1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
|
-- Logon / Logoff model functions
module (..., package.seeall)
require ("session")
require ("html")
require ("fs")
require ("roles")
--varibles for time in case of logons,expired,lockouts
-- load an authenticator
-- FIXME: use an "always true" as default?
local auth
if authenticator then
auth = require ("authenticator-" .. conf.authenticator)
else
auth = require ("authenticator-plaintext")
end
logon = function (self, id_user, password_user,sessdata )
local userid=cfe({ name="userid",label="User id", type="text" })
local password=cfe({ name="password" ,label="Password", type="passwd"})
local logon=cfe({ name="Logon", label="Logon", value="Logon", type="submit"})
local s = ""
local csess = session.check_session(conf.sessiondir, sessdata)
if csess ~= "an unknown user" then
session.unlink_session(conf.sessiondir, sessdata)
for a,b in pairs(sessiondata) do
if a ~= "menu" then
sessiondata[a] = nil
end
end
sessiondata.id = session.random_hash(512)
build_menus(self)
end
local counteven = session.count_events(conf.sessiondir, id_user, session.hash_ip_addr(ENV["REMOTE_ADDR"]))
if counteven then
userid.errtxt="Information not recognized"
return (cfe {type="form",
option={script=ENV["SCRIPT_NAME"],
prefix=self.conf.prefix,
controller=self.conf.controller,
action="logon" },
value={userid,password,logon},testme={counteven}
})
end
session.expired_events(conf.sessiondir)
if id_user and password_user then
local password_user_md5 = fs.md5sum_string(password_user)
if auth.authenticate (self, id_user, password_user_md5) then
local t = auth.get_userinfo (self, id_user)
sessiondata.id = session.random_hash(512)
sessiondata.userinfo = t or {}
sessiondata.userinfo.perm = roles.get_roles_perm(self,auth.get_userinfo_roles(self,id_user))
self.conf.prefix="/acf-util/"
self.conf.action="status"
self.conf.type="redir"
self.conf.controller="logon"
error(self.conf)
else
userid.errtxt = "Information not recognized"
session.record_event(conf.sessiondir, id_user, session.hash_ip_addr(ENV["REMOTE_ADDR"]))
return (cfe {type="form",
option={script=ENV["SCRIPT_NAME"],
prefix=self.conf.prefix,
controller=self.conf.controller,
action="logon" },
value={userid,password,logon},testme={counteven}
})
end
else
return ( cfe{ type="form",
option={script=ENV["SCRIPT_NAME"],
prefix=self.conf.prefix,
controller=self.conf.controller,
action="logon" } ,
value={userid,password,logon},testme={counteven}
})
end
end
-- logged on?
-- record event and ignore the attempt
-- too many attempts for this ip?
-- record event and ignore the attempt
-- too many attempts for this user?
-- record event and ignore the attempt
-- uname/passwd invalid?
-- record event and ignore the attempt
-- All ok?
-- look up their role, issue new session
--this goes through and will return true or false if limit reached
logoff = function (self, sessdata)
-- sessionid invalid?
-- record event, ignore the attempt
-- else
-- unlink session
-- issue new sessionid
--made it so that we get a new sessionid then try to delete it
--need to make the whole sessiondata table go bye bye
delsess = session.unlink_session(conf.sessiondir, sessdata)
if delsess == true then
logoff = "Successful"
else
logoff = "Incomplete or Unsuccessful logoff"
end
for a,b in pairs(sessiondata) do
if a ~= "menu" then
sessiondata[a] = nil
end
end
sessiondata.id = session.random_hash(512)
build_menus(self)
return ( cfe{ {value=logoff,name="logoff"},{value=sessiondata,name="sessiondata"} })
end
status = function(self, sessdata)
sessid = sessdata
checkme = session.check_session(self.conf.sessiondir,sessdata)
return ( cfe { checkme={value=checkme,name="checkme"}, sessid={value=sessid,name="sessid" } })
end
|
