Author Topic: Creating user auth  (Read 1756 times)

0 Members and 1 Guest are viewing this topic.

Offline Jason

  • Administrator
  • Hero Member
  • *****
  • Posts: 1018
    • slipdex
Creating user auth
« on: July 05, 2007, 09:48:05 AM »
OK folks....  this is a bit complicated, BUT I think I have the first component to having the scripts create htaccess usernames and passwords.

It works in a series of two scripts.  I found a perl script that was originally made to simply return a correctly crypted htpasswd file.  I modified the script slightly to return those values to a hidden form instead of to the user.  Then using a tricky onLoad command on a hidden image, I take the correctly crypted username and password and use our good friend csvwrite to send the correct elements to the htpasswd file.

There is still a lot of work to be done, like creating a way to prevent the use of an existing username and being able to manage groups, but this is the first step to getting this to actually work so we can use the csv scripts to manage REAL user sign up forms and create user only pages.

You can test out the extremely alpha version here:
http://www.theinternetsolutionsgroup.com/ezscripts/password.htm
That form will create the crypted file, then the subsequent confirmation page will send it thru the csvwrite script to store it in the htpasswd file.

You can test the access point here:
http://theinternetsolutionsgroup.com/ezscripts/test_htaccess/
calling that page directly will prompt you for a username and password.  Give it a shot.  Any and all help coding and testing for this project would be appreciated!!

Jason
Founder of www.slipdex.com

Offline KMK

  • Newbie
  • *
  • Posts: 3
    • KMK Enterprises
Re: Creating user auth
« Reply #1 on: September 18, 2007, 05:59:03 AM »
Maybe this will give you some ideas....

Last year, I created a script for a photographer who wanted to create password protected online photo galleries for his clients. I wrote the script to create the directories using a username and password provided via an intake form, and then copy the gscript files into it. Luckily, on our server, full paths in the scripts weren't required, so we could configure the gscript.pl file like so:

GSCRIPT.PL
Code: [Select]
my $database                  = 'database.txt';
my $token                     = '@#@#@';
my $image_dir                 = 'images';
my $template_list             = 'listtemplate.html';
my $template_view             = 'viewtemplate.html';
my $template_slide            = 'slidetemplate.html';
my $template_admin            = 'template.html';
my $template_error            = 'template.html';
my $image_url                 = 'images';


The files were copied from a directory called "blank" which contained all the template files, an empty database.txt file and an htaccess.txt file:

Code: [Select]
AuthType Basic

AuthName "Client Gallery"

AuthUserFile "/home/user/.htpasswds/galleries/

as well as a file called passwd.txt which was just a blank text file.

Then we called the perl script from a form action on a page:

Code: [Select]
<form action="cgi-bin/galleryinstaller.pl" method="get">
No spaces are allowed in the gallery name or password. If you need a space, please use an underscore (_).<BR><BR>
Gallery Name:<INPUT TYPE="TEXT" NAME="dirname" ID="dirname"><BR>
Password: <INPUT TYPE="TEXT" NAME="letmein" ID="letmein">
<INPUT TYPE="SUBMIT" VALUE="Begin"></form>

PERL SCRIPT: galleryinstaller.pl
Code: [Select]
#!/usr/bin/perl

#########################
use warnings;
use CGI qw/:standard/;

require "subparseform.lib";
&Parse_Form;
$dir = $formdata{'dirname'};
$pwd = $formdata{'letmein'};
chomp($dir,$pwd);

#########################
# user configuration section
#########################
# base_path=location where folders and files will be created
my $base_path = "/home/user/public_html/galleries";
# cpy_path=location where you uploaded the blank folder
my $cpy_path ="/home/user/public_html";
# htp_path=location of .htpasswd files
my $htp_path = "/home/user/.htpasswds/galleries";
# admin_mail=email address used to send and receive account creation email
my $admin_mail = "you\@yourdomain.com";
# http_path=the base URL where the new folders and files can be found
my $http_path = "http://www.yourdomain.com/galleries";
# mailprog=path to sendmail on your server
my $mailprog  = "/usr/sbin/sendmail";
#########################
# end user configuration section
#########################

print header, start_html("Gallery Installer Script");


if (-e ("$base_path/$dir")){
    print "The directory $dir already exists!  \n";
    } else {

print "The directory to be created will be called $dir.<BR> \n";

# an attempt is made to create the new directory called $dir
(mkdir ("$base_path/$dir", 0755));
(mkdir ("$base_path/$dir/images", 0755));



print "Preparing to install directories.<BR> \n";
print "Creating $dir... $dir Created!<BR> \n";
print "Creating $dir/images... $dir/images Created!<BR> \n";

use File::Copy;

(copy ("$cpy_path/blank/database.txt", "$base_path/$dir/database.txt") or die);
(copy ("$cpy_path/blank/gscript.pl", "$base_path/$dir/gscript.pl") or die);
(copy ("$cpy_path/blank/listtemplate.html", "$base_path/$dir/listtemplate.html") or die);
(copy ("$cpy_path/blank/slidetemplate.html", "$base_path/$dir/slidetemplate.html") or die);
(copy ("$cpy_path/blank/template.html", "$base_path/$dir/template.html") or die);
(copy ("$cpy_path/blank/viewtemplate.html", "$base_path/$dir/viewtemplate.html") or die);

print "<BR><BR>All files copied. \n";

(chmod (0755, "$base_path/$dir/gscript.pl") or die);
print "<BR><BR>File permissions set. \n";

(mkdir ("$htp_path/$dir", 0755));
(copy ("$cpy_path/blank/passwd.txt", "$htp_path/$dir/passwd") or die);

$newpassword = crypt($pwd, aa);
(open (PASS, ">$htp_path/$dir/passwd") or die);
(print (PASS ("$dir","\:","$newpassword")));
(close (PASS)); 
(copy ("$cpy_path/blank/htaccess.txt", "$base_path/$dir/.htaccess") or die);
$lastline = "require valid-user";
(open (ACCESS, ">>$base_path/$dir/.htaccess") or die);
(print (ACCESS ("$dir","\/","passwd","\" \n")));
(print (ACCESS ("$lastline")));
(close (ACCESS));

open(MAIL,"|$mailprog -t");
print MAIL "To: $admin_mail \n";
print MAIL "From: $admin_mail \n";
print MAIL "Subject: New Client Directory Created \n\n";
print MAIL "Username\: $dir \n";
print MAIL "Password\: $pwd \n";
print MAIL "URL\: $http_path/$dir/gscript.pl \n";
close(MAIL);

print "<BR><BR>New gallery password protected. \n";
print "<BR><BR>Admin email sent. \n";
print "<BR><BR>Install complete!";
}
print end_html;
« Last Edit: September 18, 2007, 06:01:23 AM by KMK »
KMK ENTERPRISES Custom Web Page Design, Inc.

Offline smc

  • Full Member
  • ***
  • Posts: 45
    • EternityWhere.com
Re: Creating user auth
« Reply #2 on: September 18, 2007, 06:25:01 AM »
Wow!

Many thanks for making this available!

Offline ePage

  • Newbie
  • *
  • Posts: 1
Re: Creating user auth
« Reply #3 on: May 15, 2017, 03:57:20 PM »
Gosh, I love these scripts.

I wish everyone was still active in here.  Such great, great people. 

I so  very miss Jan (EZ -, who Passed on) but I also very much miss Jason, Pauls ADalby and SWC's great contributions.
« Last Edit: May 15, 2017, 04:02:16 PM by ePage »