4b560b05e4f9019e99b3fc102273b5942f855fcb
[working/Evergreen.git] / Open-ILS / xul / staff_client / chrome / content / auth / session.js
1 dump('entering auth/session.js\n');
2 // vim:sw=4:ts=4:noet:
3
4 if (typeof auth == 'undefined') auth = {};
5 auth.session = function (view,login_type) {
6
7     JSAN.use('util.error'); this.error = new util.error();
8     JSAN.use('util.network'); this.network = new util.network();
9     this.view = view;
10     this.login_type = login_type || 'staff';
11
12     return this;
13 };
14
15 auth.session.prototype = {
16
17     'init' : function () {
18
19         var obj = this;
20
21         /* This request is done manually in a try block to allow it to fail
22          * silently if auth_proxy is not even running.  TODO: Move this check
23          * to a module which should be always running, perhaps 'auth'.
24          */
25         var auth_proxy_enabled = false;
26         try {
27             var request = new RemoteRequest( api.AUTH_PROXY_ENABLED.app, api.AUTH_PROXY_ENABLED.method );
28             request.send(true);
29             request.setSecure(true);
30             if (request.getResultObject() == 1) {
31                 auth_proxy_enabled = true;
32             }
33         } catch(E) {
34         }
35
36         try {
37             if (!auth_proxy_enabled) {
38                 var init = this.network.request(
39                     api.AUTH_INIT.app,
40                     api.AUTH_INIT.method,
41                     [ this.view.name_prompt.value ]
42                 );
43             }
44
45             if (init || auth_proxy_enabled) {
46                 if (xulG._data) { delete xulG._data; } // quick kludge; we were re-using a poisoned OpenILS.data (from ws_info.xul?) where js2JSON (and maybe other stuff) does not exist
47                 JSAN.use('OpenILS.data'); var data = new OpenILS.data(); data.stash_retrieve();
48
49                 var params = { 
50                     'username' : this.view.name_prompt.value,
51                     'type' : 'temp',
52                     'agent' : 'staffclient'
53                 };
54
55                 if (data.ws_info[ this.view.server_prompt.value ]) {
56                     params.type = this.login_type;
57                     params.workstation = data.ws_info[ this.view.server_prompt.value ].name;
58                     data.ws_name = params.workstation; data.stash('ws_name');
59                 }
60
61                 var robj;
62                 if (init) {
63                     params['password'] = hex_md5(
64                         init +
65                         hex_md5(
66                             this.view.password_prompt.value
67                         )
68                     );
69                     robj = this.network.simple_request( 'AUTH_COMPLETE', [ params ]);
70                 } else if (auth_proxy_enabled) { // safety double-check
71                     params['password'] = this.view.password_prompt.value;
72                     robj = this.network.simple_request( 'AUTH_PROXY_LOGIN', [ params ] );
73                 }
74
75                 switch (Number(robj.ilsevent)) {
76                     case 0:
77                         this.key = robj.payload.authtoken;
78                         this.authtime = robj.payload.authtime;
79                     break;
80                     case 1520 /* WORKSTATION_NOT_FOUND */:
81                         alert(document.getElementById('authStrings').getFormattedString('staff.auth.session.unregistered', [params.workstation]));
82                         delete(params.workstation);
83                         delete(data.ws_info[ this.view.server_prompt.value ]);
84                         data.stash('ws_info');
85                         data.ws_name = null; data.stash('ws_name');
86                         params.type = 'temp';
87                         // We need to get a new seed
88                         init = this.network.request(
89                             api.AUTH_INIT.app,
90                             api.AUTH_INIT.method,
91                             [ this.view.name_prompt.value ]
92                         );
93                         if(init) {
94                             params.password = hex_md5(init + hex_md5( this.view.password_prompt.value ));
95                         }
96                         robj = this.network.simple_request('AUTH_COMPLETE',[ params ]);
97                         if (robj.ilsevent == 0) {
98                             this.key = robj.payload.authtoken;
99                             this.authtime = robj.payload.authtime;
100                         } else {
101                             //this.error.standard_unexpected_error_alert('auth.session.init',robj);
102                             throw(robj);
103                         }
104                     break;
105                     default:
106                     //obj.error.standard_unexpected_error_alert('auth.session.init',robj);
107                     throw(robj);
108                     break;
109                 }
110
111                 this.error.sdump('D_AUTH','auth.session.key = ' + this.key + '\n');
112
113                 if (typeof this.on_init == 'function') {
114                     this.error.sdump('D_AUTH','auth.session.on_init()\n');
115                     this.on_init();
116                 }
117
118             } else {
119
120                 var error = document.getElementById('authStrings').getString('staff.auth.session.init_false') + '\n';
121                 this.error.sdump('D_ERROR',error);
122                 throw(error);
123             }
124
125         } catch(E) {
126             alert(document.getElementById('authStrings').getString('staff.auth.session.login_failed'));
127             //obj.error.standard_unexpected_error_alert('Error on auth.session.init()',E); 
128
129             if (typeof this.on_init_error == 'function') {
130                 this.error.sdump('D_AUTH','auth.session.on_init_error()\n');
131                 this.on_init_error(E);
132             }
133             if (typeof this.on_error == 'function') {
134                 this.error.sdump('D_AUTH','auth.session.on_error()\n');
135                 this.on_error();
136             }
137
138             //throw(E);
139             /* This was for testing
140             if (typeof this.on_init == 'function') {
141                 this.error.sdump('D_AUTH','auth.session.on_init() despite error\n');
142                 this.on_init();
143             }
144             */
145         }
146     },
147
148     'close' : function () { 
149         var obj = this;
150         obj.error.sdump('D_AUTH','auth.session.close()\n'); 
151         try {
152             netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
153             Components.classes["@mozilla.org/cookiemanager;1"]
154                 .getService(Components.interfaces.nsICookieManager).removeAll();
155         } catch(E) {
156             dump('Error in auth/session.js, close(): ' + E + '\n');
157         }
158         if (obj.key) obj.network.request(
159             api.AUTH_DELETE.app,
160             api.AUTH_DELETE.method,
161             [ obj.key ],
162             function(req) {}
163         );
164         obj.key = null;
165         if (typeof obj.on_close == 'function') {
166             obj.error.sdump('D_AUTH','auth.session.on_close()\n');
167             obj.on_close();
168         }
169     }
170
171 }
172
173 dump('exiting auth/session.js\n');