r9230: Star out passwords and add confim text input for provisioning.

[kai/samba.git] / swat / login.esp

diff --git a/swat/login.esp b/swat/login.esp
index 9b41e2d54e9a552b616ff99288c47c5c3a7759f9..4b40793923980b9f2e16cead66b6ff51fff9a170 100644 (file)
--- a/swat/login.esp
+++ b/swat/login.esp
@@ -1,33 +1,58 @@
-<% page_header("plain", "SWAT Login"); %>
+<% page_header("plain", "SWAT Login", "");
+   libinclude("auth.js");
+   include("/scripting/forms.js");
 
-<%
-var f = Form("login", 2, 1);
+if (request['SESSION_EXPIRED'] == "True") {
+   write("<b>Your session has expired - please authenticate again<br /></b>\n");
+}
+
+var f = FormObj("login", 3, 1);
 f.element[0].label = "Username";
 f.element[0].value = form['Username'];
 f.element[1].label = "Password";
 f.element[1].value = form['Password'];
 f.element[1].type  = "password";
+f.element[2].label = "Domain";
+f.element[2].type  = "select";
+f.element[2].list  = getDomainList();
 f.submit[0] = "Login";
 
-display_form(f);
+f.display();
 %>
 
 <%
        if (request.REQUEST_METHOD == "POST") {
-               /* for now just authenticate everyone */
-               session.AUTHENTICATED = true;
-               session.authinfo = new Object();
+               var authinfo = new Object();
+               authinfo.username = form.Username;
+               authinfo.password = form.Password;
+               authinfo.domain = form.Domain;
+               authinfo.rhost = request['REMOTE_HOST'];
 
-               session.authinfo.username = form.Username;
+               auth = userAuth(authinfo);
+               if (auth == undefined) {
+                       write("<b>Invalid login - please try again<br /></b>\n");
+               } else if (auth.result) {
+                       session.AUTHENTICATED = true;
+                       session.authinfo = new Object();
 
-               /* if the user was asking for the login page, then now
-                  redirect them to the main page. Otherwise just
-                  redirect them to the current page, which will now
-                  show its true content */
-               if (request.REQUEST_URI == "/login.esp") {
-                  redirect(session_uri("/"));
+                       session.authinfo.username = auth.username;
+                       session.authinfo.domain = auth.domain;
+                       session.authinfo.credentials = credentials_init();
+                       session.authinfo.credentials.set_username(authinfo.username);
+                       session.authinfo.credentials.set_domain(authinfo.domain);
+                       session.authinfo.credentials.set_password(authinfo.password);
+                       
+                       /* if the user was asking for the login page, then now
+                          redirect them to the main page. Otherwise just
+                          redirect them to the current page, which will now
+                          show its true content */
+                       if (request.REQUEST_URI == "/login.esp") {
+                          redirect(session_uri("/"));
+                       } else {
+                          redirect(session_uri(request.REQUEST_URI));
+                       }
                } else {
-                  redirect(session_uri(request.REQUEST_URI));
+                       write("<b>Login failed - please try again<br /></b>\n");
                }
        }
 %>