Menu
▾
▴
[Sandweb-commit] CVS: sandweb/lib/SandWeb Auth.pm,1.26,1.27
|
From: Rob H. <for...@us...> - 2003-08-24 18:43:36
|
Update of /cvsroot/sandweb/sandweb/lib/SandWeb
In directory sc8-pr-cvs1:/tmp/cvs-serv13700/lib/SandWeb
Modified Files:
Auth.pm
Log Message:
integrated Unix support, you can configure between unix and flatfile
auth_type in sandweb.cfg
sandweb-admin still needs to be run to create the user directory, but
it won't ask for a password if you're a "unix" user.
Index: Auth.pm
===================================================================
RCS file: /cvsroot/sandweb/sandweb/lib/SandWeb/Auth.pm,v
retrieving revision 1.26
retrieving revision 1.27
diff -U2 -r1.26 -r1.27
--- Auth.pm 9 Jul 2003 06:23:33 -0000 1.26
+++ Auth.pm 24 Aug 2003 18:43:32 -0000 1.27
@@ -47,10 +47,10 @@
my $login = $auth->login(
- 'log_obj' => $log,
- 'data_dir' => $config->{'paths'}->{'data_dir'},
- 'users_dir' => $config->{'paths'}->{'users_dir'},
- 'cookie_path' => $config->{'cookie'}->{'path'},
- 'cookie_domain' => $config->{'cookie'}->{'domain'},
- );
+ 'log_obj' => $log,
+ 'data_dir' => $config->{'paths'}->{'data_dir'},
+ 'users_dir' => $config->{'paths'}->{'users_dir'},
+ 'cookie_path' => $config->{'cookie'}->{'path'},
+ 'cookie_domain' => $config->{'cookie'}->{'domain'},
+ );
@@ -61,37 +61,37 @@
PARAMETERS
- log_obj (type: string) (required)
-
+ log_obj (type: string) (required)
+
This contains a reference to an instantiated log object.
- Default: none.
+ Default: none.
- data_dir (type: string) (required)
+ data_dir (type: string) (required)
- This is the path to SandWeb's data directory.
+ This is the path to SandWeb's data directory.
- Default: none.
+ Default: none.
- cookie_path (type: string) (required)
+ cookie_path (type: string) (required)
- This is the path on the server side where cookie data is stored.
+ This is the path on the server side where cookie data is stored.
- Default: none.
-
- cookie_domain (type: string) (required)
+ Default: none.
+
+ cookie_domain (type: string) (required)
This is the domain that we tell the browser this cookie belongs to.
- Default: none.
+ Default: none.
RETURN CODES
- 1 = The operation completed successfully.
+ 1 = The operation completed successfully.
- 0 = This means that the method got an error proccessing your request.
- Perhaps an invalid parameter?
+ 0 = This means that the method got an error proccessing your request.
+ Perhaps an invalid parameter?
-1 = This return value means that there was not sufficient permision to
- read the files specified, or they did not exist.
+ read the files specified, or they did not exist.
--------------------------------------------------------------------------------
@@ -100,17 +100,18 @@
sub new {
- my $class = shift;
- my %args = @_;
+ my $class = shift;
+ my %args = @_;
- my $self = bless {
- 'user_info' => {},
- '_log_obj' => $args{'log_obj'},
- '_data_dir' => $args{'data_dir'},
- '_users_dir' => $args{'users_dir'},
- '_cookie_path' => $args{'cookie_path'},
- '_cookie_domain' => $args{'cookie_domain'},
- }, $class;
+ my $self = bless {
+ 'user_info' => {},
+ '_log_obj' => $args{'log_obj'},
+ '_data_dir' => $args{'data_dir'},
+ '_users_dir' => $args{'users_dir'},
+ '_cookie_path' => $args{'cookie_path'},
+ '_cookie_domain' => $args{'cookie_domain'},
+ '_auth_type' => $args{'auth_type'},
+ }, $class;
- return $self;
+ return $self;
}
@@ -126,5 +127,5 @@
password => $password,
salt => $salt,
- );
+ );
@@ -136,27 +137,27 @@
PARAMETERS
- username (type: string) (required)
+ username (type: string) (required)
Contains a username to check for authenticity.
-
- Default: none.
+
+ Default: none.
- username (type: string) (required)
+ username (type: string) (required)
Contains an encrypted password to check for authenticity.
- Default: none.
+ Default: none.
- username (type: string) (required)
+ username (type: string) (required)
- Contains the salt for the encrypted password.
-
- Default: none.
+ Contains the salt for the encrypted password.
+
+ Default: none.
RETURN CODES
- 1 = The user is authentic.
+ 1 = The user is authentic.
- 0 = The user is not authentic.
+ 0 = The user is not authentic.
--------------------------------------------------------------------------------
@@ -165,37 +166,54 @@
sub login {
- my $self = shift;
- my %args = @_;
+ my $self = shift;
+ my %args = @_;
+
+ my $username = $args{'username'};
+ my $password = $args{'password'};
+ my $auth;
+ my $salt;
+ my $verified;
+
+ my $log = $self->_logobj();
+ $log->debug("username: $username, password: $password\n");
+ $log->debug("auth type is: ".$self->_get_auth_type()."\n");
+
+ $log->debug("data_dir is: ".$self->_get_data_dir());
+
+ if ($self->_get_auth_type() eq 'flatfile'){
+ $auth = SandWeb::Auth::FlatFile::->new(
+ 'log_obj' => $log,
+ );
+ $salt = $args{'salt'};
+ $verified = $auth->verify_password(
+ $username,
+ $password,
+ $self->_get_data_dir(),
+ $salt
+ );
+ }
- my $username = $args{'username'};
- my $password = $args{'password'};
- #my $salt = $args{'salt'};
-
- my $log = $self->_logobj();
- $log->debug("username: $username, password: $password\n");
-
- #my $auth = SandWeb::Auth::FlatFile::->new(
- # 'log_obj' => $log,
- #);
- my $auth = SandWeb::Auth::Unix::->new(
- 'log_obj' => $log,
- );
-
- my $verified = $auth->verify_password(
- $username,
- $password,
- $self->_get_users_dir(),
- );
+ if ($self->_get_auth_type() eq 'unix'){
+ $auth = SandWeb::Auth::Unix::->new(
+ 'log_obj' => $log,
+ );
+ $verified = $auth->verify_password(
+ $username,
+ $password,
+ $self->_get_users_dir()
+ );
+ }
+
- if ($verified) {
+ if ($verified) {
$self->_set_user_info_username($username);
$self->_set_user_info_password($password);
$log->standard("$username logged on.");
return 1;
- }
+ }
- else {
- return 0;
- }
+ else {
+ return 0;
+ }
}
@@ -219,10 +237,10 @@
Takes value of the user's cookie as an argument.
-
+
RETURN CODES
- 1 = The cookie is valid, and the load completed successfully.
+ 1 = The cookie is valid, and the load completed successfully.
- 0 = The cookie is not valid, the user info was not loaded.
+ 0 = The cookie is not valid, the user info was not loaded.
@@ -232,18 +250,18 @@
sub load_user {
- # verifies cookie
- # and loads userinfo
+ # verifies cookie
+ # and loads userinfo
- my $self = shift;
- my $cookie_value = shift;
+ my $self = shift;
+ my $cookie_value = shift;
- my $username = $self->_search_cookiedata($cookie_value);
- unless ($username) {
- return 0;
- }
-
- $self->_set_user_info_username($username);
- $self->_set_user_info_cookie($cookie_value);
- return 1;
+ my $username = $self->_search_cookiedata($cookie_value);
+ unless ($username) {
+ return 0;
+ }
+
+ $self->_set_user_info_username($username);
+ $self->_set_user_info_cookie($cookie_value);
+ return 1;
}
@@ -267,8 +285,8 @@
RETURN CODES
- 1 = The operation completed successfully.
+ 1 = The operation completed successfully.
- 0 = This means that the method got an error proccessing your request.
- Maybe the cookie file could not be written to?
+ 0 = This means that the method got an error proccessing your request.
+ Maybe the cookie file could not be written to?
--------------------------------------------------------------------------------
@@ -277,9 +295,9 @@
sub logout {
- my $self = shift;
- my %args = @_;
- # need to remove cookie or invalidate it somehow
- my $username = $self->get_username();
- return $self->_remove_cookiedata($username);
+ my $self = shift;
+ my %args = @_;
+ # need to remove cookie or invalidate it somehow
+ my $username = $self->get_username();
+ return $self->_remove_cookiedata($username);
}
@@ -303,7 +321,7 @@
RETURN CODES
- Returns a string.
+ Returns a string.
- 0 = This means that the method got an error proccessing your request.
+ 0 = This means that the method got an error proccessing your request.
--------------------------------------------------------------------------------
@@ -312,6 +330,6 @@
sub get_username {
- my $self = shift;
- my $value = shift;
+ my $self = shift;
+ my $value = shift;
return $self->{user_info}->{'username'};
}
@@ -337,29 +355,29 @@
- Returns a randomly generated string.
+ Returns a randomly generated string.
- 0 = This means that the method got an error proccessing your request.
+ 0 = This means that the method got an error proccessing your request.
=cut
sub set_auth_cookie {
- my $self = shift;
- my $log = $self->_logobj();
- unless ($self->get_username()) {
+ my $self = shift;
+ my $log = $self->_logobj();
+ unless ($self->get_username()) {
$log->error("set_cookie called when user_info not set (no login)");
- return 0;
- }
-
- my @chars = ( "A" .. "Z", "a" .. "z", 0 .. 9 );
- my $random = join("", @chars[ map { rand @chars } ( 1 .. 20 ) ]);
- my $cookie_path = $self->_get_cookie_path();
- my $cookie_domain = $self->_get_cookie_domain();
-
- $self->_store_cookie_info($random);
-
- return (
- -name => "sandweb_auth",
- -value => $random,
- );
+ return 0;
+ }
+
+ my @chars = ( "A" .. "Z", "a" .. "z", 0 .. 9 );
+ my $random = join("", @chars[ map { rand @chars } ( 1 .. 20 ) ]);
+ my $cookie_path = $self->_get_cookie_path();
+ my $cookie_domain = $self->_get_cookie_domain();
+
+ $self->_store_cookie_info($random);
+
+ return (
+ -name => "sandweb_auth",
+ -value => $random,
+ );
}
@@ -384,7 +402,7 @@
- Returns the highest level group user is associated with.
+ Returns the highest level group user is associated with.
- 0 = This means that the method got an error proccessing your request.
+ 0 = This means that the method got an error proccessing your request.
=cut
@@ -437,123 +455,127 @@
sub _store_cookie_info {
- my $self = shift;
- my $cookie_value = shift;
- my $log = $self->_logobj();
+ my $self = shift;
+ my $cookie_value = shift;
+ my $log = $self->_logobj();
- unless ($self->_write_cookiedata($cookie_value)) {
+ unless ($self->_write_cookiedata($cookie_value)) {
$log->error("Unable to write cookiedata");
$log->debug("Unable to write cookiedata");
- return 0;
- }
+ return 0;
+ }
- return 1;
+ return 1;
}
sub _search_cookiedata {
- # returns username that matches auth cookie value
- my $self = shift;
- my $cookie_value = shift;
- chomp $cookie_value;
- my $data_dir = $self->_get_data_dir();
- my $file = "$data_dir/cookies";
-
- unless (-f $file) {
- return 0;
- }
-
- open(CF, "<$file");
- my @lines = <CF>;
- close CF;
+ # returns username that matches auth cookie value
+ my $self = shift;
+ my $cookie_value = shift;
+ chomp $cookie_value;
+ my $data_dir = $self->_get_data_dir();
+ my $file = "$data_dir/cookies";
- foreach my $line (@lines) {
+ unless (-f $file) {
+ return 0;
+ }
+
+ open(CF, "<$file");
+ my @lines = <CF>;
+ close CF;
+
+ foreach my $line (@lines) {
chomp $line;
- my ($u, $c) = split(':', $line);
+ my ($u, $c) = split(':', $line);
if ($c eq $cookie_value) {
- return $u;
+ return $u;
+ }
}
- }
- return 0;
+ return 0;
}
sub _write_cookiedata {
- my $self = shift;
- my $cookie_value = shift;
- chomp $cookie_value;
- my $username = $self->get_username();
- my $data_dir = $self->_get_data_dir();
- my $file = "$data_dir/cookies";
-
- open (CF, ">>$file") or return 0;
- print CF "$username:$cookie_value\n";
- close CF;
+ my $self = shift;
+ my $cookie_value = shift;
+ chomp $cookie_value;
+ my $username = $self->get_username();
+ my $data_dir = $self->_get_data_dir();
+ my $file = "$data_dir/cookies";
- return 1;
+ open (CF, ">>$file") or return 0;
+ print CF "$username:$cookie_value\n";
+ close CF;
+
+ return 1;
}
sub _remove_cookiedata {
- my $self = shift;
- my $username = shift;
- my $file = $self->_get_data_dir() . "/cookies";
- my $log = $self->_logobj();
-
- open (CF, "<$file") or $log->debug(" - Unable to read file '$file': $!");
- my @current_file = <CF>;
- close CF;
+ my $self = shift;
+ my $username = shift;
+ my $file = $self->_get_data_dir() . "/cookies";
+ my $log = $self->_logobj();
- open (CF, ">$file") or $log->debug(" - Unable to open file '$file': $!");
- foreach my $line (@current_file) {
+ open (CF, "<$file") or $log->debug(" - Unable to read file '$file': $!");
+ my @current_file = <CF>;
+ close CF;
+
+ open (CF, ">$file") or $log->debug(" - Unable to open file '$file': $!");
+ foreach my $line (@current_file) {
chomp $line;
next unless ($line);
- my ($u,$c) = split(':', $line);
+ my ($u,$c) = split(':', $line);
unless ($u eq $username) {
- print CF "$u:$c\n";
- }
- }
- close CF;
-
- return 1;
+ print CF "$u:$c\n";
+ }
+ }
+ close CF;
+
+ return 1;
}
sub _set_user_info_username {
- my $self = shift;
- my $set = shift;
- $self->{user_info}->{username} = $set;
- return 1;
+ my $self = shift;
+ my $set = shift;
+ $self->{user_info}->{username} = $set;
+ return 1;
}
sub _set_user_info_cookie {
- my $self = shift;
- my $set = shift;
- $self->{user_info}->{cookie} = $set;
- return 1;
+ my $self = shift;
+ my $set = shift;
+ $self->{user_info}->{cookie} = $set;
+ return 1;
}
sub _set_user_info_password {
- my $self = shift;
- my $set = shift;
- $self->{user_info}->{password} = $set;
- return 1;
+ my $self = shift;
+ my $set = shift;
+ $self->{user_info}->{password} = $set;
+ return 1;
}
sub _get_data_dir {
- my $self = shift;
- return $self->{'_data_dir'};
+ my $self = shift;
+ return $self->{'_data_dir'};
}
sub _get_users_dir {
- my $self = shift;
- return $self->{'_users_dir'};
+ my $self = shift;
+ return $self->{'_users_dir'};
}
sub _logobj {
- my $self = shift;
- return $self->{'_log_obj'};
+ my $self = shift;
+ return $self->{'_log_obj'};
}
sub _get_cookie_path {
- my $self = shift;
- return $self->{'_cookie_path'};
+ my $self = shift;
+ return $self->{'_cookie_path'};
}
sub _get_cookie_domain {
- my $self = shift;
- return $self->{'_cookie_domain'};
+ my $self = shift;
+ return $self->{'_cookie_domain'};
+}
+sub _get_auth_type{
+ my $self = shift;
+ return $self->{'_auth_type'};
}
|
