1 package OpenILS::Reporter::Proxy;
2 use strict; use warnings;
5 use Apache2::Const -compile => qw(REDIRECT FORBIDDEN OK NOT_FOUND DECLINED :log);
6 use APR::Const -compile => qw(:error SUCCESS);
9 use Digest::MD5 qw/md5_hex/;
11 use OpenSRF::EX qw(:try);
15 # set the bootstrap config and template include directory when
16 # this module is loaded
26 OpenSRF::System->bootstrap_client( config_file => $bootstrap );
32 my $auth_ses = $cgi->cookie('ses') || $cgi->cookie('eg.auth.token');
33 if ($auth_ses =~ /^"(.+)"$/) {
36 my $ws_ou = $cgi->cookie('ws_ou') || 1;
40 # push everyone to the secure site
41 if ($url =~ /^http:/o) {
42 $url =~ s/^http:/https:/o;
43 print "Location: $url\n\n";
44 return Apache2::Const::OK;
48 my $u = $cgi->param('user');
49 my $p = $cgi->param('passwd');
53 print $cgi->header(-type=>'text/html', -expires=>'-1d');
58 <title>Report Output Login</title>
64 <table style='border-collapse: collapse; border: 1px solid black;'>
66 <th colspan='2' align='center'><u>Please log in to view reports</u></th>
69 <th align="right">Username or barcode:</th>
70 <td><input type="text" name="user"/></td>
73 <th align="right">Password:</th>
74 <td><input type="password" name="passwd"/></td>
77 <input type="submit" value="Log in"/>
84 return Apache2::Const::OK;
87 $auth_ses = oils_login($u, $p);
91 -cookie=>$cgi->cookie(
94 -path=>'/',-expires=>'+1h'
97 return Apache2::Const::REDIRECT;
101 my $user = verify_login($auth_ses);
102 return Apache2::Const::FORBIDDEN unless ($user);
104 my $failures = OpenSRF::AppSession
105 ->create('open-ils.actor')
106 ->request('open-ils.actor.user.perm.check', $auth_ses, $user->id, $ws_ou, ['VIEW_REPORT_OUTPUT'])
109 return Apache2::Const::FORBIDDEN if (@$failures > 0);
111 # they're good, let 'em through
112 return Apache2::Const::DECLINED if (-e $apache->filename);
114 # oops, file not found
115 return Apache2::Const::NOT_FOUND;
118 # returns the user object if the session is valid, 0 otherwise
120 my $auth_token = shift;
121 return undef unless $auth_token;
123 my $user = OpenSRF::AppSession
124 ->create("open-ils.auth")
125 ->request( "open-ils.auth.session.retrieve", $auth_token )
128 if (ref($user) eq 'HASH' && $user->{ilsevent} == 1001) {
132 return $user if ref($user);
137 my( $username, $password, $type ) = @_;
140 my $nametype = 'username';
141 $nametype = 'barcode' if ($username =~ /^\d+$/o);
143 my $seed = OpenSRF::AppSession
144 ->create("open-ils.auth")
145 ->request( 'open-ils.auth.authenticate.init', $username )
148 return undef unless $seed;
150 my $response = OpenSRF::AppSession
151 ->create("open-ils.auth")
152 ->request( 'open-ils.auth.authenticate.complete',
153 { $nametype => $username,
154 password => md5_hex($seed . md5_hex($password)),
158 return undef unless $response;
160 return $response->{payload}->{authtoken};