From 45bb590a0458cbdc9ba9d73917c6cd81528d29c8 Mon Sep 17 00:00:00 2001
From: erickson <erickson@dcc99617-32d9-48b4-a31d-7c20da2025e4>
Date: Thu, 9 Mar 2006 15:07:35 +0000
Subject: [PATCH] re-arranged login params to take named params so one method
 can accomodate barcodes, usernames and for better handling of the workstation
 name and org id

git-svn-id: svn://svn.open-ils.org/ILS/trunk@3286 dcc99617-32d9-48b4-a31d-7c20da2025e4
---
 Open-ILS/src/c-apps/oils_auth.c  | 81 ++++++++++++++++++++++----------
 Open-ILS/src/c-apps/oils_utils.c | 38 +++++++++++++++
 Open-ILS/src/c-apps/oils_utils.h |  5 ++
 3 files changed, 99 insertions(+), 25 deletions(-)

diff --git a/Open-ILS/src/c-apps/oils_auth.c b/Open-ILS/src/c-apps/oils_auth.c
index f560dd0514..4b1cbd0b70 100644
--- a/Open-ILS/src/c-apps/oils_auth.c
+++ b/Open-ILS/src/c-apps/oils_auth.c
@@ -25,6 +25,8 @@ int __oilsAuthOverrideTimeout = 0;
 
 int osrfAppInitialize() {
 
+	osrfLogInfo(OSRF_LOG_MARK, "Initializing Auth Server...");
+
 	osrfAppRegisterMethod( 
 		MODULENAME, 
 		"open-ils.auth.authenticate.init", 
@@ -42,7 +44,7 @@ int osrfAppInitialize() {
 		"PARAMS(username, md5sum( seed + password ), type, org_id ) "
 		"type can be one of 'opac','staff', or 'override' and it defaults to 'staff' "
 		"org_id is the location at which the login should be considered "
-		"active for login timeout purposes"	, 2, 0 );
+		"active for login timeout purposes"	, 1, 0 );
 
 	osrfAppRegisterMethod( 
 		MODULENAME, 
@@ -80,12 +82,13 @@ int oilsAuthInit( osrfMethodContext* ctx ) {
 	OSRF_METHOD_VERIFY_CONTEXT(ctx); 
 
 	jsonObject* resp;
+
 	char* username = NULL;
-	char* seed = NULL;
-	char* md5seed = NULL;
-	char* key = NULL;
+	char* seed		= NULL;
+	char* md5seed	= NULL;
+	char* key		= NULL;
 
-	if( (username = jsonObjectGetString(jsonObjectGetIndex(ctx->params, 0))) ) {
+	if( (username = jsonObjectToSimpleString(jsonObjectGetIndex(ctx->params, 0))) ) {
 
 		seed = va_list_to_string( "%d.%d.%s", time(NULL), getpid(), username );
 		key = va_list_to_string( "%s%s", OILS_AUTH_CACHE_PRFX, username );
@@ -102,6 +105,7 @@ int oilsAuthInit( osrfMethodContext* ctx ) {
 		free(seed);
 		free(md5seed);
 		free(key);
+		free(username);
 		return 0;
 	}
 
@@ -288,13 +292,15 @@ oilsEvent* oilsAuthHandleLoginOK(
 	return response;
 }
 
-oilsEvent* oilsAuthVerifyWorkstation( osrfMethodContext* ctx, jsonObject* userObj, double wsid ) {
-	osrfLogInfo(OSRF_LOG_MARK, "Attaching workstation to user at login: %lf", wsid);
-	jsonObject* workstation = oilsUtilsFetchWorkstation(wsid);
+oilsEvent* oilsAuthVerifyWorkstation( 
+		osrfMethodContext* ctx, jsonObject* userObj, char* ws ) {
+	osrfLogInfo(OSRF_LOG_MARK, "Attaching workstation to user at login: %s", ws);
+	jsonObject* workstation = oilsUtilsFetchWorkstationByName(ws);
 	if(!workstation) return oilsNewEvent("WORKSTATION_NOT_FOUND");
-	DOUBLE_TO_STRING(wsid);
+	long wsid = oilsFMGetObjectId(workstation);
+	LONG_TO_STRING(wsid);
 	char* orgid = oilsFMGetString(workstation, "owning_lib");
-	oilsFMSetString(userObj, "wsid", DOUBLESTR);
+	oilsFMSetString(userObj, "wsid", LONGSTR);
 	oilsFMSetString(userObj, "ws_ou", orgid);
 	free(orgid);
 	return NULL;
@@ -305,43 +311,67 @@ oilsEvent* oilsAuthVerifyWorkstation( osrfMethodContext* ctx, jsonObject* userOb
 int oilsAuthComplete( osrfMethodContext* ctx ) {
 	OSRF_METHOD_VERIFY_CONTEXT(ctx); 
 
-	char* uname		= jsonObjectGetString(jsonObjectGetIndex(ctx->params, 0));
-	char* password = jsonObjectGetString(jsonObjectGetIndex(ctx->params, 1));
-	char* type		= jsonObjectGetString(jsonObjectGetIndex(ctx->params, 2));
-	double orgloc	= jsonObjectGetNumber(jsonObjectGetIndex(ctx->params, 3));
-	double wsid		= jsonObjectGetNumber(jsonObjectGetIndex(ctx->params, 4));
+	jsonObject* args		= jsonObjectGetIndex(ctx->params, 0);
+
+	char* uname				= jsonObjectGetString(jsonObjectGetKey(args, "username"));
+	char* password			= jsonObjectGetString(jsonObjectGetKey(args, "password"));
+	char* type				= jsonObjectGetString(jsonObjectGetKey(args, "type"));
+	double orgloc			= jsonObjectGetNumber(jsonObjectGetKey(args, "org"));
+	char* workstation		= jsonObjectGetString(jsonObjectGetKey(args, "workstation"));
+	char* barcode			= jsonObjectToSimpleString(jsonObjectGetKey(args, "barcode"));
+
 
 	if(!type) type = OILS_AUTH_STAFF;
 
-	if( !(uname && password) ) {
+	if( !( (uname || barcode) && password) ) {
+		free(barcode);
 		return osrfAppRequestRespondException( ctx->session, ctx->request, 
-			"username and password required for method: %s", ctx->method->name );
+			"username/barocode and password required for method: %s", ctx->method->name );
 	}
 
 	oilsEvent* response = NULL;
-	jsonObject* userObj = oilsUtilsFetchUserByUsername( uname ); 
+	jsonObject* userObj = NULL;
+
+	if(uname) userObj = oilsUtilsFetchUserByUsername( uname ); 
+	else if(barcode) userObj = oilsUtilsFetchUserByBarcode( barcode );
 	
 	if(!userObj) { 
 		response = oilsNewEvent( OILS_EVENT_AUTH_FAILED );
 		osrfAppRespondComplete( ctx, oilsEventToJSON(response) ); 
 		oilsEventFree(response);
+		free(barcode);
 		return 0;
 	}
 
 	/* check to see if the user is allowed to login */
 	if( oilsAuthCheckLoginPerm( ctx, userObj, type ) == -1 ) {
 		jsonObjectFree(userObj);
+		free(barcode);
 		return 0;
 	}
 
-	int passOK = oilsAuthVerifyPassword( ctx, userObj, uname, password );
-	if( passOK < 0 ) return passOK;
+	
+	int passOK = -1;
+	if(uname) passOK = oilsAuthVerifyPassword( ctx, userObj, uname, password );
+	else if (barcode) 
+		passOK = oilsAuthVerifyPassword( ctx, userObj, barcode, password );
+
+	if( passOK < 0 ) {
+		free(barcode);
+		return passOK;
+	}
 
-	if( wsid > 0 && (response = oilsAuthVerifyWorkstation( ctx, userObj, wsid )) ) {
-		jsonObjectFree(userObj);
-		osrfAppRespondComplete( ctx, oilsEventToJSON(response) ); 
-		oilsEventFree(response);
-		return 0;
+	/* if a workstation is defined, flesh the user with the workstation info */
+	if( workstation != NULL ) {
+		osrfLogDebug(OSRF_LOG_MARK, "Workstation is %s", workstation);
+		response = oilsAuthVerifyWorkstation( ctx, userObj, workstation );
+		if(response) {
+			jsonObjectFree(userObj);
+			osrfAppRespondComplete( ctx, oilsEventToJSON(response) ); 
+			oilsEventFree(response);
+			free(barcode);
+			return 0;
+		}
 	}
 
 	if( passOK ) {
@@ -355,6 +385,7 @@ int oilsAuthComplete( osrfMethodContext* ctx ) {
 	jsonObjectFree(userObj);
 	osrfAppRespondComplete( ctx, oilsEventToJSON(response) ); 
 	oilsEventFree(response);
+	free(barcode);
 
 	return 0;
 }
diff --git a/Open-ILS/src/c-apps/oils_utils.c b/Open-ILS/src/c-apps/oils_utils.c
index 2893f400df..b3563481a0 100644
--- a/Open-ILS/src/c-apps/oils_utils.c
+++ b/Open-ILS/src/c-apps/oils_utils.c
@@ -77,6 +77,10 @@ jsonObject* oilsUtilsQuickReq( char* service, char* method, jsonObject* params )
 	return result;
 }
 
+jsonObject* oilsUtilsStorageReq( char* method, jsonObject* params ) {
+	return oilsUtilsQuickReq( "open-ils.storage", method, params );
+}
+
 
 
 jsonObject* oilsUtilsFetchUserByUsername( char* name ) {
@@ -86,6 +90,32 @@ jsonObject* oilsUtilsFetchUserByUsername( char* name ) {
 			"open-ils.storage.direct.actor.user.search.usrname.atomic", params );
 	jsonObject* user = jsonObjectClone(jsonObjectGetIndex( r, 0 ));
 	jsonObjectFree(r);
+	jsonObjectFree(params);
+	return user;
+}
+
+jsonObject* oilsUtilsFetchUserByBarcode(char* barcode) {
+	if(!barcode) return NULL;
+
+	osrfLogInfo(OSRF_LOG_MARK, "Fetching user by barcode %s", barcode);
+
+	jsonObject* params = jsonParseString("[\"%s\"]",barcode);
+	jsonObject* card = oilsUtilsStorageReq(
+			"open-ils.storage.direct.actor.card.search.barcode", params );
+
+	if(!card) { jsonObjectFree(params); return NULL; }
+
+	char* usr = oilsFMGetString(card, "usr");
+	if(!usr) return NULL;
+	double iusr = strtod(usr, NULL);
+	free(usr);
+
+	jsonObjectFree(params);
+	params = jsonParseString("[%lf]", iusr);
+	jsonObject* user = oilsUtilsStorageReq(
+			"open-ils.storage.direct.actor.user.retrieve", params);
+
+	jsonObjectFree(params);
 	return user;
 }
 
@@ -158,4 +188,12 @@ jsonObject* oilsUtilsFetchWorkstation( long id ) {
 	return r;
 }
 
+jsonObject* oilsUtilsFetchWorkstationByName( char* name ) {
+	jsonObject* p = jsonParseString("[\"%s\"]", name);
+	jsonObject* r = oilsUtilsStorageReq(
+		"open-ils.storage.direct.actor.workstation.search.name", p );
+	jsonObjectFree(p);
+	return r;
+}
+
 
diff --git a/Open-ILS/src/c-apps/oils_utils.h b/Open-ILS/src/c-apps/oils_utils.h
index de5643b3f8..38116860cb 100644
--- a/Open-ILS/src/c-apps/oils_utils.h
+++ b/Open-ILS/src/c-apps/oils_utils.h
@@ -59,6 +59,8 @@ oilsEvent* oilsUtilsCheckPerms( int userid, int orgid, char* permissions[], int
  */
 jsonObject* oilsUtilsQuickReq( char* service, char* method, jsonObject* params );
 
+jsonObject* oilsUtilsStorageReq( char* method, jsonObject* params );
+
 /**
  * Searches the storage server for a user with the given username 
  * Caller is responsible for freeing the returned object
@@ -85,3 +87,6 @@ char* oilsUtilsLogin( char* uname, char* passwd, char* type, int orgId );
  */
 jsonObject* oilsUtilsFetchWorkstation( long id );
 
+jsonObject* oilsUtilsFetchUserByBarcode(char* barcode);
+
+jsonObject* oilsUtilsFetchWorkstationByName( char* name );
-- 
2.43.2