// The contents of this file are subject to the Mozilla Public License Version 1.1
// (the "License"); you may not use this file except in compliance with the License.
// You may obtain a copy of the License at .
//
// Software distributed under the License is distributed on an "AS IS" basis, WITHOUT
// WARRANTY OF ANY KIND, either express or implied. See the License for the specific
// language governing rights and limitations under the License.
//
// The Original Code is the Venice Web Communities System.
//
// The Initial Developer of the Original Code is Eric J. Bowersox ,
// for Silverwrist Design Studios. Portions created by Eric J. Bowersox are
// Copyright (C) 2002 Eric J. Bowersox/Silverwrist Design Studios. All Rights Reserved.
//
// Contributor(s):
importClass(Packages.com.silverwrist.dynamo.UserInfoNamespace);
importPackage(Packages.com.silverwrist.dynamo.iface);
importPackage(Packages.com.silverwrist.dynamo.util);
importPackage(Packages.com.silverwrist.dynamo.xmlrpc);
importClass(Packages.com.silverwrist.venice.VeniceNamespaces);
importPackage(Packages.com.silverwrist.venice.session);
importPackage(Packages.com.silverwrist.venice.xmlrpc);
req = bsf.lookupBean("request"); // get request
req_help = bsf.lookupBean("request_help"); // get request helper
session = req_help.getSession(); // get session
method = req.queryString + ""; // get method name
if (method=="venice:session.destroy")
{ // destroy - takes one parameter, the session ID
if (req.getParameters().size()!=1)
dynamo.scriptReturn(new XmlRpcParameterError("parameter count mismatch");
session.invalidate(); // invalidate the session
dynamo.scriptReturn(Boolean.TRUE);
} // end if
if (method=="venice:session.login")
{ // login - parameters are session ID, user name, and password
if (req.getParameters().size()!=3)
dynamo.scriptReturn(new XmlRpcParameterError("parameter count mismatch");
username = req_help.getParameterString("1");
password = req_help.getParameterString("2");
// Check to make sure the user isn't already logged in.
old_user = vlib.getUser(session);
if (!(old_user.isAnonymous()))
dynamo.scriptReturn(new FaultCode(VeniceFaultCodes.IS_LOGGEDIN,"session already logged in"));
// Perform the login.
new_user = vlib.lookupUser(req,username);
if (new_user!=null)
{ // the user is present - we can do this
if (new_user.isAnonymous())
{ // anonymous user account - can't log in
audit.write(req,new_user,VeniceNamespaces.USER_EVENT_NAMESPACE,"login.fail","Anonymous user");
dynamo.scriptReturn(new FaultCode(VeniceFaultCodes.USER_NOLOGIN,"account cannot be logged into"));
} // end if
if (new_user.isLocked())
{ // account is locked - we can't log in
audit.write(req,new_user,VeniceNamespaces.USER_EVENT_NAMESPACE,"login.fail","Locked Account");
dynamo.scriptReturn(new FaultCode(VeniceFaultCodes.USER_LOCKED,"account locked: " + username));
} // end if
if (new_user.authenticate(UserInfoNamespace.NAMESPACE,UserInfoNamespace.AUTH_DEFAULT,"",password))
{ // authentication successful - set this user into the session and return
logger.debug("User \"" + new_user.name + "\" logged in successfully");
session.setObject(SessionInfoParams.NAMESPACE,SessionInfoParams.ATTR_USER,new_user);
audit.write(req,new_user,VeniceNamespaces.USER_EVENT_NAMESPACE,"login.ok");
new_user.setLastAccessDate(new_user,new java.util.Date());
dynamo.exec("/util/setup_user.js");
dynamo.scriptReturn(Boolean.TRUE);
} // end if
else
{ // authentication failed
audit.write(req,new_user,VeniceNamespaces.USER_EVENT_NAMESPACE,"login.fail","Bad password");
dynamo.scriptReturn(new FaultCode(VeniceFaultCodes.USER_NOAUTH,"authentication failed: " + username));
} // end else
} // end if
else
{ // the user is not found
audit.write(req,null,VeniceNamespaces.USER_EVENT_NAMESPACE,"login.fail","Bad username",username);
dynamo.scriptReturn(new FaultCode(VeniceFaultCodes.USER_NOTFOUND,"no such user: " + username));
} // end else
} // end if
// if get here, we don't grok the method name - return failure
dynamo.scriptOutput(new XmlRpcMethodNotFound(method));