git.samba.org / kai / samba.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
r9139: cleanup the layout a bit
[kai/samba.git] / swat / login.esp
diff --git a/swat/login.esp b/swat/login.esp
index 1dfc1142e613ec1ec0bb4d0e91ab7509eb78c7c0..ae9a35824314fed77f02b2d7f103df5fdf1d57e4 100644 (file)
--- a/swat/login.esp
+++ b/swat/login.esp
@@ -1,28 +1,57 @@
-<% page_header("plain", "SWAT Login"); %>
+<% page_header("plain", "SWAT Login", "");
+   libinclude("auth.js");
+   include("/scripting/forms.js");
 
-<form name="login" method="POST" action="@@request.SCRIPT_NAME"> 
-    Username:   <input name="Username"  type="text" value=""><br>
-    Password:  <input name="Password" type="password" value=""><br>
-    <br>
-    <input name="submit" type="submit" value="Login"><br>
-</form>
+if (request['SESSION_EXPIRED'] == "True") {
+   write("<b>Your session has expired - please authenticate again<br /></b>\n");
+}
+
+var f = FormObj("login", 3, 1);
+f.element[0].label = "Username";
+f.element[0].value = form['Username'];
+f.element[1].label = "Password";
+f.element[1].value = form['Password'];
+f.element[1].type  = "password";
+f.element[2].label = "Domain";
+f.element[2].type  = "select";
+f.element[2].list  = getDomainList();
+f.submit[0] = "Login";
+
+f.display();
+%>
 
 <%
        if (request.REQUEST_METHOD == "POST") {
-               /* for now just authenticate everyone */
-               session.AUTHENTICATED = true;
-               session.authinfo = new Object();
-
-               session.authinfo.username = form.Username;
-
-               /* if the user was asking for the login page, then now
-                  redirect them to the main page. Otherwise just
-                  redirect them to the current page, which will now
-                  show its true content */
-               if (request.REQUEST_URI == "/login.esp") {
-                  redirect("/");
+
+               var authinfo = new Object();
+               authinfo.username = form.Username;
+               authinfo.password = form.Password;
+               authinfo.domain = form.Domain;
+               authinfo.rhost = request['REMOTE_HOST'];
+
+               auth = userAuth(authinfo);
+               if (auth == undefined) {
+                       write("<b>Invalid login - please try again<br /></b>\n");
+               } else if (auth.result) {
+
+                       /* for now just authenticate everyone */
+                       session.AUTHENTICATED = true;
+                       session.authinfo = new Object();
+
+                       session.authinfo.username = auth.username;
+                       session.authinfo.domain = auth.domain;
+
+                       /* if the user was asking for the login page, then now
+                          redirect them to the main page. Otherwise just
+                          redirect them to the current page, which will now
+                          show its true content */
+                       if (request.REQUEST_URI == "/login.esp") {
+                          redirect(session_uri("/"));
+                       } else {
+                          redirect(session_uri(request.REQUEST_URI));
+                       }
                } else {
-                  redirect(request.REQUEST_URI);
+                       write("<b>Login failed - please try again<br /></b>\n");
                }
        }
 %>
Kai's WIP code