Revision 5d23fb60
Von Sven Schöling vor mehr als 14 Jahren hinzugefügt
| SL/Auth.pm | ||
|---|---|---|
| 1 | 1 |
package SL::Auth; |
| 2 | 2 |
|
| 3 |
use constant OK => 0; |
|
| 4 |
use constant ERR_PASSWORD => 1; |
|
| 5 |
use constant ERR_BACKEND => 100; |
|
| 6 |
|
|
| 7 |
use constant SESSION_OK => 0; |
|
| 8 |
use constant SESSION_NONE => 1; |
|
| 9 |
use constant SESSION_EXPIRED => 2; |
|
| 3 |
use DBI; |
|
| 10 | 4 |
|
| 11 | 5 |
use Digest::MD5 qw(md5_hex); |
| 12 | 6 |
use IO::File; |
| 13 | 7 |
use Time::HiRes qw(gettimeofday); |
| 14 | 8 |
use List::MoreUtils qw(uniq); |
| 15 | 9 |
|
| 10 |
use SL::Auth::Constants qw(:all); |
|
| 16 | 11 |
use SL::Auth::DB; |
| 17 | 12 |
use SL::Auth::LDAP; |
| 18 | 13 |
|
| SL/Auth/Constants.pm | ||
|---|---|---|
| 1 |
package SL::Auth::Constants; |
|
| 2 |
|
|
| 3 |
use strict; |
|
| 4 |
|
|
| 5 |
use Exporter qw(import); |
|
| 6 |
|
|
| 7 |
our %EXPORT_TAGS = ( |
|
| 8 |
OK => [ qw( |
|
| 9 |
OK |
|
| 10 |
) ], |
|
| 11 |
ERR => [ qw( |
|
| 12 |
ERR_PASSWORD |
|
| 13 |
ERR_BACKEND |
|
| 14 |
) ], |
|
| 15 |
SESSION => [ qw( |
|
| 16 |
SESSION_OK |
|
| 17 |
SESSION_NONE |
|
| 18 |
SESSION_EXPIRED |
|
| 19 |
) ], |
|
| 20 |
); |
|
| 21 |
|
|
| 22 |
# add all the other ":class" tags to the ":all" class, |
|
| 23 |
# deleting duplicates |
|
| 24 |
{
|
|
| 25 |
my %seen; |
|
| 26 |
push @{$EXPORT_TAGS{all}}, grep {!$seen{$_}++} @$_ for values %EXPORT_TAGS;
|
|
| 27 |
} |
|
| 28 |
|
|
| 29 |
Exporter::export_ok_tags('all');
|
|
| 30 |
|
|
| 31 |
use constant OK => 0; |
|
| 32 |
use constant ERR_PASSWORD => 1; |
|
| 33 |
use constant ERR_BACKEND => 100; |
|
| 34 |
|
|
| 35 |
use constant SESSION_OK => 0; |
|
| 36 |
use constant SESSION_NONE => 1; |
|
| 37 |
use constant SESSION_EXPIRED => 2; |
|
| 38 |
|
|
| 39 |
1; |
|
| 40 |
|
|
| 41 |
__END__ |
|
| 42 |
|
|
| 43 |
=head1 NAME |
|
| 44 |
|
|
| 45 |
SL::Auth::Constants - COnstants for Auth module |
|
| 46 |
|
|
| 47 |
=head1 SYNOPSIS |
|
| 48 |
|
|
| 49 |
use SL::Auth::Constants qw(:all); |
|
| 50 |
|
|
| 51 |
OK == $auth->authenticate($user, $pass) or die; |
|
| 52 |
|
|
| 53 |
=head1 DESCRIPTION |
|
| 54 |
|
|
| 55 |
This module provides status constants for authentication handling |
|
| 56 |
|
|
| 57 |
=head1 FUNCTIONS |
|
| 58 |
|
|
| 59 |
=head1 BUGS |
|
| 60 |
|
|
| 61 |
=head1 AUTHOR |
|
| 62 |
|
|
| 63 |
=cut |
|
| SL/Auth/DB.pm | ||
|---|---|---|
| 1 | 1 |
package SL::Auth::DB; |
| 2 | 2 |
|
| 3 |
use DBI; |
|
| 4 |
|
|
| 5 |
#use SL::Auth; |
|
| 3 |
use SL::Auth::Constants qw(:all); |
|
| 6 | 4 |
use SL::DBUtils; |
| 7 | 5 |
|
| 8 | 6 |
use strict; |
| ... | ... | |
| 34 | 32 |
|
| 35 | 33 |
if (!$dbh) {
|
| 36 | 34 |
$main::lxdebug->leave_sub(); |
| 37 |
return SL::Auth->ERR_BACKEND();
|
|
| 35 |
return ERR_BACKEND;
|
|
| 38 | 36 |
} |
| 39 | 37 |
|
| 40 | 38 |
my $query = qq|SELECT password FROM auth."user" WHERE login = ?|; |
| ... | ... | |
| 45 | 43 |
|
| 46 | 44 |
$main::lxdebug->leave_sub(); |
| 47 | 45 |
|
| 48 |
return $password eq $stored_password ? SL::Auth->OK() : SL::Auth->ERR_PASSWORD();
|
|
| 46 |
return $password eq $stored_password ? OK : ERR_PASSWORD;
|
|
| 49 | 47 |
} |
| 50 | 48 |
|
| 51 | 49 |
sub can_change_password {
|
| ... | ... | |
| 64 | 62 |
|
| 65 | 63 |
if (!$dbh) {
|
| 66 | 64 |
$main::lxdebug->leave_sub(); |
| 67 |
return SL::Auth->ERR_BACKEND()
|
|
| 65 |
return ERR_BACKEND;
|
|
| 68 | 66 |
} |
| 69 | 67 |
|
| 70 | 68 |
$password = crypt $password, substr($login, 0, 2) if (!$is_crypted); |
| SL/Auth/LDAP.pm | ||
|---|---|---|
| 2 | 2 |
|
| 3 | 3 |
use English '-no_match_vars'; |
| 4 | 4 |
|
| 5 |
#use SL::Auth;
|
|
| 5 |
use SL::Auth::Constants qw(:all);
|
|
| 6 | 6 |
|
| 7 | 7 |
use strict; |
| 8 | 8 |
|
| ... | ... | |
| 146 | 146 |
|
| 147 | 147 |
if ($is_crypted) {
|
| 148 | 148 |
$main::lxdebug->leave_sub(); |
| 149 |
return SL::Auth->ERR_BACKEND();
|
|
| 149 |
return ERR_BACKEND;
|
|
| 150 | 150 |
} |
| 151 | 151 |
|
| 152 | 152 |
my $ldap = $self->_connect(); |
| 153 | 153 |
|
| 154 | 154 |
if (!$ldap) {
|
| 155 | 155 |
$main::lxdebug->leave_sub(); |
| 156 |
return SL::Auth->ERR_BACKEND();
|
|
| 156 |
return ERR_BACKEND;
|
|
| 157 | 157 |
} |
| 158 | 158 |
|
| 159 | 159 |
my $dn = $self->_get_user_dn($ldap, $login); |
| ... | ... | |
| 162 | 162 |
|
| 163 | 163 |
if (!$dn) {
|
| 164 | 164 |
$main::lxdebug->leave_sub(); |
| 165 |
return SL::Auth->ERR_BACKEND();
|
|
| 165 |
return ERR_BACKEND;
|
|
| 166 | 166 |
} |
| 167 | 167 |
|
| 168 | 168 |
my $mesg = $ldap->bind($dn, 'password' => $password); |
| ... | ... | |
| 171 | 171 |
|
| 172 | 172 |
$main::lxdebug->leave_sub(); |
| 173 | 173 |
|
| 174 |
return $mesg->is_error() ? SL::Auth->ERR_PASSWORD() : SL::Auth->OK();
|
|
| 174 |
return $mesg->is_error() ? ERR_PASSWORD : OK;
|
|
| 175 | 175 |
} |
| 176 | 176 |
|
| 177 | 177 |
sub can_change_password {
|
| ... | ... | |
| 179 | 179 |
} |
| 180 | 180 |
|
| 181 | 181 |
sub change_password {
|
| 182 |
return SL::Auth->ERR_BACKEND();
|
|
| 182 |
return ERR_BACKEND;
|
|
| 183 | 183 |
} |
| 184 | 184 |
|
| 185 | 185 |
sub verify_config {
|
Auch abrufbar als: Unified diff
Auth Konstanten ausgelagert in ein eigenes Package.
Dadurch keine Probleme mit zirkulären Includes mehr. Ausserdem DBI an der richtigen Stelle eingebunden.