Support for session login redirect in miniserv

2026-03-20 08:40:24 +00:00 · 2021-05-28 20:50:26 -07:00
parent 1152c6b792
commit 383b26c28a
4 changed files with 59 additions and 1 deletions
--- a/acl/acl-lib.pl
+++ b/acl/acl-lib.pl
@@ -1400,6 +1400,7 @@ return undef if (!$sid);
 my $t = time();
 $sessiondb{$sid} = "$username $t 127.0.0.1";
 dbmclose(%sessiondb);
+return $sid;
 }

 =head2 update_members(&allusers, &allgroups, &modules, &members)
--- a/miniserv.pl
+++ b/miniserv.pl
@@ -1850,6 +1850,25 @@ if ($config{'userfile'}) {
 				&write_logout_utmp($louser, $actphost);
 				}
 			}
+		elsif ($in{'session'}) {
+			# Session ID given .. put it in the cookie if valid
+			local $sid = $in{'session'};
+			if ($sid =~ /\r|\n|\s/) {
+				&http_error(500, "Invalid session",
+				    "Session ID contains invalid characters");
+				}
+			print $PASSINw "verify $sid 0 $acptip\n";
+			<$PASSOUTr> =~ /(\d+)\s+(\S+)/;
+			if ($1 != 2) {
+				&http_error(500, "Invalid session",
+				    "Session ID is not valid");
+				}
+			local $vu = $2;
+			local $hrv = &handle_login(
+					$vu, $vu ? 1 : 0,
+				      	0, 0, undef, 1, 0);
+			return $hrv if (defined($hrv));
+			}
 		else {
 			# Trim username to remove leading and trailing spaces to
 			# be able to login, if username pastes from somewhere
--- a/usermin/usermin-lib.pl
+++ b/usermin/usermin-lib.pl
@@ -976,6 +976,44 @@ $port ||= $config{'port'} || $miniserv{'port'};
 return ($cookie, ($ssl ? "https://" : "http://").$host.":".$port."/");
 }

+=head2 get_usermin_email_url([module], [cgi], [force-default], [force-host])
+
+Returns the base URL for accessing Usermin on this system, for use in emails.
+
+=cut
+sub get_usermin_email_url
+{
+my ($mod, $cgi, $def, $forcehost) = @_;
+
+# Work out the base URL
+my $url;
+if (!$def && $config{'usermin_email_url'}) {
+	$url = $config{'usermin_email_url'};
+	}
+else {
+	my %miniserv;
+	&get_usermin_miniserv_config(\%miniserv);
+	my $proto = $miniserv{'ssl'} ? 'https' : 'http';
+	my $port = $miniserv{'port'};
+	my $host = $forcehost || &get_system_hostname();
+	my $defport = $proto eq 'https' ? 443 : 80;
+	$url = $proto."://".$host.($port == $defport ? "" : ":".$port);
+	}
+
+# Append module if needed
+$url =~ s/\/$//;
+if ($mod && $cgi) {
+	$url .= "/".$mod."/".$cgi;
+	}
+elsif ($mod) {
+	$url .= "/".$mod."/";
+	}
+elsif ($cgi) {
+	$url .= "/".$cgi;
+	}
+return $url;
+}
+
 =head2 create_cron_wrapper(wrapper-path, module, script)

 Creates a wrapper script which calls a script in some module's directory
--- a/web-lib-funcs.pl
+++ b/web-lib-funcs.pl
@@ -11473,7 +11473,7 @@ return $referer;

 =head2 get_webmin_email_url([module], [cgi], [force-default], [force-host])

-Returns the base URL for accessing this Webmin system, for use in URLs. 
+Returns the base URL for accessing this Webmin system, for use in emails.

 =cut
 sub get_webmin_email_url