r26388: Fix up SWAT provision (again...), after changes I made to the

[jra/samba/.git] / swat / login.esp

diff --git a/swat/login.esp b/swat/login.esp
index f66249251182f70ac0b097329a7346ae43b5d82c..9e9f6f99030d8c91c64bb1dc567f93cae9ff5b0e 100644 (file)
--- a/swat/login.esp
+++ b/swat/login.esp
@@ -1,38 +1,59 @@
-<% page_header("plain", "SWAT Login"); %>
-
-<%
+<% page_header("plain", "SWAT Login", "");
+   libinclude("auth.js");
+   include("/scripting/forms.js");
 
 if (request['SESSION_EXPIRED'] == "True") {
-   write("<b>Your session has expired - please authenticate again<br>\n");
+   write("<b>Your session has expired - please authenticate again<br /></b>\n");
 }
 
-var f = FormObj("login", 2, 1);
+var f = FormObj("login", 3, 1);
 f.element[0].label = "Username";
 f.element[0].value = form['Username'];
 f.element[1].label = "Password";
 f.element[1].value = form['Password'];
 f.element[1].type  = "password";
+f.element[2].label = "Domain";
+f.element[2].type  = "select";
+f.element[2].list  = getDomainList();
 f.submit[0] = "Login";
 
-display_form(f);
+f.display();
 %>
 
 <%
        if (request.REQUEST_METHOD == "POST") {
-               /* for now just authenticate everyone */
-               session.AUTHENTICATED = true;
-               session.authinfo = new Object();
+               var creds = credentials_init();
+               creds.set_username(form.Username);
+               creds.set_password(form.Password);
+               creds.set_domain(form.Domain);
+               creds.set_workstation(request['REMOTE_HOST']);
 
-               session.authinfo.username = form.Username;
+               auth = userAuth(creds, request['REMOTE_SOCKET_ADDRESS']);
+               if (auth == undefined) {
+                       write("<b>Invalid login - please try again<br /></b>\n");
+               } else if (auth.result) {
+                       session.AUTHENTICATED = true;
+                       session.authinfo = new Object();
 
-               /* if the user was asking for the login page, then now
-                  redirect them to the main page. Otherwise just
-                  redirect them to the current page, which will now
-                  show its true content */
-               if (request.REQUEST_URI == "/login.esp") {
-                  redirect(session_uri("/"));
+                       session.authinfo.username = auth.username;
+                       session.authinfo.domain = auth.domain;
+                       session.authinfo.credentials = creds;
+                       session.authinfo.session_info = auth.session_info;
+                       session.authinfo.user_class = auth.user_class;
+                       
+                       /* if the user was asking for the login page, then now
+                          redirect them to the main page. Otherwise just
+                          redirect them to the current page, which will now
+                          show its true content */
+                       if (request.REQUEST_URI == "/login.esp") {
+                          redirect(session_uri("/"));
+                       } else {
+                          redirect(session_uri(request.REQUEST_URI));
+                       }
+               } else if (auth.report == undefined) {
+                       write("<b>Login failed - please try again<br /></b>\n");
                } else {
-                  redirect(session_uri(request.REQUEST_URI));
+                       write("<b>Login failed: " + auth.report + " - please try again<br /></b>\n");
                }
        }
 %>