Open-ILS/xul/staff_client/chrome/content/auth/session.js

   1 dump('entering auth/session.js\n');
   2 // vim:sw=4:ts=4:et:
   3
   4 if (typeof auth == 'undefined') auth = {};
   5 auth.session = function (view,login_type) {
   6
   7     JSAN.use('util.error'); this.error = new util.error();
   8     JSAN.use('util.network'); this.network = new util.network();
   9     this.view = view;
  10     this.login_type = login_type || 'staff';
  11
  12     return this;
  13 };
  14
  15 auth.session.prototype = {
  16
  17     'init' : function () {
  18
  19         var obj = this;
  20
  21         /* This request is done manually in a try block to allow it to fail
  22          * silently if auth_proxy is not even running.  TODO: Move this check
  23          * to a module which should be always running, perhaps 'auth'.
  24          */
  25         var auth_proxy_enabled = false;
  26         try {
  27             var request = new RemoteRequest( api.AUTH_PROXY_ENABLED.app, api.AUTH_PROXY_ENABLED.method );
  28             request.send(true);
  29             request.setSecure(true);
  30             if (request.getResultObject() == 1) {
  31                 auth_proxy_enabled = true;
  32             }
  33         } catch(E) {
  34         }
  35
  36         try {
  37             if (!auth_proxy_enabled) {
  38                 var init = this.network.request(
  39                     api.AUTH_INIT.app,
  40                     api.AUTH_INIT.method,
  41                     [ this.view.name_prompt.value ]
  42                 );
  43             }
  44
  45             if (init || auth_proxy_enabled) {
  46                 if (xulG._data) {
  47                     /* quick kludge; we were re-using a poisoned OpenILS.data
  48                      * (from ws_info.xul?) where js2JSON (and maybe other
  49                      * stuff) does not exist
  50                      */
  51                     delete xulG._data;
  52                 }
  53
  54                 JSAN.use('OpenILS.data');
  55                 var data = new OpenILS.data();
  56                 data.stash_retrieve();
  57
  58                 var params = {
  59                     'username' : this.view.name_prompt.value,
  60                     'type' : 'temp',
  61                     'agent' : 'staffclient'
  62                 };
  63
  64                 if (data.ws_info[ this.view.server_prompt.value ]) {
  65                     params.type = this.login_type;
  66                     params.workstation = data.ws_info[ this.view.server_prompt.value ].name;
  67                     data.ws_name = params.workstation; data.stash('ws_name');
  68                 }
  69
  70                 var robj;
  71                 if (init) {
  72                     params['password'] = hex_md5(
  73                         init +
  74                         hex_md5(
  75                             this.view.password_prompt.value
  76                         )
  77                     );
  78                     robj = this.network.simple_request( 'AUTH_COMPLETE', [ params ]);
  79                 } else if (auth_proxy_enabled) { // safety double-check
  80                     params['password'] = this.view.password_prompt.value;
  81                     robj = this.network.simple_request( 'AUTH_PROXY_LOGIN', [ params ] );
  82                 }
  83
  84                 switch (Number(robj.ilsevent)) {
  85                     case 0:
  86                         this.key = robj.payload.authtoken;
  87                         this.authtime = robj.payload.authtime;
  88                     break;
  89                     case 1520 /* WORKSTATION_NOT_FOUND */:
  90                         alert(document.getElementById('authStrings').getFormattedString('staff.auth.session.unregistered', [params.workstation]));
  91                         delete(params.workstation);
  92                         delete(data.ws_info[ this.view.server_prompt.value ]);
  93                         data.stash('ws_info');
  94                         data.ws_name = null; data.stash('ws_name');
  95                         params.type = 'temp';
  96                         // We need to get a new seed
  97                         init = this.network.request(
  98                             api.AUTH_INIT.app,
  99                             api.AUTH_INIT.method,
 100                             [ this.view.name_prompt.value ]
 101                         );
 102                         if(init) {
 103                             params.password = hex_md5(init + hex_md5( this.view.password_prompt.value ));
 104                         }
 105                         robj = this.network.simple_request('AUTH_COMPLETE',[ params ]);
 106                         if (robj.ilsevent == 0) {
 107                             this.key = robj.payload.authtoken;
 108                             this.authtime = robj.payload.authtime;
 109                         } else {
 110                             //this.error.standard_unexpected_error_alert('auth.session.init',robj);
 111                             throw(robj);
 112                         }
 113                     break;
 114                     default:
 115                     //obj.error.standard_unexpected_error_alert('auth.session.init',robj);
 116                     throw(robj);
 117                     break;
 118                 }
 119
 120                 this.error.sdump('D_AUTH','auth.session.key = ' + this.key + '\n');
 121
 122                 if (typeof this.on_init == 'function') {
 123                     this.error.sdump('D_AUTH','auth.session.on_init()\n');
 124                     this.on_init();
 125                 }
 126
 127             } else {
 128
 129                 var error = document.getElementById('authStrings').getString('staff.auth.session.init_false') + '\n';
 130                 this.error.sdump('D_ERROR',error);
 131                 throw(error);
 132             }
 133
 134         } catch(E) {
 135             alert(document.getElementById('authStrings').getString('staff.auth.session.login_failed'));
 136             //obj.error.standard_unexpected_error_alert('Error on auth.session.init()',E);
 137
 138             if (typeof this.on_init_error == 'function') {
 139                 this.error.sdump('D_AUTH','auth.session.on_init_error()\n');
 140                 this.on_init_error(E);
 141             }
 142             if (typeof this.on_error == 'function') {
 143                 this.error.sdump('D_AUTH','auth.session.on_error()\n');
 144                 this.on_error();
 145             }
 146
 147             //throw(E);
 148             /* This was for testing
 149             if (typeof this.on_init == 'function') {
 150                 this.error.sdump('D_AUTH','auth.session.on_init() despite error\n');
 151                 this.on_init();
 152             }
 153             */
 154         }
 155     },
 156
 157     'close' : function () {
 158         var obj = this;
 159         obj.error.sdump('D_AUTH','auth.session.close()\n');
 160         try {
 161             netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
 162             Components.classes["@mozilla.org/cookiemanager;1"]
 163                 .getService(Components.interfaces.nsICookieManager).removeAll();
 164         } catch(E) {
 165             dump('Error in auth/session.js, close(): ' + E + '\n');
 166         }
 167         if (obj.key) obj.network.request(
 168             api.AUTH_DELETE.app,
 169             api.AUTH_DELETE.method,
 170             [ obj.key ],
 171             function(req) {}
 172         );
 173         obj.key = null;
 174         if (typeof obj.on_close == 'function') {
 175             obj.error.sdump('D_AUTH','auth.session.on_close()\n');
 176             obj.on_close();
 177         }
 178     }
 179
 180 }
 181
 182 dump('exiting auth/session.js\n');