some cleaning in Auth
Signed-off-by: Chris Cormack <crc@liblime.com>
This commit is contained in:
Paul POULAIN
Chris Cormack
parent
8aa112477c
commit
bb12924c1b
3 changed files with 49 additions and 38 deletions
75
C4/Auth.pm
75
C4/Auth.pm
|
|
@ -32,6 +32,7 @@ use C4::Members;
|
||||||
use C4::Koha;
|
use C4::Koha;
|
||||||
use C4::Branch; # GetBranches
|
use C4::Branch; # GetBranches
|
||||||
|
|
||||||
|
# use utf8;
|
||||||
# use Net::LDAP;
|
# use Net::LDAP;
|
||||||
# use Net::LDAP qw(:all);
|
# use Net::LDAP qw(:all);
|
||||||
|
|
||||||
|
|
@ -58,10 +59,10 @@ C4::Auth - Authenticates Koha users
|
||||||
{
|
{
|
||||||
template_name => "opac-main.tmpl",
|
template_name => "opac-main.tmpl",
|
||||||
query => $query,
|
query => $query,
|
||||||
type => "opac",
|
type => "opac",
|
||||||
authnotrequired => 1,
|
authnotrequired => 1,
|
||||||
flagsrequired => {borrow => 1},
|
flagsrequired => {borrow => 1},
|
||||||
}
|
}
|
||||||
);
|
);
|
||||||
|
|
||||||
print $query->header(
|
print $query->header(
|
||||||
|
|
@ -96,10 +97,10 @@ C4::Auth - Authenticates Koha users
|
||||||
{
|
{
|
||||||
template_name => "opac-main.tmpl",
|
template_name => "opac-main.tmpl",
|
||||||
query => $query,
|
query => $query,
|
||||||
type => "opac",
|
type => "opac",
|
||||||
authnotrequired => 1,
|
authnotrequired => 1,
|
||||||
flagsrequired => {borrow => 1},
|
flagsrequired => {borrow => 1},
|
||||||
}
|
}
|
||||||
);
|
);
|
||||||
|
|
||||||
This call passes the C<query>, C<flagsrequired> and C<authnotrequired>
|
This call passes the C<query>, C<flagsrequired> and C<authnotrequired>
|
||||||
|
|
@ -244,6 +245,8 @@ sub get_template_and_user {
|
||||||
LibraryName => C4::Context->preference("LibraryName"),
|
LibraryName => C4::Context->preference("LibraryName"),
|
||||||
LoginBranchcode => (C4::Context->userenv?C4::Context->userenv->{"branch"}:"insecure"),
|
LoginBranchcode => (C4::Context->userenv?C4::Context->userenv->{"branch"}:"insecure"),
|
||||||
LoginBranchname => (C4::Context->userenv?C4::Context->userenv->{"branchname"}:"insecure"),
|
LoginBranchname => (C4::Context->userenv?C4::Context->userenv->{"branchname"}:"insecure"),
|
||||||
|
LoginFirstname => (C4::Context->userenv?C4::Context->userenv->{"firstname"}:"Bel"),
|
||||||
|
LoginSurname => C4::Context->userenv?C4::Context->userenv->{"surname"}:"Inconnu",
|
||||||
AutoLocation => C4::Context->preference("AutoLocation"),
|
AutoLocation => C4::Context->preference("AutoLocation"),
|
||||||
hide_marc => C4::Context->preference("hide_marc"),
|
hide_marc => C4::Context->preference("hide_marc"),
|
||||||
patronimages => C4::Context->preference("patronimages"),
|
patronimages => C4::Context->preference("patronimages"),
|
||||||
|
|
@ -262,7 +265,7 @@ sub get_template_and_user {
|
||||||
my $LibraryNameTitle = C4::Context->preference("LibraryName");
|
my $LibraryNameTitle = C4::Context->preference("LibraryName");
|
||||||
$LibraryNameTitle =~ s/<(?:\/?)(?:br|p)\s*(?:\/?)>/ /sgi;
|
$LibraryNameTitle =~ s/<(?:\/?)(?:br|p)\s*(?:\/?)>/ /sgi;
|
||||||
$LibraryNameTitle =~ s/<(?:[^<>'"]|'(?:[^']*)'|"(?:[^"]*)")*>//sg;
|
$LibraryNameTitle =~ s/<(?:[^<>'"]|'(?:[^']*)'|"(?:[^"]*)")*>//sg;
|
||||||
$template->param(
|
$template->param(
|
||||||
KohaAdminEmailAddress => "" . C4::Context->preference("KohaAdminEmailAddress"),
|
KohaAdminEmailAddress => "" . C4::Context->preference("KohaAdminEmailAddress"),
|
||||||
suggestion => "" . C4::Context->preference("suggestion"),
|
suggestion => "" . C4::Context->preference("suggestion"),
|
||||||
virtualshelves => "" . C4::Context->preference("virtualshelves"),
|
virtualshelves => "" . C4::Context->preference("virtualshelves"),
|
||||||
|
|
@ -282,6 +285,8 @@ sub get_template_and_user {
|
||||||
LibraryNameTitle => "" . $LibraryNameTitle,
|
LibraryNameTitle => "" . $LibraryNameTitle,
|
||||||
LoginBranchcode => (C4::Context->userenv?C4::Context->userenv->{"branch"}:"insecure"),
|
LoginBranchcode => (C4::Context->userenv?C4::Context->userenv->{"branch"}:"insecure"),
|
||||||
LoginBranchname => C4::Context->userenv?C4::Context->userenv->{"branchname"}:"",
|
LoginBranchname => C4::Context->userenv?C4::Context->userenv->{"branchname"}:"",
|
||||||
|
LoginFirstname => (C4::Context->userenv?C4::Context->userenv->{"firstname"}:"Bel"),
|
||||||
|
LoginSurname => C4::Context->userenv?C4::Context->userenv->{"surname"}:"Inconnu",
|
||||||
OpacPasswordChange => C4::Context->preference("OpacPasswordChange"),
|
OpacPasswordChange => C4::Context->preference("OpacPasswordChange"),
|
||||||
opacreadinghistory => C4::Context->preference("opacreadinghistory"),
|
opacreadinghistory => C4::Context->preference("opacreadinghistory"),
|
||||||
opacuserjs => C4::Context->preference("opacuserjs"),
|
opacuserjs => C4::Context->preference("opacuserjs"),
|
||||||
|
|
@ -359,7 +364,7 @@ has authenticated.
|
||||||
|
|
||||||
sub checkauth {
|
sub checkauth {
|
||||||
my $query = shift;
|
my $query = shift;
|
||||||
# warn "Checking Auth";
|
# warn "Checking Auth";
|
||||||
# $authnotrequired will be set for scripts which will run without authentication
|
# $authnotrequired will be set for scripts which will run without authentication
|
||||||
my $authnotrequired = shift;
|
my $authnotrequired = shift;
|
||||||
my $flagsrequired = shift;
|
my $flagsrequired = shift;
|
||||||
|
|
@ -385,7 +390,8 @@ sub checkauth {
|
||||||
$loggedin = 1;
|
$loggedin = 1;
|
||||||
}
|
}
|
||||||
elsif ( $sessionID = $query->cookie("CGISESSID")) {
|
elsif ( $sessionID = $query->cookie("CGISESSID")) {
|
||||||
my $session = new CGI::Session("driver:MySQL", $sessionID, {Handle=>$dbh});
|
# my $session = new CGI::Session("driver:MySQL", $sessionID, {Handle=>$dbh});
|
||||||
|
my $session = new CGI::Session("driver:File", $sessionID, {Directory=>'/tmp'});
|
||||||
C4::Context->_new_userenv($sessionID);
|
C4::Context->_new_userenv($sessionID);
|
||||||
if ($session){
|
if ($session){
|
||||||
C4::Context::set_userenv(
|
C4::Context::set_userenv(
|
||||||
|
|
@ -395,20 +401,23 @@ sub checkauth {
|
||||||
$session->param('branchname'), $session->param('flags'),
|
$session->param('branchname'), $session->param('flags'),
|
||||||
$session->param('emailaddress'), $session->param('branchprinter')
|
$session->param('emailaddress'), $session->param('branchprinter')
|
||||||
);
|
);
|
||||||
|
warn "".$session->param('cardnumber').", ".$session->param('firstname').",
|
||||||
|
".$session->param('surname').", ".$session->param('branch');
|
||||||
}
|
}
|
||||||
my $ip;
|
my $ip;
|
||||||
my $lasttime;
|
my $lasttime;
|
||||||
if ($session) {
|
if ($session) {
|
||||||
$ip = $session->param('ip');
|
$ip = $session->param('ip');
|
||||||
$lasttime = $session->param('lasttime');
|
$lasttime = $session->param('lasttime');
|
||||||
$userid = $session->param('id');
|
$userid = $session->param('id');
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
if ($logout) {
|
if ($logout) {
|
||||||
|
|
||||||
# voluntary logout the user
|
# voluntary logout the user
|
||||||
$session->delete;
|
# $session->delete;
|
||||||
|
$session->flush;
|
||||||
C4::Context->_unset_userenv($sessionID);
|
C4::Context->_unset_userenv($sessionID);
|
||||||
$sessionID = undef;
|
$sessionID = undef;
|
||||||
$userid = undef;
|
$userid = undef;
|
||||||
|
|
@ -437,7 +446,7 @@ sub checkauth {
|
||||||
$info{'oldip'} = $ip;
|
$info{'oldip'} = $ip;
|
||||||
$info{'newip'} = $ENV{'REMOTE_ADDR'};
|
$info{'newip'} = $ENV{'REMOTE_ADDR'};
|
||||||
$info{'different_ip'} = 1;
|
$info{'different_ip'} = 1;
|
||||||
$session->delete();
|
$session->delete();
|
||||||
C4::Context->_unset_userenv($sessionID);
|
C4::Context->_unset_userenv($sessionID);
|
||||||
$sessionID = undef;
|
$sessionID = undef;
|
||||||
$userid = undef;
|
$userid = undef;
|
||||||
|
|
@ -462,11 +471,12 @@ sub checkauth {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
unless ($userid) {
|
unless ($userid) {
|
||||||
my $session = new CGI::Session("driver:MySQL", undef, {Handle=>$dbh});
|
# my $session = new CGI::Session("driver:MySQL", undef, {Handle=>$dbh});
|
||||||
|
my $session = new CGI::Session("driver:File", undef, {Directory=>'/tmp'});
|
||||||
my $sessionID;
|
my $sessionID;
|
||||||
if ($session) {
|
if ($session) {
|
||||||
$sessionID = $session->id;
|
$sessionID = $session->id;
|
||||||
}
|
}
|
||||||
$userid = $query->param('userid');
|
$userid = $query->param('userid');
|
||||||
C4::Context->_new_userenv($sessionID);
|
C4::Context->_new_userenv($sessionID);
|
||||||
my $password = $query->param('password');
|
my $password = $query->param('password');
|
||||||
|
|
@ -505,7 +515,7 @@ sub checkauth {
|
||||||
= $sth->fetchrow
|
= $sth->fetchrow
|
||||||
if ( $sth->rows );
|
if ( $sth->rows );
|
||||||
|
|
||||||
# warn "$cardnumber,$borrowernumber,$userid,$firstname,$surname,$userflags,$branchcode,$emailaddress";
|
# warn "$cardnumber,$borrowernumber,$userid,$firstname,$surname,$userflags,$branchcode,$emailaddress";
|
||||||
unless ( $sth->rows ) {
|
unless ( $sth->rows ) {
|
||||||
my $sth =
|
my $sth =
|
||||||
$dbh->prepare(
|
$dbh->prepare(
|
||||||
|
|
@ -520,7 +530,7 @@ sub checkauth {
|
||||||
= $sth->fetchrow
|
= $sth->fetchrow
|
||||||
if ( $sth->rows );
|
if ( $sth->rows );
|
||||||
|
|
||||||
# warn "$cardnumber,$borrowernumber,$userid,$firstname,$surname,$userflags,$branchcode,$emailaddress";
|
# warn "$cardnumber,$borrowernumber,$userid,$firstname,$surname,$userflags,$branchcode,$emailaddress";
|
||||||
unless ( $sth->rows ) {
|
unless ( $sth->rows ) {
|
||||||
$sth->execute($userid);
|
$sth->execute($userid);
|
||||||
(
|
(
|
||||||
|
|
@ -542,7 +552,7 @@ sub checkauth {
|
||||||
my $branches = GetBranches();
|
my $branches = GetBranches();
|
||||||
my @branchesloop;
|
my @branchesloop;
|
||||||
foreach my $br ( keys %$branches ) {
|
foreach my $br ( keys %$branches ) {
|
||||||
# now we work with the treatment of ip
|
# now we work with the treatment of ip
|
||||||
my $domain = $branches->{$br}->{'branchip'};
|
my $domain = $branches->{$br}->{'branchip'};
|
||||||
if ( $domain && $ip =~ /^$domain/ ) {
|
if ( $domain && $ip =~ /^$domain/ ) {
|
||||||
$branchcode = $branches->{$br}->{'branchcode'};
|
$branchcode = $branches->{$br}->{'branchcode'};
|
||||||
|
|
@ -563,7 +573,8 @@ sub checkauth {
|
||||||
$session->param('emailaddress',$emailaddress);
|
$session->param('emailaddress',$emailaddress);
|
||||||
$session->param('ip',$session->remote_addr());
|
$session->param('ip',$session->remote_addr());
|
||||||
$session->param('lasttime',time());
|
$session->param('lasttime',time());
|
||||||
$session->param('branchprinter',$branchprinter);
|
# warn "".$session->param('cardnumber').", ".$session->param('firstname').",
|
||||||
|
".$session->param('surname').", ".$session->param('branch');
|
||||||
}
|
}
|
||||||
elsif ( $return == 2 ) {
|
elsif ( $return == 2 ) {
|
||||||
#We suppose the user is the superlibrarian
|
#We suppose the user is the superlibrarian
|
||||||
|
|
@ -571,7 +582,7 @@ sub checkauth {
|
||||||
$session->param('id',C4::Context->config('user'));
|
$session->param('id',C4::Context->config('user'));
|
||||||
$session->param('cardnumber',C4::Context->config('user'));
|
$session->param('cardnumber',C4::Context->config('user'));
|
||||||
$session->param('firstname',C4::Context->config('user'));
|
$session->param('firstname',C4::Context->config('user'));
|
||||||
$session->param('surname',C4::Context->config('user'),);
|
$session->param('surname',C4::Context->config('user'));
|
||||||
$session->param('branch','NO_LIBRARY_SET');
|
$session->param('branch','NO_LIBRARY_SET');
|
||||||
$session->param('branchname','NO_LIBRARY_SET');
|
$session->param('branchname','NO_LIBRARY_SET');
|
||||||
$session->param('flags',1);
|
$session->param('flags',1);
|
||||||
|
|
@ -607,7 +618,7 @@ sub checkauth {
|
||||||
$cookie = $query->cookie( CGISESSID => ''
|
$cookie = $query->cookie( CGISESSID => ''
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
return ( $userid, $cookie, $sessionID, $flags );
|
return ( $userid, $cookie, $sessionID, $flags );
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -634,7 +645,7 @@ sub checkauth {
|
||||||
# check that database and koha version are the same
|
# check that database and koha version are the same
|
||||||
# there is no DB version, it's a fresh install,
|
# there is no DB version, it's a fresh install,
|
||||||
# go to web installer
|
# go to web installer
|
||||||
warn "about to check version";
|
warn "about to check version";
|
||||||
unless (C4::Context->preference('Version')){
|
unless (C4::Context->preference('Version')){
|
||||||
if ($type ne 'opac'){
|
if ($type ne 'opac'){
|
||||||
warn "Install required, redirecting to Installer";
|
warn "Install required, redirecting to Installer";
|
||||||
|
|
@ -670,7 +681,7 @@ sub checkauth {
|
||||||
my $template = gettemplate( $template_name, $type, $query );
|
my $template = gettemplate( $template_name, $type, $query );
|
||||||
$template->param(branchloop => \@branch_loop,);
|
$template->param(branchloop => \@branch_loop,);
|
||||||
$template->param(
|
$template->param(
|
||||||
login => 1,
|
login => 1,
|
||||||
INPUTS => \@inputs,
|
INPUTS => \@inputs,
|
||||||
suggestion => C4::Context->preference("suggestion"),
|
suggestion => C4::Context->preference("suggestion"),
|
||||||
virtualshelves => C4::Context->preference("virtualshelves"),
|
virtualshelves => C4::Context->preference("virtualshelves"),
|
||||||
|
|
@ -754,7 +765,7 @@ sub checkpw {
|
||||||
{
|
{
|
||||||
|
|
||||||
# Koha superuser account
|
# Koha superuser account
|
||||||
# C4::Context->set_userenv(0,0,C4::Context->config('user'),C4::Context->config('user'),C4::Context->config('user'),"",1);
|
# C4::Context->set_userenv(0,0,C4::Context->config('user'),C4::Context->config('user'),C4::Context->config('user'),"",1);
|
||||||
return 2;
|
return 2;
|
||||||
}
|
}
|
||||||
if ( $userid && $userid eq 'demo'
|
if ( $userid && $userid eq 'demo'
|
||||||
|
|
|
||||||
|
|
@ -74,7 +74,7 @@
|
||||||
<b> Login information</b>
|
<b> Login information</b>
|
||||||
</li>
|
</li>
|
||||||
<li>Logged in as: <b> <!-- TMPL_VAR NAME="loggedinusername" --> </b>
|
<li>Logged in as: <b> <!-- TMPL_VAR NAME="loggedinusername" --> </b>
|
||||||
at <b><!-- TMPL_VAR NAME="LoginBranchname" --></b></li>
|
at <b><!-- TMPL_VAR NAME="LoginBranchcode" --></b></li>
|
||||||
<!-- TMPL_IF NAME="AutoLocation" -->
|
<!-- TMPL_IF NAME="AutoLocation" -->
|
||||||
<li>autolocate activated</li>
|
<li>autolocate activated</li>
|
||||||
<!-- TMPL_ELSE -->
|
<!-- TMPL_ELSE -->
|
||||||
|
|
|
||||||
|
|
@ -18,7 +18,7 @@
|
||||||
use CGI;
|
use CGI;
|
||||||
use C4::Context;
|
use C4::Context;
|
||||||
use C4::Output;
|
use C4::Output;
|
||||||
|
use CGI::Session;
|
||||||
my $query = new CGI;
|
my $query = new CGI;
|
||||||
my $sessionID = $query->cookie('sessionID');
|
my $sessionID = $query->cookie('sessionID');
|
||||||
my $dbh = C4::Context->dbh;
|
my $dbh = C4::Context->dbh;
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue