-<% page_header("plain", "SWAT Login"); %>
+<% page_header("plain", "SWAT Login", "");
+ libinclude("auth.js");
+ include("/scripting/forms.js");
-<%
-var f = Form("login", 2, 1);
+if (request['SESSION_EXPIRED'] == "True") {
+ write("<b>Your session has expired - please authenticate again<br /></b>\n");
+}
+
+var f = FormObj("login", 3, 1);
f.element[0].label = "Username";
f.element[0].value = form['Username'];
f.element[1].label = "Password";
f.element[1].value = form['Password'];
f.element[1].type = "password";
+f.element[2].label = "Domain";
+f.element[2].type = "select";
+f.element[2].list = getDomainList();
f.submit[0] = "Login";
-display_form(f);
+f.display();
%>
<%
if (request.REQUEST_METHOD == "POST") {
- /* for now just authenticate everyone */
- session.AUTHENTICATED = true;
- session.authinfo = new Object();
+ var authinfo = new Object();
+ authinfo.username = form.Username;
+ authinfo.password = form.Password;
+ authinfo.domain = form.Domain;
+ authinfo.rhost = request['REMOTE_HOST'];
- session.authinfo.username = form.Username;
+ auth = userAuth(authinfo);
+ if (auth == undefined) {
+ write("<b>Invalid login - please try again<br /></b>\n");
+ } else if (auth.result) {
+ session.AUTHENTICATED = true;
+ session.authinfo = new Object();
- /* if the user was asking for the login page, then now
- redirect them to the main page. Otherwise just
- redirect them to the current page, which will now
- show its true content */
- if (request.REQUEST_URI == "/login.esp") {
- redirect(session_uri("/"));
+ session.authinfo.username = auth.username;
+ session.authinfo.domain = auth.domain;
+ session.authinfo.credentials = credentials_init();
+ session.authinfo.credentials.set_username(authinfo.username);
+ session.authinfo.credentials.set_domain(authinfo.domain);
+ session.authinfo.credentials.set_password(authinfo.password);
+
+ /* if the user was asking for the login page, then now
+ redirect them to the main page. Otherwise just
+ redirect them to the current page, which will now
+ show its true content */
+ if (request.REQUEST_URI == "/login.esp") {
+ redirect(session_uri("/"));
+ } else {
+ redirect(session_uri(request.REQUEST_URI));
+ }
} else {
- redirect(session_uri(request.REQUEST_URI));
+ write("<b>Login failed - please try again<br /></b>\n");
}
}
%>