diff options
Diffstat (limited to 'app/acf-util')
-rw-r--r-- | app/acf-util/logon-controller.lua | 60 | ||||
-rw-r--r-- | app/acf-util/logon-html.lsp | 19 | ||||
-rw-r--r-- | app/acf-util/logon-model.lua | 61 |
3 files changed, 140 insertions, 0 deletions
diff --git a/app/acf-util/logon-controller.lua b/app/acf-util/logon-controller.lua new file mode 100644 index 0000000..8359c18 --- /dev/null +++ b/app/acf-util/logon-controller.lua @@ -0,0 +1,60 @@ +-- Logon / Logoff functions + +module (..., package.seeall) + +require ("session") + +mvc.on_load = function(self, parent) + -- If they specify an invalid action or try to run init, then redirect + -- to the read function. + if ( self.conf.action == nil or self.conf.action == "init" ) then + -- do what? + end + +end + + +logon = function(self) + + local username=cfe({ name="username" }) + local password=cfe({ name="password" }) + local logon=cfe({ name="Logon", type="submit"}) + local s = "" + + if self.clientdata.username and self.clientdata.password then + if self.model.logon(self, self.clientdata.username, self.clientdata.password) == false then + username.value = self.clientdata.username + if self.session.id then + username.errtxt = "You are already logged in. Logout first." + else + username.errtxt = "There was a problem logging in" + end + else + self.conf.controller = "" + self.conf.action = "" + self.conf.prefix = "" + self.conf.type = "redir" + error(self.conf) + end + end + -- If we reach this point, just give them the login page + return ( cfe ({type="form", + option={ script=ENV["SCRIPT_NAME"], + prefix=self.conf.prefix, + controller = self.conf.controller, + action = "logon" }, + value = { username, password, logon } })) +end + + +logout = function(self) + self.model.logout(self, session.id) + + + -- and raise an error to go to the homepage + self.conf.action = "" + self.conf.prefix = "" + self.conf.controller = "" + self.conf.type = "redir" + error(self.conf) +end diff --git a/app/acf-util/logon-html.lsp b/app/acf-util/logon-html.lsp new file mode 100644 index 0000000..cdac2bf --- /dev/null +++ b/app/acf-util/logon-html.lsp @@ -0,0 +1,19 @@ +<? local form = ... ?> +<h1>Logon</h1> + +<form action="<?= form.option.script .. form.option.prefix .. + form.option.controller .. "/" .. form.option.action ?>" method="POST"> +<table> +<? local myform = form.value + for k,v in pairs(myform) do ?> +<tr><td><?= v.name ?></td><td> +<? if v.type == "submit" then ?> + <input type="submit" name="<?= v.name ?>" value="Logon"> +<? else ?> + <input type="text" name="<?= v.name ?>"> + <font color=red><?= v.errtxt ?></font> +<? end ?> +</td></tr> +<? end ?> +</table> +</form> diff --git a/app/acf-util/logon-model.lua b/app/acf-util/logon-model.lua new file mode 100644 index 0000000..dbd8522 --- /dev/null +++ b/app/acf-util/logon-model.lua @@ -0,0 +1,61 @@ +-- Logon / Logoff model functions + +module (..., package.seeall) + +local sess = require ("session") + +local pvt = {} + + +-- return a sessionid if username / password is valid, false +-- /etc/acf/passwd should be lines of userid:passwd:user name:role1[,role2[,role3]] +pvt.logon = function (self, id, passwd ) + -- if we already have sessionid... then you are already logged in + if self.session.id then + return false + end + + id = id or "" + passwd = passwd or "" + + -- open our hokey password file, + local f = io.open(self.conf.confdir .. "/passwd" ) + if f then + m = f:read("*all") .. "\n" + f:close() + + for l in string.gmatch(m, "(%C*)\n") do + local userid, password, username, roles = + string.match(l, "([^:]*):([^:]*):([^:]*):(.*)") + if userid == id and password == passwd then + self.session.id = sess.random_hash(512) + self.session.name = username + self.session.roles = roles + break + end + end + end + if self.session.id then + local x = require("session") + x.save_session(self.conf.sessiondir, self.session.id, self.session) + x=nil + return self.session.id + else + return false + end +end + +-- invalidate the session, or return false if the session wasn't valid +pvt.logout = function (self, sessionid) + + sess.invalidate_session ( self.conf.sessiondir, sessionid) + self.session = {} + +end + +------------------------------------------------------------------------- +-- Public Methods +------------------------------------------------------------------------- + +logon = pvt.logon +logout = pvt.logout |