re-arranged login params to take named params so one method can
authorerickson <erickson@dcc99617-32d9-48b4-a31d-7c20da2025e4>
Thu, 9 Mar 2006 15:07:35 +0000 (15:07 +0000)
committererickson <erickson@dcc99617-32d9-48b4-a31d-7c20da2025e4>
Thu, 9 Mar 2006 15:07:35 +0000 (15:07 +0000)
accomodate barcodes, usernames and for better handling of the
workstation name and org id

git-svn-id: svn://svn.open-ils.org/ILS/trunk@3286 dcc99617-32d9-48b4-a31d-7c20da2025e4

Open-ILS/src/c-apps/oils_auth.c
Open-ILS/src/c-apps/oils_utils.c
Open-ILS/src/c-apps/oils_utils.h

index f560dd0..4b1cbd0 100644 (file)
@@ -25,6 +25,8 @@ int __oilsAuthOverrideTimeout = 0;
 
 int osrfAppInitialize() {
 
+       osrfLogInfo(OSRF_LOG_MARK, "Initializing Auth Server...");
+
        osrfAppRegisterMethod( 
                MODULENAME, 
                "open-ils.auth.authenticate.init", 
@@ -42,7 +44,7 @@ int osrfAppInitialize() {
                "PARAMS(username, md5sum( seed + password ), type, org_id ) "
                "type can be one of 'opac','staff', or 'override' and it defaults to 'staff' "
                "org_id is the location at which the login should be considered "
-               "active for login timeout purposes"     , 2, 0 );
+               "active for login timeout purposes"     , 1, 0 );
 
        osrfAppRegisterMethod( 
                MODULENAME, 
@@ -80,12 +82,13 @@ int oilsAuthInit( osrfMethodContext* ctx ) {
        OSRF_METHOD_VERIFY_CONTEXT(ctx); 
 
        jsonObject* resp;
+
        char* username = NULL;
-       char* seed = NULL;
-       char* md5seed = NULL;
-       char* key = NULL;
+       char* seed              = NULL;
+       char* md5seed   = NULL;
+       char* key               = NULL;
 
-       if( (username = jsonObjectGetString(jsonObjectGetIndex(ctx->params, 0))) ) {
+       if( (username = jsonObjectToSimpleString(jsonObjectGetIndex(ctx->params, 0))) ) {
 
                seed = va_list_to_string( "%d.%d.%s", time(NULL), getpid(), username );
                key = va_list_to_string( "%s%s", OILS_AUTH_CACHE_PRFX, username );
@@ -102,6 +105,7 @@ int oilsAuthInit( osrfMethodContext* ctx ) {
                free(seed);
                free(md5seed);
                free(key);
+               free(username);
                return 0;
        }
 
@@ -288,13 +292,15 @@ oilsEvent* oilsAuthHandleLoginOK(
        return response;
 }
 
-oilsEvent* oilsAuthVerifyWorkstation( osrfMethodContext* ctx, jsonObject* userObj, double wsid ) {
-       osrfLogInfo(OSRF_LOG_MARK, "Attaching workstation to user at login: %lf", wsid);
-       jsonObject* workstation = oilsUtilsFetchWorkstation(wsid);
+oilsEvent* oilsAuthVerifyWorkstation( 
+               osrfMethodContext* ctx, jsonObject* userObj, char* ws ) {
+       osrfLogInfo(OSRF_LOG_MARK, "Attaching workstation to user at login: %s", ws);
+       jsonObject* workstation = oilsUtilsFetchWorkstationByName(ws);
        if(!workstation) return oilsNewEvent("WORKSTATION_NOT_FOUND");
-       DOUBLE_TO_STRING(wsid);
+       long wsid = oilsFMGetObjectId(workstation);
+       LONG_TO_STRING(wsid);
        char* orgid = oilsFMGetString(workstation, "owning_lib");
-       oilsFMSetString(userObj, "wsid", DOUBLESTR);
+       oilsFMSetString(userObj, "wsid", LONGSTR);
        oilsFMSetString(userObj, "ws_ou", orgid);
        free(orgid);
        return NULL;
@@ -305,43 +311,67 @@ oilsEvent* oilsAuthVerifyWorkstation( osrfMethodContext* ctx, jsonObject* userOb
 int oilsAuthComplete( osrfMethodContext* ctx ) {
        OSRF_METHOD_VERIFY_CONTEXT(ctx); 
 
-       char* uname             = jsonObjectGetString(jsonObjectGetIndex(ctx->params, 0));
-       char* password = jsonObjectGetString(jsonObjectGetIndex(ctx->params, 1));
-       char* type              = jsonObjectGetString(jsonObjectGetIndex(ctx->params, 2));
-       double orgloc   = jsonObjectGetNumber(jsonObjectGetIndex(ctx->params, 3));
-       double wsid             = jsonObjectGetNumber(jsonObjectGetIndex(ctx->params, 4));
+       jsonObject* args                = jsonObjectGetIndex(ctx->params, 0);
+
+       char* uname                             = jsonObjectGetString(jsonObjectGetKey(args, "username"));
+       char* password                  = jsonObjectGetString(jsonObjectGetKey(args, "password"));
+       char* type                              = jsonObjectGetString(jsonObjectGetKey(args, "type"));
+       double orgloc                   = jsonObjectGetNumber(jsonObjectGetKey(args, "org"));
+       char* workstation               = jsonObjectGetString(jsonObjectGetKey(args, "workstation"));
+       char* barcode                   = jsonObjectToSimpleString(jsonObjectGetKey(args, "barcode"));
+
 
        if(!type) type = OILS_AUTH_STAFF;
 
-       if( !(uname && password) ) {
+       if( !( (uname || barcode) && password) ) {
+               free(barcode);
                return osrfAppRequestRespondException( ctx->session, ctx->request, 
-                       "username and password required for method: %s", ctx->method->name );
+                       "username/barocode and password required for method: %s", ctx->method->name );
        }
 
        oilsEvent* response = NULL;
-       jsonObject* userObj = oilsUtilsFetchUserByUsername( uname ); 
+       jsonObject* userObj = NULL;
+
+       if(uname) userObj = oilsUtilsFetchUserByUsername( uname ); 
+       else if(barcode) userObj = oilsUtilsFetchUserByBarcode( barcode );
        
        if(!userObj) { 
                response = oilsNewEvent( OILS_EVENT_AUTH_FAILED );
                osrfAppRespondComplete( ctx, oilsEventToJSON(response) ); 
                oilsEventFree(response);
+               free(barcode);
                return 0;
        }
 
        /* check to see if the user is allowed to login */
        if( oilsAuthCheckLoginPerm( ctx, userObj, type ) == -1 ) {
                jsonObjectFree(userObj);
+               free(barcode);
                return 0;
        }
 
-       int passOK = oilsAuthVerifyPassword( ctx, userObj, uname, password );
-       if( passOK < 0 ) return passOK;
+       
+       int passOK = -1;
+       if(uname) passOK = oilsAuthVerifyPassword( ctx, userObj, uname, password );
+       else if (barcode) 
+               passOK = oilsAuthVerifyPassword( ctx, userObj, barcode, password );
+
+       if( passOK < 0 ) {
+               free(barcode);
+               return passOK;
+       }
 
-       if( wsid > 0 && (response = oilsAuthVerifyWorkstation( ctx, userObj, wsid )) ) {
-               jsonObjectFree(userObj);
-               osrfAppRespondComplete( ctx, oilsEventToJSON(response) ); 
-               oilsEventFree(response);
-               return 0;
+       /* if a workstation is defined, flesh the user with the workstation info */
+       if( workstation != NULL ) {
+               osrfLogDebug(OSRF_LOG_MARK, "Workstation is %s", workstation);
+               response = oilsAuthVerifyWorkstation( ctx, userObj, workstation );
+               if(response) {
+                       jsonObjectFree(userObj);
+                       osrfAppRespondComplete( ctx, oilsEventToJSON(response) ); 
+                       oilsEventFree(response);
+                       free(barcode);
+                       return 0;
+               }
        }
 
        if( passOK ) {
@@ -355,6 +385,7 @@ int oilsAuthComplete( osrfMethodContext* ctx ) {
        jsonObjectFree(userObj);
        osrfAppRespondComplete( ctx, oilsEventToJSON(response) ); 
        oilsEventFree(response);
+       free(barcode);
 
        return 0;
 }
index 2893f40..b356348 100644 (file)
@@ -77,6 +77,10 @@ jsonObject* oilsUtilsQuickReq( char* service, char* method, jsonObject* params )
        return result;
 }
 
+jsonObject* oilsUtilsStorageReq( char* method, jsonObject* params ) {
+       return oilsUtilsQuickReq( "open-ils.storage", method, params );
+}
+
 
 
 jsonObject* oilsUtilsFetchUserByUsername( char* name ) {
@@ -86,6 +90,32 @@ jsonObject* oilsUtilsFetchUserByUsername( char* name ) {
                        "open-ils.storage.direct.actor.user.search.usrname.atomic", params );
        jsonObject* user = jsonObjectClone(jsonObjectGetIndex( r, 0 ));
        jsonObjectFree(r);
+       jsonObjectFree(params);
+       return user;
+}
+
+jsonObject* oilsUtilsFetchUserByBarcode(char* barcode) {
+       if(!barcode) return NULL;
+
+       osrfLogInfo(OSRF_LOG_MARK, "Fetching user by barcode %s", barcode);
+
+       jsonObject* params = jsonParseString("[\"%s\"]",barcode);
+       jsonObject* card = oilsUtilsStorageReq(
+                       "open-ils.storage.direct.actor.card.search.barcode", params );
+
+       if(!card) { jsonObjectFree(params); return NULL; }
+
+       char* usr = oilsFMGetString(card, "usr");
+       if(!usr) return NULL;
+       double iusr = strtod(usr, NULL);
+       free(usr);
+
+       jsonObjectFree(params);
+       params = jsonParseString("[%lf]", iusr);
+       jsonObject* user = oilsUtilsStorageReq(
+                       "open-ils.storage.direct.actor.user.retrieve", params);
+
+       jsonObjectFree(params);
        return user;
 }
 
@@ -158,4 +188,12 @@ jsonObject* oilsUtilsFetchWorkstation( long id ) {
        return r;
 }
 
+jsonObject* oilsUtilsFetchWorkstationByName( char* name ) {
+       jsonObject* p = jsonParseString("[\"%s\"]", name);
+       jsonObject* r = oilsUtilsStorageReq(
+               "open-ils.storage.direct.actor.workstation.search.name", p );
+       jsonObjectFree(p);
+       return r;
+}
+
 
index de5643b..3811686 100644 (file)
@@ -59,6 +59,8 @@ oilsEvent* oilsUtilsCheckPerms( int userid, int orgid, char* permissions[], int
  */
 jsonObject* oilsUtilsQuickReq( char* service, char* method, jsonObject* params );
 
+jsonObject* oilsUtilsStorageReq( char* method, jsonObject* params );
+
 /**
  * Searches the storage server for a user with the given username 
  * Caller is responsible for freeing the returned object
@@ -85,3 +87,6 @@ char* oilsUtilsLogin( char* uname, char* passwd, char* type, int orgId );
  */
 jsonObject* oilsUtilsFetchWorkstation( long id );
 
+jsonObject* oilsUtilsFetchUserByBarcode(char* barcode);
+
+jsonObject* oilsUtilsFetchWorkstationByName( char* name );