r9232: Rename some objects to make code clear.
[ira/wip.git] / swat / login.esp
1 <% page_header("plain", "SWAT Login", "");
2    libinclude("auth.js");
3    include("/scripting/forms.js");
4
5 if (request['SESSION_EXPIRED'] == "True") {
6    write("<b>Your session has expired - please authenticate again<br /></b>\n");
7 }
8
9 var f = FormObj("login", 3, 1);
10 f.element[0].label = "Username";
11 f.element[0].value = form['Username'];
12 f.element[1].label = "Password";
13 f.element[1].value = form['Password'];
14 f.element[1].type  = "password";
15 f.element[2].label = "Domain";
16 f.element[2].type  = "select";
17 f.element[2].list  = getDomainList();
18 f.submit[0] = "Login";
19
20 f.display();
21 %>
22
23 <%
24         if (request.REQUEST_METHOD == "POST") {
25                 var authinfo = new Object();
26                 authinfo.username = form.Username;
27                 authinfo.password = form.Password;
28                 authinfo.domain = form.Domain;
29                 authinfo.rhost = request['REMOTE_HOST'];
30
31                 auth = userAuth(authinfo);
32                 if (auth == undefined) {
33                         write("<b>Invalid login - please try again<br /></b>\n");
34                 } else if (auth.result) {
35                         session.AUTHENTICATED = true;
36                         session.authinfo = new Object();
37
38                         session.authinfo.username = auth.username;
39                         session.authinfo.domain = auth.domain;
40                         session.authinfo.credentials = credentials_init();
41                         session.authinfo.credentials.set_username(authinfo.username);
42                         session.authinfo.credentials.set_domain(authinfo.domain);
43                         session.authinfo.credentials.set_password(authinfo.password);
44                         
45                         /* if the user was asking for the login page, then now
46                            redirect them to the main page. Otherwise just
47                            redirect them to the current page, which will now
48                            show its true content */
49                         if (request.REQUEST_URI == "/login.esp") {
50                            redirect(session_uri("/"));
51                         } else {
52                            redirect(session_uri(request.REQUEST_URI));
53                         }
54                 } else {
55                         write("<b>Login failed - please try again<br /></b>\n");
56                 }
57         }
58 %>
59 <% page_footer(); %>