-<% page_header("plain", "SWAT Login"); %>
+<% page_header("plain", "SWAT Login", "");
+ libinclude("auth.js");
+ include("/scripting/forms.js");
-<form name="login" method="POST" action="@@request.SCRIPT_NAME">
- Username: <input name="Username" type="text" value=""><br>
- Password: <input name="Password" type="password" value=""><br>
- <br>
- <input name="submit" type="submit" value="Login"><br>
-</form>
+if (request['SESSION_EXPIRED'] == "True") {
+ write("<b>Your session has expired - please authenticate again<br /></b>\n");
+}
+
+var f = FormObj("login", 3, 1);
+f.element[0].label = "Username";
+f.element[0].value = form['Username'];
+f.element[1].label = "Password";
+f.element[1].value = form['Password'];
+f.element[1].type = "password";
+f.element[2].label = "Domain";
+f.element[2].type = "select";
+f.element[2].list = getDomainList();
+f.submit[0] = "Login";
+
+f.display();
+%>
<%
if (request.REQUEST_METHOD == "POST") {
- /* for now just authenticate everyone */
- session.AUTHENTICATED = true;
- session.authinfo = new Object();
-
- session.authinfo.username = form.Username;
-
- /* if the user was asking for the login page, then now
- redirect them to the main page. Otherwise just
- redirect them to the current page, which will now
- show its true content */
- if (request.REQUEST_URI == "/login.esp") {
- redirect("/");
+
+ var authinfo = new Object();
+ authinfo.username = form.Username;
+ authinfo.password = form.Password;
+ authinfo.domain = form.Domain;
+ authinfo.rhost = request['REMOTE_HOST'];
+
+ auth = userAuth(authinfo);
+ if (auth == undefined) {
+ write("<b>Invalid login - please try again<br /></b>\n");
+ } else if (auth.result) {
+
+ /* for now just authenticate everyone */
+ session.AUTHENTICATED = true;
+ session.authinfo = new Object();
+
+ session.authinfo.username = auth.username;
+ session.authinfo.domain = auth.domain;
+
+ /* if the user was asking for the login page, then now
+ redirect them to the main page. Otherwise just
+ redirect them to the current page, which will now
+ show its true content */
+ if (request.REQUEST_URI == "/login.esp") {
+ redirect(session_uri("/"));
+ } else {
+ redirect(session_uri(request.REQUEST_URI));
+ }
} else {
- redirect(request.REQUEST_URI);
+ write("<b>Login failed - please try again<br /></b>\n");
}
}
%>