#######################################################################
use DBI;
+use SL::Auth;
use SL::User;
use SL::Form;
require "bin/mozilla/common.pl";
+require "bin/mozilla/todo.pl";
+
+# This is required because the am.pl in the root directory
+# is not scanned by locales.pl:
+# $form->parse_html_template('login/password_error')
$form = new Form;
+if (! -f 'config/authentication.pl') {
+ show_error('login/authentication_pl_missing');
+}
+
$locale = new Locale $language, "login";
+our $auth = SL::Auth->new();
+if (!$auth->session_tables_present()) {
+ show_error('login/auth_db_unreachable');
+}
+$auth->expire_sessions();
+my $session_result = $auth->restore_session();
+
# customization
if (-f "bin/mozilla/custom_$form->{script}") {
eval { require "bin/mozilla/custom_$form->{script}"; };
# window title bar, user info
$form->{titlebar} = "Lx-Office " . $locale->text('Version') . " $form->{version}";
-if ($form->{action}) {
+if (SL::Auth::SESSION_EXPIRED == $session_result) {
+ $form->{error_message} = $locale->text('The session is invalid or has expired.');
+ login_screen();
+ exit;
+}
+
+my $action = $form->{action};
+
+if (!$action && $auth->{SESSION}->{login}) {
+ $action = 'login';
+}
+
+if ($action) {
+ our %myconfig = $auth->read_user($form->{login}) if ($form->{login});
+
+ if (!$myconfig{login} || (SL::Auth::OK != $auth->authenticate($form->{login}, $form->{password}, 0))) {
+ $form->{error_message} = $locale->text('Incorrect Password!');
+ login_screen();
+ exit;
+ }
+
+ $auth->set_session_value('login', $form->{login}, 'password', $form->{password});
+ $auth->create_or_refresh_session();
+
$form->{titlebar} .= " - $myconfig{name} - $myconfig{dbname}";
- call_sub($locale->findsub($form->{action}));
+ call_sub($locale->findsub($action));
} else {
login_screen();
sub login_screen {
$lxdebug->enter_sub();
+ my ($msg) = @_;
if (-f "css/lx-office-erp.css") {
$form->{stylesheet} = "lx-office-erp.css";
}
- $form->{fokus} = "loginscreen.login";
- $form->header;
+ $form->{msg} = $msg;
+ $form->header();
print $form->parse_html_template('login/login_screen');
sub login {
$lxdebug->enter_sub();
- $form->error($locale->text('You did not enter a name!')) unless ($form->{login});
+ unless ($form->{login}) {
+ login_screen($locale->text('You did not enter a name!'));
+ exit;
+ }
- $user = new User $memberfile, $form->{login};
+ $user = new User $form->{login};
# if we get an error back, bale out
- if (($result = $user->login(\%$form, $userspath)) <= -1) {
- if ($result == -2) {
- exit;
- }
-
- $form->error($locale->text('Incorrect username or password!'));
+ if (($result = $user->login($form)) <= -1) {
+ exit if $result == -2;
+ login_screen($locale->text('Incorrect username or password!'));
+ exit;
}
my %style_to_script_map = ( 'v3' => 'v3',
'neu' => 'new',
+ 'v4' => 'v4',
'xml' => 'XML',
);
# made it this far, execute the menu
$form->{callback} = build_std_url("script=menu${menu_script}.pl", 'action=display');
+ $auth->set_cookie_environment_variable();
+
$form->redirect();
$lxdebug->leave_sub();
sub logout {
$lxdebug->enter_sub();
- unlink "$userspath/$form->{login}.conf";
+ $auth->destroy_session();
# remove the callback to display the message
- $form->{callback} = "login.pl?action=&login=";
+ $form->{callback} = "login.pl?action=";
$form->redirect($locale->text('You are logged out!'));
$lxdebug->leave_sub();
sub company_logo {
$lxdebug->enter_sub();
- require "$userspath/$form->{login}.conf";
-
$locale = new Locale $myconfig{countrycode}, "login" if ($language ne $myconfig{countrycode});
+ $form->{todo_list} = create_todo_list('login_screen' => 1) if (!$form->{no_todo_list});
+
$form->{stylesheet} = $myconfig{stylesheet};
$form->{title} = $locale->text('About');
$lxdebug->leave_sub();
}
+
+sub show_error {
+ my $template = shift;
+ $locale = Locale->new($language, 'all');
+ $myconfig{countrycode} = $language;
+ $form->{stylesheet} = 'css/lx-office-erp.css';
+
+ $form->header();
+ print $form->parse_html_template($template);
+
+ # $form->parse_html_template('login/auth_db_unreachable');
+ # $form->parse_html_template('login/authentication_pl_missing');
+
+ exit;
+}
+