[open-ils-commits] r17176 - in trunk/Open-ILS/web/js/ui: . default/circ/selfcheck (erickson)
svn at svn.open-ils.org
svn at svn.open-ils.org
Wed Aug 11 16:42:12 EDT 2010
Author: erickson
Date: 2010-08-11 16:42:07 -0400 (Wed, 11 Aug 2010)
New Revision: 17176
Modified:
trunk/Open-ILS/web/js/ui/base.js
trunk/Open-ILS/web/js/ui/default/circ/selfcheck/selfcheck.js
Log:
Gave the base login code the ability to find username/password from a
cookie. for security reasons, we don't put login data into cookies, but if the
login info is available to us in that format already (say, via external means), we'll
use it. This can be useful for persistent logins (e.g. self-check) or
automatic logins (pushing cookie data out to workstations)
Minor cleanup of the login code to make it more re-use friendly.
Added self-check support for verifying the staff login before each patron
login.
Modified: trunk/Open-ILS/web/js/ui/base.js
===================================================================
--- trunk/Open-ILS/web/js/ui/base.js 2010-08-11 20:40:07 UTC (rev 17175)
+++ trunk/Open-ILS/web/js/ui/base.js 2010-08-11 20:42:07 UTC (rev 17176)
@@ -8,38 +8,87 @@
dojo.require('openils.Util');
dojo.require('openils.XUL');
+var cgi = new openils.CGI();
+
function oilsSetupUser() {
- var cgi = new openils.CGI();
var authtoken = cgi.param('ses') || dojo.cookie('ses');
var workstation = cgi.param('ws') || dojo.cookie('ws');
var user;
- if(authtoken) user = new openils.User({authtoken:authtoken});
+
+ openils.User.user = null;
+ openils.User.authtoken = null;
+ openils.User.workstation = null;
+
+ if(authtoken) {
+ user = new openils.User();
+ delete user.sessionCache[authtoken];
+ user.authtoken = authtoken;
+ user.user = user.getBySession();
+ }
+
if(!authtoken || openils.Event.parse(user.user)) {
- dojo.cookie('ses', openils.User.authtoken, {expires:-1, path:'/'}); // remove the cookie
- openils.User.authtoken = null;
- dojo.addOnLoad(function(){
- if(openils.XUL.isXUL()) {
- // let XUL handle the login dialog
- openils.XUL.getNewSession( function() { location.href = location.href } );
- } else {
- // in web-only mode, use the dojo login dialog
- oilsLoginDialog.show();
- var func = function(){ oilsDoLogin(); };
- openils.Util.registerEnterHandler(dojo.byId('oils-login-username'), func);
- openils.Util.registerEnterHandler(dojo.byId('oils-login-password'), func);
- dojo.byId('oils-login-workstation').innerHTML = workstation || '';
- }
- });
- return;
+
+ authtoken = oilsLoginFromCookies();
+
+ if(!authtoken) {
+
+ dojo.cookie('ses', openils.User.authtoken, {expires:-1, path:'/'}); // remove the cookie
+ dojo.cookie('ses', openils.User.authtoken, {expires:-1, path:oilsBasePath}); // remove the cookie
+
+ dojo.addOnLoad(function(){
+ if(openils.XUL.isXUL()) {
+ // let XUL handle the login dialog
+ openils.XUL.getNewSession( function() { location.href = location.href } );
+ } else {
+ // in web-only mode, use the dojo login dialog
+ oilsLoginDialog.show();
+ var func = function(){ oilsDoLogin(); };
+ openils.Util.registerEnterHandler(dojo.byId('oils-login-username'), func);
+ openils.Util.registerEnterHandler(dojo.byId('oils-login-password'), func);
+ dojo.byId('oils-login-workstation').innerHTML = workstation || '';
+ }
+ });
+ return null;
+ }
}
- dojo.cookie('ses', authtoken, {path:'/'});
+
+ dojo.cookie('ses', authtoken, {path:oilsBasePath});
openils.User.authtoken = authtoken;
openils.User.workstation = workstation;
+ return authtoken;
}
+// pulls username / password and optional workstation from cgi params or cookies
+function oilsLoginFromCookies() {
+
+ var username = cgi.param('username') || dojo.cookie('username');
+ var password = cgi.param('password') || dojo.cookie('password');
+ var workstation = cgi.param('ws') || dojo.cookie('ws');
+
+ if(username && password) {
+
+ var user = new openils.User();
+ var args = {
+ username : username,
+ passwd : password,
+ type : 'staff'
+ };
+
+ if(workstation)
+ args.workstation = workstation;
+
+ if(user.login(args)) {
+ // fetches the login session and sets the global vars
+ user = new openils.User({authtoken : user.authtoken});
+ return (user && !openils.Event.parse(user.user)) ? user.authtoken : null;
+ }
+ }
+
+ return null;
+}
+
function oilsDoLogin() {
openils.Util.hide('oils-login-failed');
- var cgi = new openils.CGI();
var workstation = cgi.param('ws') || dojo.cookie('ws');
var user = new openils.User();
var args = {
Modified: trunk/Open-ILS/web/js/ui/default/circ/selfcheck/selfcheck.js
===================================================================
--- trunk/Open-ILS/web/js/ui/default/circ/selfcheck/selfcheck.js 2010-08-11 20:40:07 UTC (rev 17175)
+++ trunk/Open-ILS/web/js/ui/default/circ/selfcheck/selfcheck.js 2010-08-11 20:42:07 UTC (rev 17176)
@@ -1,4 +1,5 @@
dojo.require('dojo.date.locale');
+dojo.require('dojo.cookie');
dojo.require('dojo.date.stamp');
dojo.require('dijit.form.CheckBox');
dojo.require('dijit.form.NumberSpinner');
@@ -9,6 +10,7 @@
dojo.require('openils.widget.ProgressDialog');
dojo.require('openils.widget.OrgUnitFilteringSelect');
+
dojo.requireLocalization('openils.circ', 'selfcheck');
var localeStrings = dojo.i18n.getLocalization('openils.circ', 'selfcheck');
@@ -74,16 +76,22 @@
this.initPrinter();
}
+SelfCheckManager.prototype.setupStaffLogin = function(verify) {
+ if(verify) oilsSetupUser();
+ this.staff = openils.User.user;
+ this.workstation = openils.User.workstation;
+ this.authtoken = openils.User.authtoken;
+}
+
+
/**
* Fetch the org-unit settings, initialize the display, etc.
*/
SelfCheckManager.prototype.init = function() {
- this.staff = openils.User.user;
- this.workstation = openils.User.workstation;
- this.authtoken = openils.User.authtoken;
+ this.setupStaffLogin();
this.loadOrgSettings();
this.circTbody = dojo.byId('oils-selfck-circ-tbody');
@@ -298,6 +306,8 @@
*/
SelfCheckManager.prototype.loginPatron = function(barcode, passwd) {
+ this.setupStaffLogin(true); // verify still valid
+
if(this.orgSettings[SET_PATRON_PASSWORD_REQUIRED]) {
if(!passwd) {
More information about the open-ils-commits
mailing list