diff options
| author | Ivan Kohler <ivan@freeside.biz> | 2013-04-05 01:03:44 -0700 |
|---|---|---|
| committer | Ivan Kohler <ivan@freeside.biz> | 2013-04-05 01:03:44 -0700 |
| commit | 3ff1fb4e10fdaef86527c10bd416e988d2a62a49 (patch) | |
| tree | 114c4e41e06749796283bf475b6fcf1c23171fb4 /httemplate/loginout | |
| parent | b70a4b7f41c84aefd7f273974db59e5c37fc368b (diff) | |
login/login pages and cookie/session-based auth
Diffstat (limited to 'httemplate/loginout')
| -rw-r--r-- | httemplate/loginout/login.html | 68 | ||||
| -rw-r--r-- | httemplate/loginout/logout.html | 28 |
2 files changed, 78 insertions, 18 deletions
diff --git a/httemplate/loginout/login.html b/httemplate/loginout/login.html new file mode 100644 index 000000000..e5b45893b --- /dev/null +++ b/httemplate/loginout/login.html @@ -0,0 +1,68 @@ +<& /elements/header-minimal.html, 'Login' &> +<link href="<%$url_string%>elements/freeside.css" type="text/css" rel="stylesheet"> + +<CENTER> + + <BR> + <FONT SIZE=5>Login</FONT> + <BR><BR> + +% if ( $error ) { + <FONT SIZE="+1" COLOR="#ff0000"><% $error |h %></FONT> + <BR><BR> +% } + +%# <FORM METHOD="POST" ACTION="<%$url_string%>loginout/login"> + <FORM METHOD="POST" ACTION="/login"> + <INPUT TYPE="hidden" NAME="destination" VALUE="<% $r->prev->uri %>"> + + <TABLE CELLSPACING=0 CELLPADDING=4 BGCOLOR="#cccccc"> + <TR> + <TD ALIGN="right">Username: </TD> + <TD><INPUT TYPE="text" NAME="credential_0" SIZE="13"></TD> + </TR> + <TR> + <TD ALIGN="right">Password: </TD> + <TD><INPUT TYPE="password" NAME="credential_1" SIZE="13"></TD> + </TR> + </TABLE> + <BR> + + <INPUT TYPE="submit" VALUE="Login"> + + </FORM> + +</CENTER> + +</BODY></HTML> +<%init> + +my %error = ( + 'no_cookie' => '', #First login, don't display an error + 'bad_cookie' => 'Bad Cookie', #timed out? server reboot? + 'bad_credentials' => 'Incorrect username / password', + 'logout' => 'You have been logged out.', +); + +my $url_string = CGI->new->url; + +my $error = $cgi->param('logout') || $r->prev->subprocess_env("AuthCookieReason"); +$error = exists($error{$error}) ? $error{$error} : $error; + +#fake a freeside path for /login so we get our .css. shrug +$url_string =~ s/login$/freeside\/login/ unless $url_string =~ /freeside\//; + +#even though this is kludgy and false laziness w/CGI.pm + $url_string =~ s{ / index\.html /? $ } + {/}x; + $url_string =~ + s{ + /(login|loginout) + ([\w\-\.\/]*) + $ + } + {}ix; + + $url_string .= '/' unless $url_string =~ /\/$/; + +</%init> diff --git a/httemplate/loginout/logout.html b/httemplate/loginout/logout.html index d8e1c634a..33b87feb0 100644 --- a/httemplate/loginout/logout.html +++ b/httemplate/loginout/logout.html @@ -1,18 +1,10 @@ -<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> -<HTML> - <HEAD> - <TITLE> - Logout page - </TITLE> - </HEAD> - <BODY> - <BR><BR> - <CENTER> - You have logged out. - </CENTER> - <BR><BR> - <CENTER> - You can <a href="..">log in</a> again. - </CENTER> - </BODY> -</HTML> +<% $cgi->redirect($fsurl.'?logout=logout') %> +<%init> + +my $auth_type = $r->auth_type; + +# Delete the cookie, etc. +$auth_type->logout($r); +#XXX etc: should delete the server-side session + +</%init> |