From a66bcaa168fed2cdf2a3a361e909fe1f101e4823 Mon Sep 17 00:00:00 2001
From: tonnesen <tonnesen>
Date: Fri, 5 Jul 2002 05:03:36 +0000
Subject: [PATCH] Minor changes to authentication routines.

---
 C4/Auth.pm | 47 +++++++++++++++++++++++++++++++----------------
 logout.pl  |  7 +++++--
 shelves.pl |  7 +++----
 3 files changed, 39 insertions(+), 22 deletions(-)

diff --git a/C4/Auth.pm b/C4/Auth.pm
index 4feea2786b..dc3e7cb52a 100644
--- a/C4/Auth.pm
+++ b/C4/Auth.pm
@@ -36,14 +36,15 @@ sub checkauth {
     $sth->execute($sessionID);
     if ($sth->rows) {
 	my ($userid, $ip, $lasttime) = $sth->fetchrow;
-	if ($lasttime<time()-20) {
+	if ($lasttime<time()-20 && $userid ne 'tonnesen') {
 	    # timed logout
 	    warn "$sessionID logged out due to inactivity.";
 	    $message="You have been logged out due to inactivity.";
 	    my $sti=$dbh->prepare("delete from sessions where sessionID=?");
 	    $sti->execute($sessionID);
 	    open L, ">>/tmp/sessionlog";
-	    print L "$userid from $ip logged out at ".localtime(time())." (inactivity).\n";
+	    my $time=localtime(time());
+	    printf L "%20s from %16s logged out at %30s (inactivity).\n", $userid, $ip, $time;
 	    close L;
 	} elsif ($ip ne $ENV{'REMOTE_ADDR'}) {
 	    # Different ip than originally logged in from
@@ -72,18 +73,12 @@ sub checkauth {
 	($sessionID) || ($sessionID=int(rand()*100000).'-'.time());
 	my $userid=$query->param('userid');
 	my $password=$query->param('password');
-	if ($userid eq 'librarian' && $password eq 'koha') {
+	if (($userid eq 'librarian' || $userid eq 'tonnesen' || $userid eq 'patron') && $password eq 'koha') {
 	    my $sti=$dbh->prepare("insert into sessions (sessionID, userid, ip,lasttime) values (?, ?, ?, ?)");
 	    $sti->execute($sessionID, $userid, $ENV{'REMOTE_ADDR'}, time());
 	    open L, ">>/tmp/sessionlog";
-	    print L "$userid from ".$ENV{'REMOTE_ADDR'}." logged in at ".localtime(time()).".\n";
-	    close L;
-	    return ($userid, $sessionID, $sessionID);
-	} elsif ($userid eq 'patron' && $password eq 'koha') {
-	    my $sti=$dbh->prepare("insert into sessions (sessionID, userid, ip,lasttime) values (?, ?, ?, ?)");
-	    $sti->execute($sessionID, $userid, $ENV{'REMOTE_ADDR'}, time());
-	    open L, ">>/tmp/sessionlog";
-	    print L "$userid from ".$ENV{'REMOTE_ADDR'}." at ".localtime(time()).".\n";
+	    my $time=localtime(time());
+	    printf L "%20s from %16s logged in  at %30s.\n", $userid, $ENV{'REMOTE_ADDR'}, $time;
 	    close L;
 	    return ($userid, $sessionID, $sessionID);
 	} else {
@@ -103,12 +98,32 @@ sub checkauth {
 <body background=/images/kohaback.jpg>
 <center>
 <h2>$message</h2>
+
 <form method=post>
-<table border=1>
-<tr><th colspan=2><font size=+2>Koha Login</font></th></tr>
-<tr><td>Name:</td><td><input name=userid></td></tr>
-<tr><td>Password:</td><td><input type=password name=password></td></tr>
-<tr><td colspan=2 align=center><input type=submit value=login></td></tr>
+<table border=0 cellpadding=10 width=60%>
+    <tr><td align=center valign=top>
+    <table border=0 bgcolor=#dddddd cellpadding=10>
+    <tr><th colspan=2 background=/images/background-mem.gif><font size=+2>Koha Login</font></th></tr>
+    <tr><td>Name:</td><td><input name=userid></td></tr>
+    <tr><td>Password:</td><td><input type=password name=password></td></tr>
+    <tr><td colspan=2 align=center><input type=submit value=login></td></tr>
+    </table>
+    
+    </td><td align=center valign=top>
+
+    <table border=0 bgcolor=#dddddd cellpadding=10>
+    <tr><th background=/images/background-mem.gif><font size=+2>Demo Information</font></th></tr>
+    <td>
+    Log in as librarian/koha or patron/koha.  The timeout is set to 20 seconds of
+    inactivity for the purposes of this demo.  You can navigate to the Circulation
+    or Acquisitions modules and you should see an indicator in the upper left of
+    the screen saying who you are logged in as.  If you want to try it out with
+    a longer timout period, log in as tonnesen/koha and the timeout period will
+    be 10 minutes.
+    </td>
+    </tr>
+    </table>
+    </td></tr>
 </table>
 </form>
 </body>
diff --git a/logout.pl b/logout.pl
index 0713f21627..47fd4c3393 100755
--- a/logout.pl
+++ b/logout.pl
@@ -41,14 +41,17 @@ if ($sth->rows) {
 $sth=$dbh->prepare("delete from sessions where sessionID=?");
 $sth->execute($sessionID);
 open L, ">>/tmp/sessionlog";
-print L "$userid from $ip logged out at ".localtime(time())." (manual log out).\n";
+my $time=localtime(time());
+printf L "%20s from %16s logged out at %30s (manual log out).\n", $userid, $ip, $time;
 close L;
 
 my $cookie=$query->cookie(-name => 'sessionID',
 			  -value => '',
 			  -expires => '+1y');
 
-print $query->redirect("shelves.pl");
+# Should redirect to intranet home page after logging out
+
+print $query->redirect("mainpage.pl");
 
 exit;
 if ($sessionID) {
diff --git a/shelves.pl b/shelves.pl
index a833c87063..c38d4bb0e4 100755
--- a/shelves.pl
+++ b/shelves.pl
@@ -26,7 +26,7 @@ print startpage();
 print startmenu('catalogue');
 
 
-print "Logged in as: $loggedinuser<br><a href=logout.pl>Log Out</a><br>\n";
+print "<p align=left>Logged in as: $loggedinuser [<a href=/cgi-bin/koha/logout.pl>Log Out</a>]</p>\n";
 
 
 my ($shelflist) = GetShelfList();
@@ -169,9 +169,8 @@ EOF
 
 #
 # $Log$
-# Revision 1.6  2002/07/04 21:09:43  tonnesen
-# Additions to authentication scheme.  Logs to /tmp/sessionlog.  Will move this
-# to a db table.
+# Revision 1.7  2002/07/05 05:03:37  tonnesen
+# Minor changes to authentication routines.
 #
 # Revision 1.5  2002/07/04 19:42:48  tonnesen
 # Minor changes
-- 
2.39.5