my $U = 'OpenILS::Application::AppUtils';
my $kpac_config;
+use constant COOKIE_SES => 'ses';
+use constant COOKIE_LOGGEDIN => 'eg_loggedin';
+
# -----------------------------------------------------------------------------
# Override our parent's load() sub so we can do kpac-specific path routing.
# -----------------------------------------------------------------------------
# ----------------------------------------------------------------
return $self->redirect_ssl unless $self->cgi->https;
- return $self->load_getit_results if $path =~ m|kpac/getit_results|;
- return $self->load_getit if $path =~ m|kpac/getit|;
+ if ($path =~ m|kpac/login|) {
+ return $self->load_login unless $self->editor->requestor; # already logged in?
+
+ # This will be less confusing to users than to be shown a login form
+ # when they're already logged in.
+
+ return $self->generic_redirect($self->ctx->{home_page});
+ }
# ----------------------------------------------------------------
# Everything below here requires authentication
# ----------------------------------------------------------------
- return $self->redirect_auth unless $self->editor->requestor;
+ if (!$self->editor->requestor) {
+ my $tpac_root = $self->ctx->{opac_root};
+ $self->ctx->{opac_root} = $self->ctx->{kpac_root};
+
+ my $login = $self->redirect_auth;
+ $self->ctx->{opac_root} = $tpac_root;
+
+ return $login;
+ }
+
+ return $self->load_getit_results if $path =~ m|kpac/getit_results|;
+ return $self->load_getit if $path =~ m|kpac/getit|;
# AUTH pages
$self->ctx->{page} = 'getit'; # repair the page
+ # If we have a default pickup location, grab it
+ my $user_setting_map = $ctx->{user_setting_map};
+ if ($$user_setting_map{'opac.default_pickup_location'}) {
+ $ctx->{default_pickup_lib} = $$user_setting_map{'opac.default_pickup_location'};
+ }
+
return $self->save_item_to_bookbag($rec_id, $bbag_id) if $action eq 'save';
return $self->login_and_place_hold($rec_id) if $action eq 'hold';
return Apache2::Const::OK;
}
+
sub load_kpac_config {
my $self = shift;
my $ctx = $self->ctx;
}
+# -----------------------------------------------------------------------------
+# Log in and redirect to the redirect_to URL (or home)
+# -----------------------------------------------------------------------------
+sub load_kpac_login {
+ my $self = shift;
+ my $cgi = $self->cgi;
+ my $ctx = $self->ctx;
+
+ $self->timelog("Load login begins");
+
+ $ctx->{page} = 'login';
+
+ my $username = $cgi->param('username');
+ $username =~ s/\s//g; # Remove blanks
+ my $password = $cgi->param('password');
+ my $org_unit = $ctx->{physical_loc} || $ctx->{aou_tree}->()->id;
+ my $persist = $cgi->param('persist');
+
+ # initial log form only
+ return Apache2::Const::OK unless $username and $password;
+
+ my $auth_proxy_enabled = 0; # default false
+ try { # if the service is not running, just let this fail silently
+ $auth_proxy_enabled = $U->simplereq(
+ 'open-ils.auth_proxy',
+ 'open-ils.auth_proxy.enabled');
+ } catch Error with {};
+
+ $self->timelog("Checked for auth proxy: $auth_proxy_enabled; org = $org_unit; username = $username");
+
+ my $args = {
+ type => ($persist) ? 'persist' : 'opac',
+ org => $org_unit,
+ agent => 'opac'
+ };
+
+ my $bc_regex = $ctx->{get_org_setting}->($org_unit, 'opac.barcode_regex');
+
+ # To avoid surprises, default to "Barcodes start with digits"
+ $bc_regex = '^\d' unless $bc_regex;
+
+ if ($bc_regex and ($username =~ /$bc_regex/)) {
+ $args->{barcode} = $username;
+ } else {
+ $args->{username} = $username;
+ }
+
+ my $response;
+ if (!$auth_proxy_enabled) {
+ my $seed = $U->simplereq(
+ 'open-ils.auth',
+ 'open-ils.auth.authenticate.init', $username);
+ $args->{password} = md5_hex($seed . md5_hex($password));
+ $response = $U->simplereq(
+ 'open-ils.auth', 'open-ils.auth.authenticate.complete', $args);
+ } else {
+ $args->{password} = $password;
+ $response = $U->simplereq(
+ 'open-ils.auth_proxy',
+ 'open-ils.auth_proxy.login', $args);
+ }
+ $self->timelog("Checked password");
+
+ if($U->event_code($response)) {
+ # login failed, report the reason to the template
+ $ctx->{login_failed_event} = $response;
+ return Apache2::Const::OK;
+ }
+
+ # login succeeded, redirect as necessary
+
+ my $acct = $self->apache->unparsed_uri;
+ $acct =~ s|/login|/home|; ### /myopac/main
+
+ # both login-related cookies should expire at the same time
+ my $login_cookie_expires = ($persist) ? CORE::time + $response->{payload}->{authtime} : undef;
+
+ return $self->generic_redirect(
+ $cgi->param('redirect_to') || $acct,
+ [
+ # contains the actual auth token and should be sent only over https
+ $cgi->cookie(
+ -name => COOKIE_SES,
+ -path => '/',
+ -secure => 1,
+ -value => $response->{payload}->{authtoken},
+ -expires => $login_cookie_expires
+ ),
+ # contains only a hint that we are logged in, and is used to
+ # trigger a redirect to https
+ $cgi->cookie(
+ -name => COOKIE_LOGGEDIN,
+ -path => '/',
+ -secure => 0,
+ -value => '1',
+ -expires => $login_cookie_expires
+ )
+ ]
+ );
+}
+# -----------------------------------------------------------------------------
+# Log out and redirect to the home page
+# -----------------------------------------------------------------------------
+sub load_logout {
+ my $self = shift;
+ my $redirect_to = shift || $self->cgi->param('redirect_to');
+
+ # If the user was adding anyting to an anonymous cache
+ # while logged in, go ahead and clear it out.
+ $self->clear_anon_cache;
+
+ return $self->generic_redirect(
+ $redirect_to || $self->ctx->{home_page},
+ [
+ # clear value of and expire both of these login-related cookies
+ $self->cgi->cookie(
+ -name => COOKIE_SES,
+ -path => '/',
+ -value => '',
+ -expires => '-1h'
+ ),
+ $self->cgi->cookie(
+ -name => COOKIE_LOGGEDIN,
+ -path => '/',
+ -value => '',
+ -expires => '-1h'
+ )
+ ]
+ );
+}
+
+
1;
--- /dev/null
+[% IF ctx.login_failed_event %]
+<div id='login-failed-message' style="color:#F00;font-size:20px;">
+[%
+ IF ctx.login_failed_event.textcode == 'PATRON_CARD_INACTIVE';
+ l("The barcode used to login is marked as inactive. Please contact your local library.");
+ ELSIF ctx.login_failed_event.textcode == 'PATRON_INACTIVE';
+ l("This account has been deactivated. Please contact your local library.");
+ ELSE;
+ l("Login failed. The username or password provided was not valid. " _
+ "Passwords are case-sensitive. Check your Caps-Lock key and try again or contact your local library.");
+ END;
+%]
+</div>
+[% END %]
+<div class="checkout_options">
+ <table cellpadding="0" cellspacing="0" border="0">
+ <tr>
+ <td valign="top" class="left_brain_cell">
+ <div class="left_brain">
+
+ [% WRAPPER 'kpac/parts/help_popups.tt2' popup_id='card_help' %]
+ <img src="[% ctx.media_prefix %]/images/kpac/library_card.png" alt="[% l('library card') %]" /></div></td>
+ [% END %]
+ [% WRAPPER 'kpac/parts/help_popups.tt2' popup_id='password_help' %]
+ <p>[% l('Enter your password') %]</p>
+ [% END %]
+
+ <div class="top_side">
+ <h2>[% l('login') %]</h2>
+ </div>
+
+ <form method='POST'><!-- login -->
+
+ <div class="checkout_box">
+ <div class="box1_top"> </div>
+ <div class="box_inside">
+
+ [% IF !ctx.user %]
+ [% seed = l(' Enter Numbers... ') %]
+ <p>[% l('Library Card Number:') %]</p>
+ <div class="input_box">
+ <input name="username" tabindex="1" type="text" class="text_box" style="color:#aaa;" value="[% seed %]"
+ onfocus="if(this.value=='[% seed %]'){this.value='';this.style.color='#424242';}"
+ onblur="if(this.value==''){this.value='[% seed %]'; this.style.color='#aaa';}" />
+ </div>
+ <a class="help_btn" href="javascript:;"
+ onclick="helpPopup('card_help', this, event);"><img
+ src="[% ctx.media_prefix %]/images/kpac/question_mark.png" alt="[% l('pin number help') %]" /></a>
+
+ <div class="clear"> </div>
+ <div class="hr"> </div>
+
+ <p>[% l('Password') %]</p>
+ <div class="input_box">
+ <input name="password" tabindex="2" type="password" class="text_box" style="color:#aaa;" value="[% seed %]"
+ onfocus="if(this.value=='[% seed %]'){this.value='';this.style.color='#424242';}"
+ onblur="if(this.value==''){this.value='[% seed %]'; this.style.color='#aaa';}" />
+ </div>
+
+ <a class="help_btn" href="javascript:;"
+ onclick="helpPopup('password_help', this, event);"><img
+ src="[% ctx.media_prefix %]/images/kpac/question_mark.png" alt="[% l('password help') %]" /></a>
+
+ <div class="clear"> </div>
+ <div class="hr"> </div>
+ [% END %]
+
+ </div>
+ </div>
+ </div>
+
+ <div class="submit_btn">
+ <input type='hidden' name='action' value='hold'/>
+ <input type='image' src="[% ctx.media_prefix %]/images/kpac/review_submit_btn.png" alt="[% l('Submit') %]"/>
+ </div>
+
+ <div id='login-form-box' class='login_boxes left_brain' style='float:left'>
+ [%
+ # If no redirect is offered or it's leading us back to the
+ # login form, redirect the user to My Account
+ redirect = CGI.param('redirect_to') || ctx.referer;
+ IF !redirect OR redirect.match(ctx.path_info _ '$');
+ redirect = CGI.url('-full' => 1) _ '/kpac/home';
+ END;
+ redirect = redirect | replace('^http:', 'https:');
+ %]
+ <input type='hidden' name='redirect_to' value='[% redirect %]'/>
+ </div><!-- checkout box -->
+ </form><!-- login -->
+ </div><!-- left brain -->
+ </td><!-- left brain cell -->
+ </tr>
+ </table>
+</div>
projects / working / Evergreen.git / commitdiff