[Codestriker-commits] CVS update: codestriker/lib/Codestriker/Action Authenticate.pm UpdatePassword.pm

[<si...@us...>]

  User: sits    
  Date: 08/09/07 23:49:38

  Modified:    template/en/default header.html.tmpl
               t/Http/Method reset-password.t
               lib/Codestriker/Model User.pm
               lib/Codestriker/Http/Method ResetPasswordMethod.pm
                        AuthenticateMethod.pm
               lib/Codestriker/Http Template.pm
               lib/Codestriker/Action UpdatePassword.pm
  Added:       lib/Codestriker/Action Authenticate.pm
  Log:
  Now have the login screen working, and checking against the password
  correctly.  Now need to enforce the use of a login depending on what
  is set in codestriker.conf so that older deployments are not affected.
  
  
  
  Index: header.html.tmpl
  ===================================================================
  RCS file: /cvsroot/codestriker/codestriker/template/en/default/header.html.tmpl,v
  retrieving revision 1.17
  retrieving revision 1.18
  diff -u -r1.17 -r1.18
  --- header.html.tmpl	23 Jun 2008 10:12:16 -0000	1.17
  +++ header.html.tmpl	8 Sep 2008 06:49:37 -0000	1.18
  @@ -18,6 +18,7 @@
       [% END %]
       | <a href="[% create_topic_url | html_entity %]">Create new topic</a>
       [% IF searchlist_enabled != 0 %] | <a href="[% search_url | html_entity %]">Search</a> [% END %]
  +    [% IF login_url != "" %] | <a href="[% login_url %]">Log In</a>[% END %]
       [% IF help != "" %] | <a href="[% doc_url | html_entity %]/[% help %]">Help</a>[% END %]
     </div>
     [% END %]
  
  
  
  
  
  Index: reset-password.t
  ===================================================================
  RCS file: /cvsroot/codestriker/codestriker/t/Http/Method/reset-password.t,v
  retrieving revision 1.2
  retrieving revision 1.3
  diff -u -r1.2 -r1.3
  --- reset-password.t	7 Sep 2008 12:20:30 -0000	1.2
  +++ reset-password.t	8 Sep 2008 06:49:37 -0000	1.3
  @@ -1,7 +1,7 @@
   # Tests for the ResetPassword method.
   
   use strict;
  -use Test::More tests => 3;
  +use Test::More tests => 2;
   
   use lib '../../../lib';
   use Test::MockObject;
  @@ -18,22 +18,10 @@
   my $url_nice = Codestriker::Http::Method::ResetPasswordMethod->new($mock_query, 0);
   
   is($url_cgi->url(email => 'jo...@bl...'),
  -   $mock_query->url() . '?action=reset_password&email=joe%40bloggs.com',
  +   $mock_query->url() . '?action=reset_password',
      "Reset password URL CGI syntax");
   
   is($url_nice->url(email => 'jo...@bl...',
                     challenge => 'abcdefg'),
  -   $mock_query->url() . '/user/joe%40bloggs.com/password/reset',
  +   $mock_query->url() . '/users/reset',
      "Reset password URL nice syntax");
  -
  -# Check that the parameters extracted correctly.
  -my $mock_http_input = Test::MockObject->new();
  -$mock_http_input->{query} = $mock_query;
  -$mock_http_input->mock('extract_cgi_parameters', sub { return undef; });
  -$mock_query->mock('path_info',
  -                  sub {
  -                  	return '/user/joe%40bloggs.com/password/reset';
  -                  });
  -$mock_query->mock('param', sub { return undef; });
  -$url_nice->extract_parameters($mock_http_input);
  -is ($mock_http_input->{email}, 'jo...@bl...', "email nice URL parameter extraction");
  
  
  
  
  
  Index: User.pm
  ===================================================================
  RCS file: /cvsroot/codestriker/codestriker/lib/Codestriker/Model/User.pm,v
  retrieving revision 1.4
  retrieving revision 1.5
  diff -u -r1.4 -r1.5
  --- User.pm	8 Sep 2008 05:17:18 -0000	1.4
  +++ User.pm	8 Sep 2008 06:49:37 -0000	1.5
  @@ -70,6 +70,13 @@
       return $count;
   }
   
  +# Checks if the specified password matches this user record.
  +sub check_password {
  +    my ($self, $password) = @_;
  +
  +    return crypt($password, $self->{password_hash}) eq $self->{password_hash};
  +}
  +
   # Update an existing user record with a new password.
   sub update_password {
       my ($self, $new_password) = @_;
  
  
  
  
  
  Index: ResetPasswordMethod.pm
  ===================================================================
  RCS file: /cvsroot/codestriker/codestriker/lib/Codestriker/Http/Method/ResetPasswordMethod.pm,v
  retrieving revision 1.3
  retrieving revision 1.4
  diff -u -r1.3 -r1.4
  --- ResetPasswordMethod.pm	8 Sep 2008 05:17:19 -0000	1.3
  +++ ResetPasswordMethod.pm	8 Sep 2008 06:49:38 -0000	1.4
  @@ -10,6 +10,7 @@
   package Codestriker::Http::Method::ResetPasswordMethod;
   
   use strict;
  +use Carp;
   use Codestriker::Http::Method;
   use Codestriker::Action::ResetPassword;
   
  @@ -20,11 +21,9 @@
       my ($self, %args) = @_;
   
       if ($self->{cgi_style}) {
  -        return $self->{url_prefix} . "?action=reset_password" .
  -          "&email=" . CGI::escape($args{email});
  +        return $self->{url_prefix} . "?action=reset_password";
       } else {
  -        return $self->{url_prefix} . "/user/" . CGI::escape($args{email}) .
  -          "/password/reset";
  +        return $self->{url_prefix} . "/users/reset";
       }
   }
   
  @@ -36,9 +35,8 @@
       if ($self->{cgi_style} && defined $action && $action eq "reset_password") {
           $http_input->extract_cgi_parameters();
           return 1;
  -    } elsif ($path_info =~ m{^/user/.*/password/reset$}) {
  -        $self->_extract_nice_parameters($http_input,
  -                                        user => 'email');
  +    } elsif ($path_info eq '/users/reset') {
  +        $self->_extract_nice_parameters($http_input);
           return 1;
       } else {
           return 0;
  
  
  
  
  
  Index: AuthenticateMethod.pm
  ===================================================================
  RCS file: /cvsroot/codestriker/codestriker/lib/Codestriker/Http/Method/AuthenticateMethod.pm,v
  retrieving revision 1.2
  retrieving revision 1.3
  diff -u -r1.2 -r1.3
  --- AuthenticateMethod.pm	7 Sep 2008 04:49:26 -0000	1.2
  +++ AuthenticateMethod.pm	8 Sep 2008 06:49:38 -0000	1.3
  @@ -11,6 +11,7 @@
   
   use strict;
   use Codestriker::Http::Method;
  +use Codestriker::Action::Authenticate;
   
   @Codestriker::Http::Method::AuthenticateMethod::ISA = ("Codestriker::Http::Method");
   
  
  
  
  
  
  Index: Template.pm
  ===================================================================
  RCS file: /cvsroot/codestriker/codestriker/lib/Codestriker/Http/Template.pm,v
  retrieving revision 1.20
  retrieving revision 1.21
  diff -u -r1.20 -r1.21
  --- Template.pm	6 Sep 2008 00:31:47 -0000	1.20
  +++ Template.pm	8 Sep 2008 06:49:38 -0000	1.21
  @@ -126,6 +126,7 @@
       $vars->{'create_topic_url'} = $url_builder->create_topic_url();
       $vars->{'search_url'} = $url_builder->search_url();
       $vars->{'doc_url'} = $url_builder->doc_url();
  +    $vars->{'login_url'} = $url_builder->login_url();
   
       my $data = "";
       my $rc = $self->{template}->process($self->{name} . "." . $self->{type} . ".tmpl",
  
  
  
  
  
  Index: UpdatePassword.pm
  ===================================================================
  RCS file: /cvsroot/codestriker/codestriker/lib/Codestriker/Action/UpdatePassword.pm,v
  retrieving revision 1.1
  retrieving revision 1.2
  diff -u -r1.1 -r1.2
  --- UpdatePassword.pm	8 Sep 2008 05:17:19 -0000	1.1
  +++ UpdatePassword.pm	8 Sep 2008 06:49:38 -0000	1.2
  @@ -38,7 +38,7 @@
                 "Your password has not been changed.";
           } else {
               $user->update_password($password);
  -            $feedback = "Password has been updated.";
  +            $feedback = "Your password has been updated.";
           }
       }
   
  
  
  
  
  
  Index: Authenticate.pm
  ===================================================================
  RCS file: Authenticate.pm
  diff -N Authenticate.pm
  --- /dev/null	1 Jan 1970 00:00:00 -0000
  +++ Authenticate.pm	8 Sep 2008 06:49:38 -0000	1.1
  @@ -0,0 +1,54 @@
  +###############################################################################
  +# Codestriker: Copyright (c) 2001, 2002 David Sitsky.  All rights reserved.
  +# si...@us...
  +#
  +# This program is free software; you can redistribute it and modify it under
  +# the terms of the GPL.
  +
  +# Action object for authenticating a user.
  +
  +package Codestriker::Action::Authenticate;
  +
  +use strict;
  +use Codestriker::Http::UrlBuilder;
  +use Codestriker::Model::User;
  +
  +sub process {
  +    my ($type, $http_input, $http_response) = @_;
  +
  +    my $query = $http_response->get_query();
  +    my $email = $http_input->get('email');
  +    my $password = $http_input->get('password');
  +    my $redirect = $http_input->get('redirect');
  +
  +    my $feedback = "";
  +
  +    # Check if the account for this email address is valid.
  +    if (!Codestriker::Model::User->exists($email)) {
  +        $feedback = "The username or password you entered is not valid.";
  +    } else {
  +        my $user = Codestriker::Model::User->new($email);
  +
  +        # Check that the password entered is correct.
  +        if (! $user->check_password($password)) {
  +            $feedback = "The username or password you entered is not valid.";
  +        }
  +    }
  +
  +    # If there is feedback, redirect to the login screen.
  +    my $url_builder = Codestriker::Http::UrlBuilder->new($query);
  +    if ($feedback ne "") {
  +        my $url = $url_builder->login_url(feedback => $feedback);
  +        print $query->redirect(-URI => $url);
  +    } else {
  +        # Redirect to the specified URL, if present, otherwise go to the default
  +        # URL.
  +        if (defined $redirect && $redirect ne "") {
  +            print $query->redirect(-URI => $redirect);
  +        } else {
  +            print $query->redirect(-URI => $query->url());
  +        }
  +    }
  +}
  +
  +1;