svndigest - svndigest

www/login.jsp

: Code
: Comments
: Other

Rev	Date	Author	Line
211	22 Mar 05	nicklas	1	<%-- $Id$
211	22 Mar 05	nicklas	2	------------------------------------------------------------------
3675	16 Aug 07	jari	3	Copyright (C) 2005 Nicklas Nordborg
5425	23 Sep 10	nicklas	4	Copyright (C) 2006 Jari Häkkinen, Nicklas Nordborg
3675	16 Aug 07	jari	5	Copyright (C) 2007 Nicklas Nordborg
211	22 Mar 05	nicklas	6
2304	22 May 06	jari	7	This file is part of BASE - BioArray Software Environment.
2304	22 May 06	jari	8	Available at http://base.thep.lu.se/
211	22 Mar 05	nicklas	9
211	22 Mar 05	nicklas	10	BASE is free software; you can redistribute it and/or
211	22 Mar 05	nicklas	11	modify it under the terms of the GNU General Public License
4476	05 Sep 08	jari	12	as published by the Free Software Foundation; either version 3
211	22 Mar 05	nicklas	13	of the License, or (at your option) any later version.
211	22 Mar 05	nicklas	14
211	22 Mar 05	nicklas	15	BASE is distributed in the hope that it will be useful,
211	22 Mar 05	nicklas	16	but WITHOUT ANY WARRANTY; without even the implied warranty of
211	22 Mar 05	nicklas	17	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
211	22 Mar 05	nicklas	18	GNU General Public License for more details.
211	22 Mar 05	nicklas	19
211	22 Mar 05	nicklas	20	You should have received a copy of the GNU General Public License
4511	11 Sep 08	jari	21	along with BASE. If not, see <http://www.gnu.org/licenses/>.
211	22 Mar 05	nicklas	22	------------------------------------------------------------------
211	22 Mar 05	nicklas	23
211	22 Mar 05	nicklas	24	Login to BASE.
211	22 Mar 05	nicklas	25	If successful the request is ultimately forwarded to /user/index.jsp
211	22 Mar 05	nicklas	26	If unsuccessful an appropriate error message is displayed.
211	22 Mar 05	nicklas	27
211	22 Mar 05	nicklas	28	@param login The login for the user.
211	22 Mar 05	nicklas	29	@param password The password for the user.
211	22 Mar 05	nicklas	30
211	22 Mar 05	nicklas	31	@author Nicklas
211	22 Mar 05	nicklas	32	@version 2.0
211	22 Mar 05	nicklas	33	--%>
5426	24 Sep 10	nicklas	34	<%@ page pageEncoding="UTF-8" session="false"
211	22 Mar 05	nicklas	35	import="net.sf.basedb.core.*"
6424	25 Feb 14	nicklas	36	import="net.sf.basedb.core.authentication.LoginRequest"
7114	16 Mar 16	nicklas	37	import="net.sf.basedb.util.extensions.ExtensionsInvoker"
211	22 Mar 05	nicklas	38	import="net.sf.basedb.clients.web.Base"
211	22 Mar 05	nicklas	39	import="net.sf.basedb.clients.web.WebException"
7114	16 Mar 16	nicklas	40	import="net.sf.basedb.clients.web.extensions.JspContext"
7114	16 Mar 16	nicklas	41	import="net.sf.basedb.clients.web.extensions.ExtensionsControl"
7114	16 Mar 16	nicklas	42	import="net.sf.basedb.clients.web.extensions.startpage.StartPageAction"
211	22 Mar 05	nicklas	43	import="net.sf.basedb.clients.web.util.HTML"
2753	20 Oct 06	nicklas	44	import="net.sf.basedb.util.Values"
7114	16 Mar 16	nicklas	45	import="java.util.Iterator"
7295	20 Feb 17	nicklas	46	import="java.util.Set"
7295	20 Feb 17	nicklas	47	import="java.util.HashSet"
7295	20 Feb 17	nicklas	48	import="java.util.Arrays"
211	22 Mar 05	nicklas	49	%>
211	22 Mar 05	nicklas	50	<%@ taglib prefix="base" uri="/WEB-INF/base.tld" %>
211	22 Mar 05	nicklas	51	<%
2818	30 Oct 06	nicklas	52	SessionControl sc = Base.getSessionControl(pageContext, true);
2818	30 Oct 06	nicklas	53	String ID = sc.getId();
2818	30 Oct 06	nicklas	54	String cmd = request.getParameter("cmd");
7540	03 Dec 18	nicklas	55	boolean again = Values.getBoolean(request.getParameter("again"));
7189	23 Aug 16	nicklas	56	boolean useAutoStartPage = false;
211	22 Mar 05	nicklas	57	String root = request.getContextPath()+"/";
693	31 May 05	nicklas	58	String redirect = Values.getStringOrNull(request.getParameter("redirect"));
373	07 Apr 05	nicklas	59	String errorTitle = null;
373	07 Apr 05	nicklas	60	String errorMessage = null;
7408	06 Oct 17	nicklas	61	String message = null;
2818	30 Oct 06	nicklas	62	String login = request.getParameter("login");
7530	26 Nov 18	nicklas	63	String loginForm = Values.getStringOrNull(request.getParameter("loginForm"));
2818	30 Oct 06	nicklas	64
2818	30 Oct 06	nicklas	65	if ("Login".equals(cmd) \|\| cmd == null)
2818	30 Oct 06	nicklas	66	{
5827	26 Oct 11	nicklas	67	String password = request.getParameter("password");
7408	06 Oct 17	nicklas	68	String deviceToken = Values.getStringOrNull(request.getParameter("deviceToken"));
7500	08 Aug 18	nicklas	69	String extraValue = Values.getStringOrNull(request.getParameter("extraField"));
2818	30 Oct 06	nicklas	70	try
2818	30 Oct 06	nicklas	71	{
2818	30 Oct 06	nicklas	72	if (sc.isLoggedIn()) sc.logout();
7408	06 Oct 17	nicklas	73	LoginRequest loginRequest = new LoginRequest(login, password, deviceToken);
7500	08 Aug 18	nicklas	74	if (extraValue != null) loginRequest.setAttribute("extraValue", extraValue);
7529	26 Nov 18	nicklas	75	if (loginForm != null) loginRequest.setAttribute("login-form", loginForm);
7408	06 Oct 17	nicklas	76	loginRequest.setAttribute("user-agent", request.getHeader("User-Agent"));
7410	09 Oct 17	nicklas	77	String serverUrl = request.getRequestURL().toString().replace(request.getRequestURI(), root);
7409	09 Oct 17	nicklas	78	loginRequest.setAttribute("server-url", serverUrl);
6424	25 Feb 14	nicklas	79	sc.login(loginRequest);
7189	23 Aug 16	nicklas	80	useAutoStartPage = Values.getBoolean(request.getParameter("useAutoStartPage"));
2818	30 Oct 06	nicklas	81	}
7408	06 Oct 17	nicklas	82	catch (DeviceNotVerifiedException ex)
7408	06 Oct 17	nicklas	83	{
7408	06 Oct 17	nicklas	84	message = "Device not verified";
7408	06 Oct 17	nicklas	85	redirect = root + "verify_device.jsp?ID=" + sc.getId();
7408	06 Oct 17	nicklas	86	}
5822	24 Oct 11	nicklas	87	catch (LoginException ex)
5822	24 Oct 11	nicklas	88	{
5822	24 Oct 11	nicklas	89	errorTitle = "Login failed";
5822	24 Oct 11	nicklas	90	errorMessage = ex.getMessage();
5822	24 Oct 11	nicklas	91	}
2818	30 Oct 06	nicklas	92	catch (ItemNotFoundException ex)
2818	30 Oct 06	nicklas	93	{
2818	30 Oct 06	nicklas	94	errorTitle = "Login not found";
6424	25 Feb 14	nicklas	95	errorMessage = ex.getMessage();
2818	30 Oct 06	nicklas	96	}
2818	30 Oct 06	nicklas	97	catch (InvalidPasswordException ex)
2818	30 Oct 06	nicklas	98	{
2818	30 Oct 06	nicklas	99	errorTitle = "Invalid password";
6424	25 Feb 14	nicklas	100	errorMessage = ex.getMessage();
2818	30 Oct 06	nicklas	101	}
2818	30 Oct 06	nicklas	102	catch (PermissionDeniedException ex)
2818	30 Oct 06	nicklas	103	{
2818	30 Oct 06	nicklas	104	errorTitle = "Permission denied";
6424	25 Feb 14	nicklas	105	errorMessage = ex.getMessage();
2818	30 Oct 06	nicklas	106	}
211	22 Mar 05	nicklas	107	}
7408	06 Oct 17	nicklas	108	else if ("VerifyDevice".equals(cmd))
7408	06 Oct 17	nicklas	109	{
7408	06 Oct 17	nicklas	110	String verificationCode = request.getParameter("verificationCode");
7408	06 Oct 17	nicklas	111	boolean rememberDevice = Values.getBoolean(request.getParameter("rememberDevice"));
7408	06 Oct 17	nicklas	112	try
7408	06 Oct 17	nicklas	113	{
7408	06 Oct 17	nicklas	114	sc.verifyDevice(verificationCode, rememberDevice);
7408	06 Oct 17	nicklas	115	}
7408	06 Oct 17	nicklas	116	catch (LoginException ex)
7408	06 Oct 17	nicklas	117	{
7408	06 Oct 17	nicklas	118	errorTitle = "Login failed";
7408	06 Oct 17	nicklas	119	errorMessage = ex.getMessage();
7408	06 Oct 17	nicklas	120	}
7408	06 Oct 17	nicklas	121	}
2818	30 Oct 06	nicklas	122	else if ("Impersonate".equals(cmd))
211	22 Mar 05	nicklas	123	{
2818	30 Oct 06	nicklas	124	int userId = Values.getInt(request.getParameter("user_id"));
2818	30 Oct 06	nicklas	125	String comment = request.getParameter("comment");
2818	30 Oct 06	nicklas	126	SessionControl impersonated = sc.impersonateLogin(userId, comment);
2818	30 Oct 06	nicklas	127	impersonated.setSessionSetting("impersonate.originalSessionControl", sc);
7954	12 May 21	nicklas	128	DbControl dc = sc.newDbControl(":Impersonate user");
1907	06 Feb 06	nicklas	129	try
1907	06 Feb 06	nicklas	130	{
2818	30 Oct 06	nicklas	131	impersonated.setSessionSetting("impersonate.originalUser", User.getById(dc, sc.getLoggedInUserId()));
1907	06 Feb 06	nicklas	132	}
1907	06 Feb 06	nicklas	133	finally
1907	06 Feb 06	nicklas	134	{
1907	06 Feb 06	nicklas	135	if (dc != null) dc.close();
1907	06 Feb 06	nicklas	136	}
2818	30 Oct 06	nicklas	137	sc = impersonated;
3504	15 Jun 07	nicklas	138	if (redirect == null)
3504	15 Jun 07	nicklas	139	{
3504	15 Jun 07	nicklas	140	redirect = root + "my_base/index.jsp?ID=" + sc.getId();
3504	15 Jun 07	nicklas	141	}
3504	15 Jun 07	nicklas	142	else
3504	15 Jun 07	nicklas	143	{
3504	15 Jun 07	nicklas	144	redirect = redirect.replaceFirst("ID=[a-z0-9]*", "ID=" + sc.getId());
3504	15 Jun 07	nicklas	145	}
1907	06 Feb 06	nicklas	146	}
2818	30 Oct 06	nicklas	147	else
2818	30 Oct 06	nicklas	148	{
2818	30 Oct 06	nicklas	149	throw new WebException("popup", "Invalid command", "The command {1} is not recognised as a valid command.", cmd);
2818	30 Oct 06	nicklas	150	}
1907	06 Feb 06	nicklas	151
2818	30 Oct 06	nicklas	152	if (sc.isLoggedIn())
2818	30 Oct 06	nicklas	153	{
7295	20 Feb 17	nicklas	154	// Some roles may be inactive by default
7295	20 Feb 17	nicklas	155	String tmp = Values.getStringOrNull(sc.getUserClientSetting("inactiveRoles"));
7295	20 Feb 17	nicklas	156	if (tmp != null)
7295	20 Feb 17	nicklas	157	{
7295	20 Feb 17	nicklas	158	Set<Integer> defaultInactive = new HashSet<Integer>(Arrays.asList(Values.getInt(tmp.split(":"))));
7295	20 Feb 17	nicklas	159	for (int roleId : defaultInactive)
7295	20 Feb 17	nicklas	160	{
7295	20 Feb 17	nicklas	161	sc.setRoleInactive(roleId, true);
7295	20 Feb 17	nicklas	162	}
7295	20 Feb 17	nicklas	163	}
7295	20 Feb 17	nicklas	164
2818	30 Oct 06	nicklas	165	int lastActiveProjectId = Values.getInt(sc.getUserClientSetting("projects.lastactive"));
7189	23 Aug 16	nicklas	166	String startPageId = sc.getUserClientSetting("start-page-id");
7189	23 Aug 16	nicklas	167
7954	12 May 21	nicklas	168	DbControl dc = sc.newDbControl(":After login");
7189	23 Aug 16	nicklas	169	try
2818	30 Oct 06	nicklas	170	{
7189	23 Aug 16	nicklas	171	if (lastActiveProjectId != 0)
2818	30 Oct 06	nicklas	172	{
2818	30 Oct 06	nicklas	173	Project p = Project.getById(dc, lastActiveProjectId);
2818	30 Oct 06	nicklas	174	sc.setActiveProject(p);
2818	30 Oct 06	nicklas	175	}
7189	23 Aug 16	nicklas	176
7189	23 Aug 16	nicklas	177	if (useAutoStartPage && startPageId != null)
2818	30 Oct 06	nicklas	178	{
7189	23 Aug 16	nicklas	179	User user = User.getById(dc, sc.getLoggedInUserId());
7189	23 Aug 16	nicklas	180	JspContext context = ExtensionsControl.createContext(dc, pageContext, null, user);
7605	26 Feb 19	nicklas	181	ExtensionsInvoker<StartPageAction> invoker = ExtensionsControl.useExtensions(context, "net.sf.basedb.clients.web.start-page");
7189	23 Aug 16	nicklas	182	Iterator<StartPageAction> it = invoker.iterator();
7189	23 Aug 16	nicklas	183	while (it.hasNext())
7189	23 Aug 16	nicklas	184	{
7189	23 Aug 16	nicklas	185	try
7189	23 Aug 16	nicklas	186	{
7189	23 Aug 16	nicklas	187	StartPageAction action = it.next();
7189	23 Aug 16	nicklas	188	if (startPageId.equals(action.getId()))
7189	23 Aug 16	nicklas	189	{
7189	23 Aug 16	nicklas	190	String startPage = action.getUrl();
7189	23 Aug 16	nicklas	191	if (startPage != null)
7189	23 Aug 16	nicklas	192	{
7189	23 Aug 16	nicklas	193	redirect = startPage.replace("$SESSION-ID$", sc.getId());
7189	23 Aug 16	nicklas	194	}
7189	23 Aug 16	nicklas	195	break;
7189	23 Aug 16	nicklas	196	}
7189	23 Aug 16	nicklas	197	}
7189	23 Aug 16	nicklas	198	catch (RuntimeException ex)
7189	23 Aug 16	nicklas	199	{}
7189	23 Aug 16	nicklas	200	}
2818	30 Oct 06	nicklas	201	}
2818	30 Oct 06	nicklas	202	}
7189	23 Aug 16	nicklas	203	catch (Throwable t)
7189	23 Aug 16	nicklas	204	{}
7189	23 Aug 16	nicklas	205	finally
7189	23 Aug 16	nicklas	206	{
7189	23 Aug 16	nicklas	207	if (dc != null) dc.close();
7189	23 Aug 16	nicklas	208	}
7189	23 Aug 16	nicklas	209
2818	30 Oct 06	nicklas	210	}
7189	23 Aug 16	nicklas	211
7540	03 Dec 18	nicklas	212	if (again)
211	22 Mar 05	nicklas	213	{
373	07 Apr 05	nicklas	214	if (errorMessage != null)
218	22 Mar 05	nicklas	215	{
7738	14 Aug 19	nicklas	216	response.sendRedirect(root+"main.jsp?ID="+ID+"&again=1&login="+HTML.urlEncode(login)+"&loginForm="+HTML.urlEncode(loginForm)+"&error="+HTML.urlEncode(errorMessage));
218	22 Mar 05	nicklas	217	}
218	22 Mar 05	nicklas	218	else
218	22 Mar 05	nicklas	219	{
7408	06 Oct 17	nicklas	220	if (message == null) message = "Login successful";
693	31 May 05	nicklas	221	if (redirect == null)
693	31 May 05	nicklas	222	{
7408	06 Oct 17	nicklas	223	response.sendRedirect(root+"common/close_popup.jsp?message="+HTML.urlEncode(message)+"&refresh_opener=1");
693	31 May 05	nicklas	224	}
693	31 May 05	nicklas	225	else
693	31 May 05	nicklas	226	{
7408	06 Oct 17	nicklas	227	response.sendRedirect(root+"common/close_popup.jsp?message="+HTML.urlEncode(message)+"&redirect_opener="+HTML.urlEncode(redirect));
693	31 May 05	nicklas	228	}
218	22 Mar 05	nicklas	229	}
211	22 Mar 05	nicklas	230	}
211	22 Mar 05	nicklas	231	else
211	22 Mar 05	nicklas	232	{
373	07 Apr 05	nicklas	233	if (errorMessage != null)
218	22 Mar 05	nicklas	234	{
7738	14 Aug 19	nicklas	235	response.sendRedirect(root+"main.jsp?ID="+ID+"&login="+HTML.urlEncode(login)+"&loginForm="+HTML.urlEncode(loginForm)+"&error="+HTML.urlEncode(errorMessage));
218	22 Mar 05	nicklas	236	}
218	22 Mar 05	nicklas	237	else
218	22 Mar 05	nicklas	238	{
693	31 May 05	nicklas	239	if (redirect == null)
693	31 May 05	nicklas	240	{
693	31 May 05	nicklas	241	response.sendRedirect(root+"my_base/index.jsp?refresh_menu=1&ID="+ID);
693	31 May 05	nicklas	242	}
693	31 May 05	nicklas	243	else
693	31 May 05	nicklas	244	{
693	31 May 05	nicklas	245	response.sendRedirect(redirect);
693	31 May 05	nicklas	246	}
218	22 Mar 05	nicklas	247	}
211	22 Mar 05	nicklas	248	}
211	22 Mar 05	nicklas	249	%>