Form-Login function.

git-svn-id: https://svn.berlios.de/svnroot/repos/yacy/trunk@2193 6c8d7289-2bf4-0310-a012-ef5d649a1542

htroot/User.html

@@ -9,7 +9,12 @@
 <br><br>
 <h2>User Page</h2><br>
 #(logged-in)#
-You are not logged in.
+You are not logged in.<br />
+<form action="User.html" method="post">
+Username: <input type="text" name="username"><br />
+Password: <input type="password" name="password"><br />
+<input type="submit" value="login">
+</form>
 ::
 You are currently logged in as #[username]#.<br />
 (Identified by #(identified-by)#IP::Username/Password#(/identified-by)#)<br />
@@ -44,6 +49,8 @@ You are currently logged in as admin.<br />
 <form action="User.html">
   <input type="submit" name="logout" value="logout">
 </form>
+<br />
+(after logout you will be prompted for your password again. simply click "cancel")
 #(/logged-in)#
 #(status)#
 ::

htroot/User.java

@@ -67,15 +67,23 @@ public class User{
         prop.put("logged_in", 0);
         prop.put("logged-in_limit", 0);
         prop.put("status", 0);
+        //identified via HTTPPassword
         entry=sb.userDB.proxyAuth(((String) header.get(httpHeader.AUTHORIZATION, "xxxxxx")));
         if(entry != null){
         		prop.put("logged-in_identified-by", 1);
+        //identified via form-login
+        //TODO: this does not work for a static admin, yet.
+        }else if(post != null && post.containsKey("username") && post.containsKey("password")){
+            entry=sb.userDB.passwordAuth((String)post.get("username"), (String)post.get("password"), (String)header.get("CLIENTIP", "xxxxxx"));
+            prop.put("logged-in_identified-by", 1);
+        //identified via ip.
         }else{
         		entry=sb.userDB.ipAuth(((String)header.get("CLIENTIP", "xxxxxx")));
         		if(entry != null){
         			prop.put("logged-in_identified-by", 0);
         		}
         }
+        //Logged in via UserDB
         if(entry != null){
         		prop.put("logged-in", 1);
         		prop.put("logged-in_username", entry.getUserName());
@@ -91,14 +99,13 @@ public class User{
                     prop.put("logged-in_limit_percent", percent/3);
                     prop.put("logged-in_limit_percent2", (100-percent)/3);
         		}
+        //logged in via static Password
         }else if(sb.verifyAuthentication(header, true)){
             prop.put("logged-in", 2);
+        //not logged in
         }
         if(post!= null && entry != null){
-        		if(post.containsKey("logout")){
-        			entry.logout(((String)header.get("CLIENTIP", "xxxxxx")));
-        			prop.put("logged-in", 0);
-        		}else if(post.containsKey("changepass")){
+        		if(post.containsKey("changepass")){
         			prop.put("status", 1); //password
         			if(entry.getMD5EncodedUserPwd().equals(serverCodings.encodeMD5Hex(entry.getUserName()+":"+post.get("oldpass", "")))){
         			if(post.get("newpass").equals(post.get("newpass2"))){
@@ -119,6 +126,9 @@ public class User{
         		}
         }else if(post!=null && post.containsKey("logout")){
             prop.put("logged-in",0);
+            if(entry != null){
+                entry.logout(((String)header.get("CLIENTIP", "xxxxxx")));
+            }
             if(sb.verifyAuthentication(header, true)){
                 prop.put("AUTHENTICATE","admin log-in");
             }

source/de/anomic/data/userDB.java

@@ -234,6 +234,14 @@ public final class userDB {
         }
         return null;
     }
+    public Entry passwordAuth(String user, String password, String ip){
+        Entry entry=passwordAuth(user, password);
+        if(entry == null){
+            return null;
+        }
+        this.ipUsers.put(ip, entry.getUserName());
+        return entry;
+    }
     public Entry md5Auth(String user, String md5){
         Entry entry=this.getEntry(user);
         if( entry != null && entry.getMD5EncodedUserPwd().equals(md5)){