPA server in an encrypted form.').'<br />');
- &print_dataentry_form($r,$domain,$lonhost,$include,$token,$now,$data{'username'});
-
+ $msg .= &mt('Please provide user information and a password for your new account.').'<br />'.&mt('Your password, which must contain at least seven characters, will be sent to the LON-CAPA server in an encrypted form.').'<br />';
+ $msg .= &print_dataentry_form($r,$domain,$lonhost,$include,$token,$now,$data{'username'},$start_page);
+ $nostart = 1;
}
} else {
$msg = &mt('Sorry, the token generated when you requested creation of an account has expired. Please submit a <a href="/adm/createaccount">new request</a>, and follow the link to the web page included in the new e-mail that will be sent to you, to allow you to create the account.');
@@ -377,18 +462,46 @@
} else {
$msg .= &mt('Sorry, the URL generated when you requested creation of an accountcontained incomplete information. Please submit a <a href="/adm/createaccount">new request</a> for creation of an account, and use the new URL that will be sent to your e-mail address to complete the process.');
}
- return $msg;
+ return ($msg,$nostart,$noend);
+}
+
+sub start_session {
+ my ($r,$username,$domain,$lonhost,$courseid,$token) = @_;
+ my %form = (
+ uname => $username,
+ udom => $domain,
+ );
+ my $firsturl = '/adm/roles';
+ if (defined($courseid)) {
+ $courseid = &validate_course($courseid);
+ if ($courseid ne '') {
+ $form{'courseid'} = $courseid;
+ $firsturl = '/adm/selfenroll?cid='.$courseid;
+ }
+ }
+ if ($r->dir_config('lonBalancer') eq 'yes') {
+ &Apache::lonauth::success($r,$form{'uname'},$form{'udom'},
+ $lonhost,'noredirect',undef,\%form);
+ my $delete = &Apache::lonnet::tmpdel($token);
+ $r->internal_redirect('/adm/switchserver');
+ } else {
+ &Apache::lonauth::success($r,$form{'uname'},$form{'udom'},
+ $lonhost,$firsturl,undef,\%form);
+ }
+ return %form;
}
+
sub print_dataentry_form {
- my ($r,$domain,$lonhost,$include,$mailtoken,$now,$username) = @_;
+ my ($r,$domain,$lonhost,$include,$mailtoken,$now,$username,$start_page) = @_;
my ($error,$output);
+ &print_header($r,$start_page);
if (open(my $jsh,"<$include/londes.js")) {
while(my $line = <$jsh>) {
$r->print($line);
}
close($jsh);
- $r->print(&javascript_setforms($now)."\n".&javascript_checkpass($now));
+ $output .= &javascript_setforms($now)."\n".&javascript_checkpass($now);
my ($lkey,$ukey) = &Apache::lonpreferences::des_keys();
my ($lextkey,$uextkey) = &getkeys($lkey,$ukey);
my $logtoken=Apache::lonnet::reply('tmpput:'.$ukey.$lkey.'&createaccount',
@@ -413,8 +526,8 @@
id => '15',
);
my $genhelp=&Apache::loncommon::help_open_topic('Generation');
- $output = '<div class="LC_left_float"><h3>'.$lt{'pd'}.'</h3>'.
- '<form name="server" method="post" target="_top">'.
+ $output .= '<div class="LC_left_float"><h3>'.$lt{'pd'}.'</h3>'.
+ '<form name="server" method="post" target="_top" action="/adm/createaccount">'.
&Apache::lonhtmlcommon::start_pick_box();
foreach my $item (@userinfo) {
my $rowtitle = $lt{$item};
@@ -466,16 +579,14 @@
'<form name="buttonform">'."\n".
'<input type="button" name="createaccount" value="'.
$submit_text.'" onclick="javascript:checkpass();" /></form></div>';
- $r->print($output);
} else {
- $error = &mt('Could not load javascript file [_1]','londes.js');
- $r->print($error);
+ $output = &mt('Could not load javascript file [_1]','londes.js');
}
- return;
+ return $output;
}
sub create_account {
- my ($r,$domain,$lonhost,$logtoken,$username,$domdesc) = @_;
+ my ($r,$domain,$lonhost,$username,$domdesc) = @_;
my ($retrieved,$output,$upass) = &process_credentials($env{'form.logtoken'},
$env{'form.serverid'});
# Error messages
@@ -510,7 +621,7 @@
}
sub username_validation {
- my ($username,$domain,$domdesc,$contact_name,$contact_email) = @_;
+ my ($username,$domain,$domdesc,$contact_name,$contact_email,$courseid) = @_;
my ($retrieved,$output,$upass);
$username= &LONCAPA::clean_username($username);
@@ -560,14 +671,18 @@
}
}
my $submit_text = &mt('Create LON-CAPA account');
+ # FIXME need a cookie to confirm credentials were validated.
$output =
- '<form method="post">'.
+ '<form method="post" action="/adm/createaccount">'.
&Apache::loncreateuser::personal_data_display($username,$domain,1,
undef,$inst_results{$username.':'.$domain}).
'<br /><br /><input type="hidden" name="uname" value="'.$username.'" />'.
- '<input type="hidden" name="phase" value="username_activation" />'.
- '<input type="submit" name="newaccount" value="'.
- $submit_text.'" /></form>';
+ '<input type="hidden" name="phase" value="username_activation" />';
+ if ($courseid ne '') {
+ $output .= '<input type="hidden" name="courseid" value="'.$courseid.'" />';
+ }
+ $output .= '<input type="submit" name="newaccount" value="'.
+ $submit_text.'" /></form>';
} else {
$output = &mt('Not authenticated').' '.&mt('Please check the username and password');
}
@@ -576,7 +691,7 @@
}
sub username_activation {
- my ($username,$domain,$domdesc) = @_;
+ my ($r,$username,$domain,$domdesc,$lonhost,$courseid) = @_;
my $output;
my $error = '<span class="LC_error">'.&mt('Error').': ';
my $end = '</span><br /><br />';
@@ -584,7 +699,9 @@
&mt('Return to previous page').'</a>'.
&Apache::loncommon::end_page();
my %domdefaults = &Apache::lonnet::get_domain_defaults($domain);
- if ((($domdefaults{'auth_def'} =~/^krb(4|5)$/) && ($domdefaults{'auth_arg_def'} ne '')) || ($domdefaults{'auth_def'} eq 'localauth')) {
+ if ((($domdefaults{'auth_def'} =~/^krb(4|5)$/) &&
+ ($domdefaults{'auth_arg_def'} ne '')) ||
+ ($domdefaults{'auth_def'} eq 'localauth')) {
if ($env{'form.cid'} ne '') {
my ($result,$userchkmsg) = &check_id($username,$domain,$domdesc);
if ($result eq 'fail') {
@@ -601,11 +718,15 @@
$env{'form.cmiddlename'},$env{'form.clastname'},
$env{'form.cgeneration'},undef,undef,
$env{'form.cpermanentemail'});
- $output = &mt('Generating user').': '.$result;
- my $uhome = &Apache::lonnet::homeserver($username,$domain);
- $output .= '<br />'.&mt('Home server').': '.$uhome.' '.
- &Apache::lonnet::hostname($uhome).'<br /><br />';
- return ('ok',$output);
+ if ($result eq 'ok') {
+ $output = &mt('A LON-CAPA account has been created for username: [_1] in domain: [_2].',$username,$domain);
+ my %form = &start_session($r,$username,$domain,$lonhost,$courseid);
+ my $nostart = 1;
+ return ('ok',$output,$nostart);
+ } else {
+ $output = &mt('Account creation failed for username: [_1] in domain: [_2].',$username,$domain).'<br /><span class="LC_error">'.&mt('Error: [_1]',$result).'</span>';
+ return ('fail',$output);
+ }
} else {
$output = &mt("User account creation is not available for the current default authentication type.\n");
return('fail',$output);
@@ -705,7 +826,7 @@
}
sub serverform {
- my ($logtoken,$lonhost,$mailtoken) = @_;
+ my ($logtoken,$lonhost,$mailtoken,$courseid) = @_;
my $output .= <<ENDSERVERFORM;
<form name="server" method="post" target="_top">
<input type="hidden" name="logtoken" value="$logtoken" />
@@ -714,6 +835,7 @@
<input type="hidden" name="uname" value="" />
<input type="hidden" name="upass" value="" />
<input type="hidden" name="phase" value="username_validation" />
+ <input type="hidden" name="courseid" value="$courseid" />
</form>
ENDSERVERFORM
return $output;
--raeburn1204949832--