1 files changed, 42 insertions, 96 deletions
diff --git a/app/acf-util/logon-model.lua b/app/acf-util/logon-model.lua
index 33ffd56..cd840f7 100644
--- a/app/acf-util/logon-model.lua
+++ b/app/acf-util/logon-model.lua
@@ -19,113 +19,59 @@ else
 	auth = require ("authenticator-plaintext")
 end
 
-logon = function (self, id_user, password_user,sessdata )
-local userid=cfe({ name="userid",label="User id", type="text" })
-local password=cfe({ name="password" ,label="Password", type="passwd"})
-local logon=cfe({ name="Logon", label="Logon", value="Logon", type="submit"})
-local s = ""
+-- Logoff the user by deleting session data
+logoff = function (sessiondir, sessiondata)
+	-- Unlink / delete the current session
+	local result = session.unlink_session(sessiondir, sessiondata.id)
+	-- Clear the current session data
+	for a,b in pairs(sessiondata) do
+		sessiondata[a] = nil
+	end
 
-local csess = session.check_session(conf.sessiondir, sessdata)
-if csess ~= "an unknown user" then
-session.unlink_session(conf.sessiondir, sessdata)
-for a,b in pairs(sessiondata) do 
-if a ~= "menu" then
-sessiondata[a] = nil
-end
+	return (result)
 end
-sessiondata.id = session.random_hash(512)
-build_menus(self)
-end
-
-local counteven = session.count_events(conf.sessiondir, id_user, session.hash_ip_addr(ENV["REMOTE_ADDR"]))
 
-if counteven then
-userid.errtxt="Information not recognized"
-return (cfe {type="form",
-	option={script=ENV["SCRIPT_NAME"],
-	prefix=self.conf.prefix,
-	controller=self.conf.controller,
-	action="logon" },
-	value={userid,password,logon},testme={counteven}
-	})
-end
+-- Log on new user if possible and set up userinfo in session
+-- if we fail, we leave the session alone (don't log out)
+logon = function (self, clientdata, ip_addr, sessiondir, sessiondata)
+	-- Check to see if we can login this user id / ip addr
+	local countevent = session.count_events(sessiondir, clientdata.userid, session.hash_ip_addr(ip_addr))
+	if countevent then
+		session.record_event(sessiondir, clientdata.userid, session.hash_ip_addr(ip_addr))
+		return (false)
+	end
 
-session.expired_events(conf.sessiondir)
-	if id_user and password_user then
-	local password_user_md5 = fs.md5sum_string(password_user)
-		if auth.authenticate (self, id_user, password_user_md5)  then
-			local t = auth.get_userinfo (self, id_user)
+	if clientdata.userid and clientdata.password then
+		local password_user_md5 = fs.md5sum_string(clientdata.password)
+		if auth.authenticate (self, clientdata.userid, password_user_md5) then
+			-- We have a successful login, change sessiondata
+			-- for some reason, can't call this function or it skips rest of logon
+			-- logout(sessiondir, sessiondata)
+			---[[ so, do this instead
+			session.unlink_session(sessiondir, sessiondata.id)
+			-- Clear the current session data
+			for a,b in pairs(sessiondata) do
+				if a ~= "id" then sessiondata[a] = nil end
+			end
+			--]]
 			sessiondata.id = session.random_hash(512)
+			local t = auth.get_userinfo (self, clientdata.userid)
 			sessiondata.userinfo = t or {}
-			sessiondata.userinfo.perm = roles.get_roles_perm(self,auth.get_userinfo_roles(self,id_user))
-			self.conf.prefix="/acf-util/"
-			self.conf.action="status"
-			self.conf.type="redir"
-			self.conf.controller="logon"
-			error(self.conf)
+			return (true)
 		else
-		userid.errtxt = "Information not recognized"
-		session.record_event(conf.sessiondir, id_user, session.hash_ip_addr(ENV["REMOTE_ADDR"]))
-	return (cfe {type="form",
-		option={script=ENV["SCRIPT_NAME"],
-		prefix=self.conf.prefix,
-		controller=self.conf.controller,
-		action="logon" },
-		value={userid,password,logon},testme={counteven} 
-		})
+			-- We have a bad login, log the event
+			session.record_event(sessiondir, clientdata.userid, session.hash_ip_addr(ip_addr))
 		end
-	else
-	return ( cfe{ type="form",
-	option={script=ENV["SCRIPT_NAME"],
-	prefix=self.conf.prefix,
-	controller=self.conf.controller,
-	action="logon" } ,
-	value={userid,password,logon},testme={counteven}
-	})
 	end
+	return (false)
 end
-		
-	-- logged on?
-	--	record event and ignore the attempt
-	-- too many attempts for this ip?
-	--	record event and ignore the attempt
-	-- too many attempts for this user?
-	--	record event and ignore the attempt
-	-- uname/passwd invalid?
-	--	record event and ignore the attempt
-	-- All ok?
-	--	look up their role, issue new session
-	
-	--this goes through and will return true or false if limit reached
 
-logoff = function (self, sessdata)
-	-- sessionid invalid?
-	-- 	record event, ignore the attempt
-	-- else
-	-- 	unlink session
-	--	issue new sessionid
-	
-	--made it so that we get a new sessionid then try to delete it
-	--need to make the whole sessiondata table go bye bye
-	delsess = session.unlink_session(conf.sessiondir, sessdata)
-	if delsess == true then 
-	logoff = "Successful"
-	else
-	logoff = "Incomplete or Unsuccessful logoff"
-	end
-	for a,b in pairs(sessiondata) do
-	if a ~= "menu" then
-	sessiondata[a] = nil
+-- Return the session id and username
+status = function(sessiondata)
+	local name = "unknown"
+	if sessiondata.userinfo and sessiondata.userinfo.username then
+		name = sessiondata.userinfo.username
 	end
-	end
-	sessiondata.id = session.random_hash(512) 
-	build_menus(self)
-	return ( cfe{ {value=logoff,name="logoff"},{value=sessiondata,name="sessiondata"} })
-end
-
-status = function(self, sessdata)
-	sessid = sessdata
-	checkme = session.check_session(self.conf.sessiondir,sessdata)	
-	return ( cfe { checkme={value=checkme,name="checkme"}, sessid={value=sessid,name="sessid" } })	
+	return ( { sessionid = sessiondata.id, username = name } )
 end