1 package OpenILS::Reporter::Proxy;
2 use strict; use warnings;
6 use Apache2::Const -compile => qw(OK NOT_FOUND DECLINED :log);
7 use APR::Const -compile => qw(:error SUCCESS);
10 use Digest::MD5 qw/md5_hex/;
12 use OpenSRF::EX qw(:try);
16 # set the bootstrap config and template include directory when
17 # this module is loaded
27 OpenSRF::System->bootstrap_client( config_file => $bootstrap );
33 my $auth_ses = $cgi->cookie('ses');
34 my $ws_ou = $cgi->cookie('ws_ou') || 1;
37 my $u = $cgi->param('user');
38 my $p = $cgi->param('passwd');
43 if ($url =~ /^http:/o) {
44 $url =~ s/^http:/https:/o;
45 print "Location: $url\n\n";
50 Content-type: text/html
54 <title>Report Output Login</title>
60 <th colspan='2' align='center'>Please log in to view reports</th>
63 <th>Username or barcode:</th>
64 <td><input type="text" name="user"/></td>
68 <td><input type="password" name="passwd"/></td>
71 <input type="submit" value="Log in"/>
79 $auth_ses = oils_login($u, $p);
83 -cookie=>$cgi->cookie(
86 -path=>'/',-expires=>'+1h'
93 my $user = verify_login($auth_ses);
94 return Apache2::Const::NOT_FOUND unless ($user);
96 my $failures = OpenSRF::AppSession
97 ->create('open-ils.actor')
98 ->request('open-ils.actor.user.perm.check', $auth_ses, $user->id, $ws_ou, ['RUN_REPORTS'])
101 return Apache2::Const::NOT_FOUND if (@$failures > 0);
103 # they're good, let 'em through
104 return Apache2::Const::DECLINED if (-e $apache->filename);
106 # oops, file not found
107 return Apache2::Const::NOT_FOUND;
110 # returns the user object if the session is valid, 0 otherwise
112 my $auth_token = shift;
113 return undef unless $auth_token;
115 my $user = OpenSRF::AppSession
116 ->create("open-ils.auth")
117 ->request( "open-ils.auth.session.retrieve", $auth_token )
120 if (ref($user) eq 'HASH' && $user->{ilsevent} == 1001) {
124 return $user if ref($user);
129 my( $username, $password, $type ) = @_;
132 my $nametype = 'username';
133 $nametype = 'barcode' if ($username =~ /^\d+$/o);
135 my $seed = OpenSRF::AppSession
136 ->create("open-ils.auth")
137 ->request( 'open-ils.auth.authenticate.init', $username )
140 return undef unless $seed;
142 my $response = OpenSRF::AppSession
143 ->create("open-ils.auth")
144 ->request( 'open-ils.auth.authenticate.complete',
145 { $nametype => $username,
146 password => md5_hex($seed . md5_hex($password)),
150 return undef unless $response;
152 return $response->{payload}->{authtoken};