-(* Easy Web Pages (EWP) scripts.
+(* COCANWIKI - a wiki written in Objective CAML.
* Written by Richard W.M. Jones <rich@merjis.com>.
* Copyright (C) 2004 Merjis Ltd.
- * $Id: login.ml,v 1.1 2004/09/07 16:19:43 rich Exp $
+ * $Id: login.ml,v 1.4 2004/09/25 13:17:00 rich Exp $
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; see the file COPYING. If not, write to
+ * the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ * Boston, MA 02111-1307, USA.
*)
open Apache
let expires = "Wed, 18-May-2033 04:33:20 GMT"
-let run r (q : cgi) (dbh : Dbi.connection) (hostid, _, _) _ =
+let run r (q : cgi) (dbh : Dbi.connection) hostid _ _ =
let username = q#param "username" in
let password = q#param "password" in
let permanent = try "1" = q#param "permanent" with Not_found -> false in
let redirect = try q#param "redirect" with Not_found -> "/" in
- let sth = dbh#prepare_cached "select id from users
+ let sth = dbh#prepare_cached "select id, force_password_change from users
where name = ? and password = ?
and hostid = ?" in
sth#execute [`String username; `String password; `Int hostid];
try
- let userid = sth#fetch1int () in
+ let userid, force_password_change =
+ match sth#fetch1 () with
+ [ `Int userid; `Bool force_password_change ] ->
+ userid, force_password_change
+ | _ -> assert false in
(* Create a cookie. *)
let cookie = random_sessionid () in
dbh#commit ();
+ (* Force password change? *)
+ let redirect =
+ if force_password_change then "/_bin/change_password_form.cmo"
+ else redirect in
+
let cookie =
if permanent then
Cookie.cookie ~name:"auth" ~value:cookie ~path:"/" ~expires ()
Cookie.cookie ~name:"auth" ~value:cookie ~path:"/" () in
ok ~title:"Logged in" ~buttons:[ok_button redirect] ~cookie
- q ("Welcome back " ^ username ^ ".")
+ q ("Welcome back " ^ username ^ "." ^
+ if force_password_change then " Please change your password now."
+ else "")
with
Not_found ->
error