// UKNova Cookie/AJAX authentication // Send entered username/password to server using an XMLHTTPRequest. If they // are OK, will receive a time-limited authentication cookie to set for future // requests. var login_usepermanentcookie= true; function login_bind() { var form= document.getElementById('login'); if (!form) return; // Check we can actually use cookies/ajax - no point in making a form // the user can't do anything with. Also check whether a permanent cookie // can be used - usually yes, if IE is set to block-but-allow-session-cookies // we have to use session cookies - it doesn't auto-degrade them because // it's a bit stupid like that. // var test= Math.floor(Math.random()*10000); document.cookie= 'test='+test; if (document.cookie.indexOf('test='+test)==-1) return; test= Math.floor(Math.random()*10000); document.cookie= 'test='+test+';expires=Thu, 01-Jan-2030 00:00:00 GMT'; if (document.cookie.indexOf('test='+test)==-1) login_usepermanentcookie= false; document.cookie= 'test=delete;expires=Sat, 01-Jan-2000 00:00:00 GMT'; if (xmlhttp_make()==null) return; // Add controls to login form // var table= form.getElementsByTagName('table')[0]; var usernameinput= document.createElement('input'); var passwordinput= document.createElement('input'); var usernamelabel= document.createElement('label'); var passwordlabel= document.createElement('label'); var submitbutton= document.createElement('input'); usernameinput.type= 'text'; passwordinput.type= 'password'; submitbutton.type= 'submit'; submitbutton.value= 'Login'; submitbutton.className= 'default'; submitbutton.id= 'login-submit-button'; usernamelabel.htmlFor=usernameinput.id= 'login-username-field'; passwordlabel.htmlFor=passwordinput.id= 'login-password-field'; usernamelabel.appendChild(document.createTextNode('Username')); passwordlabel.appendChild(document.createTextNode('Password')); document.getElementById('login-username-label').appendChild(usernamelabel); document.getElementById('login-password-label').appendChild(passwordlabel); document.getElementById('login-username').appendChild(usernameinput); document.getElementById('login-password').appendChild(passwordinput); document.getElementById('login-submit').appendChild(submitbutton); form.onsubmit= login_submit; if (!document.getElementById('drop-login')) usernameinput.focus(); } function login_submit() { var username= document.getElementById('login-username-field').value; var password= document.getElementById('login-password-field').value; if (username=='' || password=='') { alert('You must enter a user name and password'); return false; } if (!login_isascii(username) || !login_isascii(password)) { alert('User name and password must contain only standard ASCII (English) characters'); return false; } new AuthRequest().send(username, password); return false; } js_class('AuthRequest', 'AsyncRequest', function() { this.send= function(username, password) { document.getElementById('login-submit-button').disabled= true; this.setstatus('Connecting...'); var pars= Object(); pars.username= username; pars.password= password; this.open(true, '/wsgi/auth', pars, 10000); // timeout after 10s }; this.oncancel= function() { this.setstatus('Connection failed'); document.getElementById('login-submit-button').disabled= false; }; this.oncomplete= function(results) { if (!results.ok) { this.setstatus(results.error); document.getElementById('login-submit-button').disabled= false; } else { this.setstatus('Logging in...'); var cookie= 'auth='+results.cookie+';path=/'; if (login_usepermanentcookie) cookie+= ';expires='+results.expires; document.cookie= cookie; location.reload(); } }; this.setstatus= function(status) { var td= document.getElementById('login-status'); dom_emptyNode(td); td.appendChild(document.createTextNode(status)); }; }) function login_isascii(s) { for (var i= s.length; i-->0;) { var c= s.charCodeAt(i); if (c<32 || c>=127) return false; } return true; } login_bind();