-my %cookies = CGI::Cookie->fetch;
-
-my $login_rv;
-
-if ( exists($cookies{'session'}) ) {
-
- $session_id = $cookies{'session'}->value;
-
- if ( $session_id eq 'login' ) {
- # then we've just come back from the login page
-
- $cgi->param('password') =~ /^(.{0,$form_max})$/;
- my $password = $1;
-
- if ( $cgi->param('email') =~ /^\s*([a-z0-9_\-\.\@]{1,$form_max})\s*$/i ) {
-
- my $email = $1;
- $login_rv = login(
- 'email' => $email,
- 'password' => $password
- );
- $session_id = $login_rv->{'session_id'};
-
- } else {
-
- $cgi->param('username') =~ /^\s*([a-z0-9_\-\.\&]{0,$form_max})\s*$/i;
- my $username = $1;
-
- $cgi->param('domain') =~ /^\s*([\w\-\.]{0,$form_max})\s*$/;
- my $domain = $1;
-
- if ( $username and $domain and $password ) {
-
- # authenticate
- $login_rv = login(
- 'username' => $username,
- 'domain' => $domain,
- 'password' => $password,
- );
- $session_id = $login_rv->{'session_id'};
-
- } elsif ( $username or $domain or $password ) {
-
- my $error = 'Illegal '; #XXX localization...
- my $count = 0;
- if ( !$username ) {
- $error .= 'username';
- $count++;
- }
- if ( !$domain ) {
- $error .= ', ' if $count;
- $error .= 'domain';
- $count++;
- }
- if ( !$password ) {
- $error .= ', ' if $count;
- $error .= 'and ' if $count > 1;
- $error .= 'password';
- $count++;
- }
- $error .= '.';
- $login_rv = {
- 'username' => $username,
- 'domain' => $domain,
- 'password' => $password,
- 'error' => $error,
- };
- $session_id = undef; # attempt login again
-
- }
-
- } # else there was no input, so show no error message
-
- } # else session_id ne 'login'
-
-} else {
- # there is no session cookie
- $login_rv = {};
-}
-
-if ( !$session_id ) {
- # XXX why are we getting agentnum from a CGI param? surely it should
- # be some kind of configuration option.
- #
- # show the login page
- $session_id = 'login'; # set state
- my $login_info = login_info( 'agentnum' => scalar($cgi->param('agentnum')) );
-
- do_template('login', { %$login_rv, %$login_info });
- exit;
-}
-
-# at this point $session_id is a real session