[Home]Projects/Usemod10LoginLogout

JKWiki | Projects | RecentChanges | New Login | Login
This page is read-only | View other revisions
Difference (from prior major revision) (no other diffs)

Added: 28a29,43

References




Ideas and discussion regarding this topic can be seen at [WikiSuggestions/Login]. Especially about
forcing people to login before edit or using a web server's access control scheme.

This page is take from the authors site [JohannKlasek Usermod10LoginLogout]

This patch is similar to the Usemod V0.92 patch [DirkJanssen/LoginLogoutPatch].

Differences:
* This patch is against Usemod 1.0.
* This patch is compact, but not that ellegant like [DirkJanssen/LoginLogoutPatch], which adds the login/logout links into the navigator by itself.
* This patch allows multiple Users with the same username as long as they have different passwords.


Functionality

With the additional Login entry in the header/trailer navigator someone can reach the login form. The original login has no provision to login with a username, instead the user id must be entered if one is interested in making changes from several sites! This patch extents the dialog by a username field and a logout button, which allows to login/logout with our identity coming from different sites.

You can still provide the user id but if the username is given, the user id field will be ignored. With a username filled in the login procedure searches the user database for the given username and password. So this solves the problem if a username exists multiple times. Only the corresponding username with matching password will be found (yes, this is still a bit hairy if two users have identical usernames and identical passwords, but they can resolve this issue by using their user ids and change the password to make this two accounts different).

Logout can be achived by using the Logout button or even the Login button leaving all field empty.

In addition the trailing navigator display the current username as login=USER. If no user id is known <anonymous> shows up.

Implementation issues

The login with a given username searches the whole user database (until finding the first matching username and password). If the username is not found or the password is misstyped all user entries has to be checked. This may be very time consuming if the user database is very large, but is acceptable in my opinion for the ease of usability.

References

Ideas and discussion regarding this topic can be seen at [WikiSuggestions/Login]. Especially about forcing people to login before edit or using a web server's access control scheme.

This page is take from the authors site [JohannKlasek Usermod10LoginLogout]

This patch is similar to the Usemod V0.92 patch [DirkJanssen/LoginLogoutPatch].

Differences:

Installation

$UserGotoBar = "<a href=\"wiki.cgi?action=login\">Login</a>"; # HTML added to end of goto bar
*** wiki.cgi.ORIG       Tue Oct 25 12:17:21 2005
--- wiki.cgi    Thu Nov  3 04:23:40 2005
***************
*** 1409,1414 ****
--- 1409,1417 ----
      $result .= ' | <a href="http://sunir.org/apps/meta.pl?' . $id . '">'
                 . T('Search MetaWiki') . '</a>';
    }
+   # 2005-10-29 JK
+   $result .= Ts(' | login=%s', ($UserID > 199 ? $UserData{'username'}."($UserID)" : '<anonymous>'));
+ 
    if ($Section{'revision'} > 0) {
      $result .= '<br>';
      if ($rev eq '') {  # Only for most current rev
***************
*** 3620,3645 ****
    print &GetHeader('', T('Login'), "");
    print &GetFormStart();
    print &GetHiddenValue('enter_login', 1), "\n";
!   print '<br>', T('User ID number:'), ' ',
          $q->textfield(-name=>'p_userid', -value=>'',
                        -size=>15, -maxlength=>50);
    print '<br>', T('Password:'), ' ',
          $q->password_field(-name=>'p_password', -value=>'', 
                             -size=>15, -maxlength=>50);
    print '<br>', $q->submit(-name=>'Login', -value=>T('Login')), "\n";
    print "<hr class=wikilinefooter>\n";
    print &GetGotoBar('');
-   print $q->endform;
    print &GetMinimumFooter();
  }
  
  sub DoLogin {
    my ($uid, $password, $success);
  
    $success = 0;
    $uid = &GetParam("p_userid", "");
    $uid =~ s/\D//g;
!   $password = &GetParam("p_password",  "");
    if (($uid > 199) && ($password ne "") && ($password ne "*")) {
      $UserID = $uid;
      &LoadUserData();
--- 3623,3678 ----
    print &GetHeader('', T('Login'), "");
    print &GetFormStart();
    print &GetHiddenValue('enter_login', 1), "\n";
!   # 2005-10-29, 2005-11-02 JK
!   print '<br>', T('User Name:'), ' ',
!         $q->textfield(-name=>'p_username', -value=>'',
!                       -size=>20, -maxlength=>50);
!   print ' or ', T('User ID number:'), ' ',
          $q->textfield(-name=>'p_userid', -value=>'',
                        -size=>15, -maxlength=>50);
    print '<br>', T('Password:'), ' ',
          $q->password_field(-name=>'p_password', -value=>'', 
                             -size=>15, -maxlength=>50);
    print '<br>', $q->submit(-name=>'Login', -value=>T('Login')), "\n";
+   print $q->endform;
+   print &GetFormStart();
+   print &GetHiddenValue('enter_login', 1), "\n";
+   print '<br>', $q->submit(-name=>'Login', -value=>T('Logout')), "\n";
+   print $q->endform;
    print "<hr class=wikilinefooter>\n";
    print &GetGotoBar('');
    print &GetMinimumFooter();
  }
  
  sub DoLogin {
    my ($uid, $password, $success);
+   my ($found, %userattr, $status, $data);
  
    $success = 0;
+   $password = &GetParam("p_password",  "");
+ 
+   # 2005-10-29 JK
+   my $uname = &GetParam("p_username", "");
+   if ($uname) {
+     foreach my $userdata (glob "$UserDir/?/*.db") {
+       ($status, $data) = &ReadFile($userdata);
+       if ($status) {
+         %userattr = split(/$FS1/, $data, -1);  # -1 keeps trailing null fields
+       if ($userattr{'username'} eq $uname) { 
+               $uid = $userattr{'id'}; 
+                       if (defined($userattr{'password'}) && 
+                   ($userattr{'password'} eq $password)) {
+                       $found=1;
+                       last;
+               }
+       }
+       }
+     }
+   }
+   if (! $found ) {
    $uid = &GetParam("p_userid", "");
    $uid =~ s/\D//g;
!   }
    if (($uid > 199) && ($password ne "") && ($password ne "*")) {
      $UserID = $uid;
      &LoadUserData();
***************
*** 3653,3663 ****
        }
      }
    }
-   print &GetHeader('', T('Login Results'), '');
    if ($success) {
!     print Ts('Login for user ID %s complete.', $uid);
!   } else {
!     print Ts('Login for user ID %s failed.', $uid);
    }
    print "<hr class=wikilinefooter>\n";
    print &GetGotoBar('');
--- 3686,3709 ----
        }
      }
    }
    if ($success) {
!     print &GetHeader('', T('Login Results'), '');
!     print Ts('Login for user %s ', $UserData{'username'});
!     print Ts('with ID %s complete.', $uid);
!   } else {
!     # logout if neither user ID nor username is given
!     if (! $uid && ! $uname) {
!         $SetCookie{'id'} = 0;
!         $SetCookie{'randkey'} = 0;
!         $SetCookie{'rev'} = 1;
!         print &GetHeader('', T('Logout'), '');
!       print T('Logged out.');
!     }
!     else {
!         print &GetHeader('', T('Login Results'), '');
!       print Ts('Login for user ID %s failed.', $uid);
!       print "UserID=$uid \n";
!     }
    }
    print "<hr class=wikilinefooter>\n";
    print &GetGotoBar('');
JKWiki | Projects | RecentChanges | New Login | Login
This page is read-only | View other revisions | login=&lt;anonymous&gt;
Last edited November 7, 2005 11:44 am by JohannKlasek (diff)
Search: