1 package OpenILS::WWW::Proxy;
2 use strict; use warnings;
6 use Apache2::Const -compile => qw(REDIRECT FORBIDDEN OK NOT_FOUND DECLINED :log);
7 use APR::Const -compile => qw(:error SUCCESS);
10 use Digest::MD5 qw/md5_hex/;
12 use OpenSRF::EX qw(:try);
16 # set the bootstrap config and template include directory when
17 # this module is loaded
27 OpenSRF::System->bootstrap_client( config_file => $bootstrap );
32 my $title = $apache->dir_config('ProxyTitle');
33 my $desc = $apache->dir_config('ProxyDescription');
34 my $perms = [ split ' ', $apache->dir_config('ProxyPermissions') ];
36 return Apache2::Const::NOT_FOUND unless ($title);
37 return Apache2::Const::NOT_FOUND unless (@$perms);
40 my $auth_ses = $cgi->cookie('ses');
41 my $ws_ou = $cgi->cookie('ws_ou');
45 # push everyone to the secure site
46 if ($url =~ /^http:/o) {
47 $url =~ s/^http:/https:/o;
48 print "Location: $url\n\n";
49 return Apache2::Const::OK;
53 my $u = $cgi->param('user');
54 my $p = $cgi->param('passwd');
58 print $cgi->header(-type=>'text/html', -expires=>'-1d');
69 <table style='border-collapse: collapse; border: 1px solid black;'>
71 <th colspan='2' align='center'><u>$desc</u></th>
74 <th align="right">Username or barcode:</th>
75 <td><input type="text" name="user"/></td>
78 <th align="right">Password:</th>
79 <td><input type="password" name="passwd"/></td>
82 <input type="submit" value="Log in"/>
89 return Apache2::Const::OK;
92 $auth_ses = oils_login($u, $p);
96 -cookie=>$cgi->cookie(
99 -path=>'/',-expires=>'+1h'
102 return Apache2::Const::REDIRECT;
106 my $user = verify_login($auth_ses);
107 return Apache2::Const::FORBIDDEN unless ($user);
109 $ws_ou ||= $user->home_ou;
111 warn "Checking perms " . join(',', @$perms) . " for user " . $user->id . " at location $ws_ou\n";
113 my $failures = OpenSRF::AppSession
114 ->create('open-ils.actor')
115 ->request('open-ils.actor.user.perm.check', $auth_ses, $user->id, $ws_ou, $perms)
118 return Apache2::Const::FORBIDDEN if (@$failures > 0);
120 # they're good, let 'em through
121 return Apache2::Const::DECLINED if (-e $apache->filename);
123 # oops, file not found
124 return Apache2::Const::NOT_FOUND;
127 # returns the user object if the session is valid, 0 otherwise
129 my $auth_token = shift;
130 return undef unless $auth_token;
132 my $user = OpenSRF::AppSession
133 ->create("open-ils.auth")
134 ->request( "open-ils.auth.session.retrieve", $auth_token )
137 if (ref($user) eq 'HASH' && $user->{ilsevent} == 1001) {
141 return $user if ref($user);
146 my( $username, $password, $type ) = @_;
149 my $nametype = 'username';
150 $nametype = 'barcode' if ($username =~ /^\d+$/o);
152 my $seed = OpenSRF::AppSession
153 ->create("open-ils.auth")
154 ->request( 'open-ils.auth.authenticate.init', $username )
157 return undef unless $seed;
159 my $response = OpenSRF::AppSession
160 ->create("open-ils.auth")
161 ->request( 'open-ils.auth.authenticate.complete',
162 { $nametype => $username,
163 password => md5_hex($seed . md5_hex($password)),
167 return undef unless $response;
169 return $response->{payload}->{authtoken};