[Plweb-commits] CVS: Web/Web/Auth DBCrypt.pm,NONE,1.1 DB_MD5.pm,NONE,1.1 GDBCrypt.pm,1.3,NONE
Status: Inactive
Brought to you by:
condordes
Menu
▾
▴
[Plweb-commits] CVS: Web/Web/Auth DBCrypt.pm,NONE,1.1 DB_MD5.pm,NONE,1.1 GDBCrypt.pm,1.3,NONE
|
From: Josh <con...@us...> - 2001-10-27 09:08:37
|
Update of /cvsroot/plweb/Web/Web/Auth
In directory usw-pr-cvs1:/tmp/cvs-serv8727/Web/Auth
Added Files:
DBCrypt.pm DB_MD5.pm
Removed Files:
GDBCrypt.pm
Log Message:
Converted things over to use a real RDBMS. Got rid of the stupid GDB files
in /tmp. Added a configuration file plweb.conf. Changed everything so the
universe looks totally different. Had a mental awakening. Things like that.
--- NEW FILE: DBCrypt.pm ---
package Web::Auth::DBCrypt;
$users = Web::DBTable->get('sys_users');
sub authenticate {
my ($user, $passwd) = @_;
my $usr = $users->first(["passwd"], "user='$user'");
return 0 if ! $usr;
my $upwd = $usr->{'passwd'};
my $cpwd = crypt $passwd, substr($upwd, 0, 2);
return ($cpwd eq $upwd);
}
sub adduser {
my ($user, $newpwd) = @_;
return 0 if $users->first(["user"], "user='$user'");
$users->insert('user' => $user, 'passwd' =>crypt($newpwd,
join('', ('.', '/', 0..9, 'A'..'Z', 'a'..'z')[rand 64, rand 64])));
return 1;
}
sub deluser {
my ($user) = @_;
$users->delete("user='$user'");
return 1;
}
sub change_pwd {
my ($user, $oldpwd, $newpwd) = @_;
return 0 if ! authenticate($user, $oldpwd);
$users->update("user='$user'", 'passwd' => crypt($newpwd,
join('', ('.', '/', 0..9, 'A'..'Z', 'a'..'z')[rand 64, rand 64])));
return 1;
}
1;
=head1 NAME
Web::Auth::DBCrypt - Uses the native DB and the crypt() function to store
usernames and passwords.
=head1 SYNOPSIS
You should use Web::Session to authenticate users. The only reason to directly
access Web::Auth::DBCrypt is to perform user management tasks.
B<PLEASE NOTE> that this module is B<NOT COMPATIBLE> with other DB
authentication modules which are provided (such as DB_MD5)
use Web::Auth::DBCrypt; # This must happen even if you use Web;
Web::Auth::DBCrypt::adduser("username", "passwd");
Web::Auth::DBCrypt::deluser("username");
Web::Auth::DBCrypt::change_pwd("username", "oldpasswd", "newpasswd");
=head1 DESCRIPTION
=over 4
=item Web::Auth::DBCrypt::B<adduser>(username, passwd)
Adds the specified user to the database and sets his/her password.
=item Web::Auth::DBCrypt::B<deluser>(username, passwd)
Removes the specified user from the database.
=item Web::Auth::DBCrypt::B<change_pwd>(username, oldpwd, newpwd)
Changes the user's password, provided that his/her old password is correct.
=back
=head1 AUTHORS
Joshua J. Berry <con...@us...>
=cut
--- NEW FILE: DB_MD5.pm ---
package Web::Auth::DB_MD5;
use Digest::MD5 qw(md5_base64);
$users = Web::DBTable->get('sys_users');
sub authenticate {
my ($user, $passwd) = @_;
my $usr = $users->first(["passwd"], "user='$user'");
return 0 if ! $usr;
my $upwd = $usr->{'passwd'};
my $cpwd = md5_base64($passwd);
return ($cpwd eq $upwd);
}
sub adduser {
my ($user, $newpwd) = @_;
return 0 if $users->first(["user"], "user='$user'");
$users->insert('user' => $user, 'passwd' => md5_base64($newpwd));
return 1;
}
sub deluser {
my ($user) = @_;
$users->delete("user='$user'");
return 1;
}
sub change_pwd {
my ($user, $oldpwd, $newpwd) = @_;
return 0 if ! authenticate($user, $oldpwd);
$users->update("user='$user'", 'passwd' => md5_base64($newpwd));
return 1;
}
1;
=head1 NAME
Web::Auth::DB_MD5 - Uses the native DB and the MD5 function to store
usernames and passwords.
=head1 SYNOPSIS
You should use Web::Session to authenticate users. The only reason to directly
access Web::Auth::DB_MD5 is to perform user management tasks.
B<PLEASE NOTE> that this module is B<NOT COMPATIBLE> with other DB
authentication modules which are provided (such as DBCrypt)
use Web::Auth::DB_MD5; # This must happen even if you use Web;
Web::Auth::DB_MD5::adduser("username", "passwd");
Web::Auth::DB_MD5::deluser("username");
Web::Auth::DB_MD5::change_pwd("username", "oldpasswd", "newpasswd");
=head1 DESCRIPTION
=over 4
=item Web::Auth::DB_MD5::B<adduser>(username, passwd)
Adds the specified user to the database and sets his/her password.
=item Web::Auth::DB_MD5::B<deluser>(username, passwd)
Removes the specified user from the database.
=item Web::Auth::DB_MD5::B<change_pwd>(username, oldpwd, newpwd)
Changes the user's password, provided that his/her old password is correct.
=back
=head1 AUTHORS
Joshua J. Berry <con...@us...>
=cut
--- GDBCrypt.pm DELETED ---
|
