lemonldap-ng/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/PasswordDBDBI.pm

##@file
# DBI password backend file

##@class
# DBI password backend class
package Lemonldap::NG::Portal::PasswordDBDBI;

use strict;
use Lemonldap::NG::Portal::Simple;
use Lemonldap::NG::Portal::AuthDBI;    #inherits
use base qw(Lemonldap::NG::Portal::_DBI );

#use Lemonldap::NG::Portal::_SMTP;     #inherits

our $VERSION = '0.1';

## @apmethod int passwordDBInit()
# Load SMTP functions and call DBI authInit()
# @return Lemonldap::NG::Portal constant
sub passwordDBInit {
    my $self = shift;
    eval { use base qw(Lemonldap::NG::Portal::_SMTP) };
    if ($@) {
        $self->lmLog( "Unable to load SMTP functions ($@)", 'error' );
        return PE_ERROR;
    }
    unless ( $self->{dbiPasswordMailCol} ) {
        $self->lmLog( "Missing configuration parameters for DBI password reset",
            'error' );
        return PE_ERROR;
    }
    return $self->Lemonldap::NG::Portal::AuthDBI::authInit();
}

## @apmethod int modifyPassword()
# Modify the password
# @return Lemonldap::NG::Portal constant
sub modifyPassword {
    my $self = shift;

    # Exit if no password change requested
    return PE_OK unless ( $self->{newpassword} );

    # Verify confirmation password matching
    return PE_PASSWORD_MISMATCH
      unless ( $self->{newpassword} eq $self->{confirmpassword} );

    # Connect
    my $dbh =
      $self->dbh( $self->{dbiAuthChain}, $self->{dbiAuthUser},
        $self->{dbiAuthPassword} );
    return PE_ERROR unless $dbh;

    my $user = $self->{sessionInfo}->{_user};

    # Check old passord
    if ( $self->{oldpassword} ) {

        # Password hash
        my $password =
          $self->hash_password( $self->{oldpassword},
            $self->{dbiAuthPasswordHash} );

        my $result = $self->check_password( $user, $password );

        unless ($result) {
            return PE_BADOLDPASSWORD;
        }
    }

    # Modify password
    my $password =
      $self->hash_password( $self->{newpassword},
        $self->{dbiAuthPasswordHash} );

    my $result = $self->modify_password( $user, $password );

    unless ($result) {
        return PE_ERROR;
    }

    $self->lmLog( "Password changed for $user", 'debug' );

    # Update password in session if needed
    my $infos;
    $infos->{_password} = $self->{newpassword};
    $self->updateSession($infos) if ( $self->{storePassword} );

    PE_PASSWORD_OK;
}

## @apmethod int resetPassword()
# Reset the password
# @return Lemonldap::NG::Portal constant
sub resetPassword {
    my $self = shift;

    # Exit method if no mail and mail_token
    return PE_OK unless ( $self->{mail} && $self->{mail_token} );

    $self->lmLog( "Reset password request for " . $self->{mail}, 'debug' );

    # Generate a complex password
    my $password = $self->gen_password( $self->{randomPasswordRegexp} );

    $self->lmLog( "Generated password: " . $password, 'debug' );

    # Modify password
    my $hpassword =
      $self->hash_password( $password, $self->{dbiAuthPasswordHash} );
    my $result =
      $self->modify_password( $self->{mail}, $hpassword,
        $self->{dbiPasswordMailCol} );

    return PE_ERROR unless $result;

    # Store password to forward it to the user
    $self->{reset_password} = $password;

    PE_OK;
}

1;
-												First implementation of Auth/UserDB/PasswordDB DBI


											
										
										
											2009-12-10 12:30:43 +01:00
+								##@file
 								# DBI password backend file
 								##@class
 								# DBI password backend class
 								package Lemonldap::NG::Portal::PasswordDBDBI;
-												Reset password by mail for DBI backend


											
										
										
											2009-12-30 20:42:17 +01:00
+								use strict;
-												First implementation of Auth/UserDB/PasswordDB DBI


											
										
										
											2009-12-10 12:30:43 +01:00
+								use Lemonldap::NG::Portal::Simple;
-												perltidy



											
										
										
											2009-12-11 22:17:06 +01:00
+								use Lemonldap::NG::Portal::AuthDBI;    #inherits
-												Reset password by mail for DBI backend


											
										
										
											2009-12-30 20:42:17 +01:00
+								use base qw(Lemonldap::NG::Portal::_DBI );
-												Portal - new feature: token to reset password by mail:
* A token is sent when user ask for password reset
* The token is linked to an apache session
* The password is reset if the token is valid



											
										
										
											2010-01-21 18:38:55 +01:00
-												Reset password by mail for DBI backend


											
										
										
											2009-12-30 20:42:17 +01:00
+								#use Lemonldap::NG::Portal::_SMTP;     #inherits
-												First implementation of Auth/UserDB/PasswordDB DBI


											
										
										
											2009-12-10 12:30:43 +01:00
 								our $VERSION = '0.1';
-												Reset password by mail for DBI backend


											
										
										
											2009-12-30 20:42:17 +01:00
+								## @apmethod int passwordDBInit()
 								# Load SMTP functions and call DBI authInit()
 								# @return Lemonldap::NG::Portal constant
 								sub passwordDBInit {
 								    my $self = shift;
 								    eval { use base qw(Lemonldap::NG::Portal::_SMTP) };
 								    if ($@) {
 								        $self->lmLog( "Unable to load SMTP functions ($@)", 'error' );
 								        return PE_ERROR;
 								    }
-												Portal - new feature: token to reset password by mail:
* A token is sent when user ask for password reset
* The token is linked to an apache session
* The password is reset if the token is valid



											
										
										
											2010-01-21 18:38:55 +01:00
+								    unless ( $self->{dbiPasswordMailCol} ) {
-												Reset password by mail for DBI backend


											
										
										
											2009-12-30 20:42:17 +01:00
+								        $self->lmLog( "Missing configuration parameters for DBI password reset",
 								            'error' );
 								        return PE_ERROR;
 								    }
 								    return $self->Lemonldap::NG::Portal::AuthDBI::authInit();
 								}
-												First implementation of Auth/UserDB/PasswordDB DBI


											
										
										
											2009-12-10 12:30:43 +01:00
 								## @apmethod int modifyPassword()
-												Refactor DBI code in _DBI.pm and SMTP code in _SMTP.pm


											
										
										
											2009-12-21 23:28:38 +01:00
+								# Modify the password
-												First implementation of Auth/UserDB/PasswordDB DBI


											
										
										
											2009-12-10 12:30:43 +01:00
+								# @return Lemonldap::NG::Portal constant
 								sub modifyPassword {
 								    my $self = shift;
 								    # Exit if no password change requested
 								    return PE_OK unless ( $self->{newpassword} );
 								    # Verify confirmation password matching
-												perltidy



											
										
										
											2009-12-11 22:17:06 +01:00
+								    return PE_PASSWORD_MISMATCH
 								      unless ( $self->{newpassword} eq $self->{confirmpassword} );
-												First implementation of Auth/UserDB/PasswordDB DBI


											
										
										
											2009-12-10 12:30:43 +01:00
 								    # Connect
-												perltidy



											
										
										
											2009-12-11 22:17:06 +01:00
+								    my $dbh =
 								      $self->dbh( $self->{dbiAuthChain}, $self->{dbiAuthUser},
 								        $self->{dbiAuthPassword} );
-												First implementation of Auth/UserDB/PasswordDB DBI


											
										
										
											2009-12-10 12:30:43 +01:00
+								    return PE_ERROR unless $dbh;
-												New target 'tidy' in Makefile



											
										
										
											2010-03-01 21:32:28 +01:00
+								    my $user = $self->{sessionInfo}->{_user};
-												perltidy



											
										
										
											2009-12-11 22:17:06 +01:00
-												First implementation of Auth/UserDB/PasswordDB DBI


											
										
										
											2009-12-10 12:30:43 +01:00
+								    # Check old passord
 								    if ( $self->{oldpassword} ) {
-												Refactor DBI code in _DBI.pm and SMTP code in _SMTP.pm


											
										
										
											2009-12-21 23:28:38 +01:00
+								        # Password hash
-												Portal - new feature: token to reset password by mail:
* A token is sent when user ask for password reset
* The token is linked to an apache session
* The password is reset if the token is valid



											
										
										
											2010-01-21 18:38:55 +01:00
+								        my $password =
 								          $self->hash_password( $self->{oldpassword},
 								            $self->{dbiAuthPasswordHash} );
-												First implementation of Auth/UserDB/PasswordDB DBI


											
										
										
											2009-12-10 12:30:43 +01:00
-												Refactor DBI code in _DBI.pm and SMTP code in _SMTP.pm


											
										
										
											2009-12-21 23:28:38 +01:00
+								        my $result = $self->check_password( $user, $password );
-												First implementation of Auth/UserDB/PasswordDB DBI


											
										
										
											2009-12-10 12:30:43 +01:00
-												Portal - new feature: token to reset password by mail:
* A token is sent when user ask for password reset
* The token is linked to an apache session
* The password is reset if the token is valid



											
										
										
											2010-01-21 18:38:55 +01:00
+								        unless ($result) {
-												First implementation of Auth/UserDB/PasswordDB DBI


											
										
										
											2009-12-10 12:30:43 +01:00
+								            return PE_BADOLDPASSWORD;
 								        }
 								    }
 								    # Modify password
-												Portal - new feature: token to reset password by mail:
* A token is sent when user ask for password reset
* The token is linked to an apache session
* The password is reset if the token is valid



											
										
										
											2010-01-21 18:38:55 +01:00
+								    my $password =
 								      $self->hash_password( $self->{newpassword},
 								        $self->{dbiAuthPasswordHash} );
-												Refactor DBI code in _DBI.pm and SMTP code in _SMTP.pm


											
										
										
											2009-12-21 23:28:38 +01:00
 								    my $result = $self->modify_password( $user, $password );
-												First implementation of Auth/UserDB/PasswordDB DBI


											
										
										
											2009-12-10 12:30:43 +01:00
-												Portal - new feature: token to reset password by mail:
* A token is sent when user ask for password reset
* The token is linked to an apache session
* The password is reset if the token is valid



											
										
										
											2010-01-21 18:38:55 +01:00
+								    unless ($result) {
-												First implementation of Auth/UserDB/PasswordDB DBI


											
										
										
											2009-12-10 12:30:43 +01:00
+								        return PE_ERROR;
 								    }
 								    $self->lmLog( "Password changed for $user", 'debug' );
-												Portal: change _password value in session when user changes its password


											
										
										
											2010-01-22 22:54:58 +01:00
 								    # Update password in session if needed
 								    my $infos;
 								    $infos->{_password} = $self->{newpassword};
 								    $self->updateSession($infos) if ( $self->{storePassword} );
-												First implementation of Auth/UserDB/PasswordDB DBI


											
										
										
											2009-12-10 12:30:43 +01:00
+								    PE_PASSWORD_OK;
 								}
-												Portal - new feature: token to reset password by mail:
* A token is sent when user ask for password reset
* The token is linked to an apache session
* The password is reset if the token is valid



											
										
										
											2010-01-21 18:38:55 +01:00
+								## @apmethod int resetPassword()
 								# Reset the password
-												First implementation of Auth/UserDB/PasswordDB DBI


											
										
										
											2009-12-10 12:30:43 +01:00
+								# @return Lemonldap::NG::Portal constant
-												Portal - new feature: token to reset password by mail:
* A token is sent when user ask for password reset
* The token is linked to an apache session
* The password is reset if the token is valid



											
										
										
											2010-01-21 18:38:55 +01:00
+								sub resetPassword {
-												First implementation of Auth/UserDB/PasswordDB DBI


											
										
										
											2009-12-10 12:30:43 +01:00
+								    my $self = shift;
-												Portal - new feature: token to reset password by mail:
* A token is sent when user ask for password reset
* The token is linked to an apache session
* The password is reset if the token is valid



											
										
										
											2010-01-21 18:38:55 +01:00
+								    # Exit method if no mail and mail_token
 								    return PE_OK unless ( $self->{mail} && $self->{mail_token} );
-												Reset password by mail for DBI backend


											
										
										
											2009-12-30 20:42:17 +01:00
 								    $self->lmLog( "Reset password request for " . $self->{mail}, 'debug' );
-												New target 'tidy' in Makefile



											
										
										
											2010-03-01 21:32:28 +01:00
-												Reset password by mail for DBI backend


											
										
										
											2009-12-30 20:42:17 +01:00
+								    # Generate a complex password
 								    my $password = $self->gen_password( $self->{randomPasswordRegexp} );
 								    $self->lmLog( "Generated password: " . $password, 'debug' );
 								    # Modify password
-												Portal - new feature: token to reset password by mail:
* A token is sent when user ask for password reset
* The token is linked to an apache session
* The password is reset if the token is valid



											
										
										
											2010-01-21 18:38:55 +01:00
+								    my $hpassword =
 								      $self->hash_password( $password, $self->{dbiAuthPasswordHash} );
 								    my $result =
 								      $self->modify_password( $self->{mail}, $hpassword,
 								        $self->{dbiPasswordMailCol} );
-												Reset password by mail for DBI backend


											
										
										
											2009-12-30 20:42:17 +01:00
 								    return PE_ERROR unless $result;
-												Portal:
* Use HTML templates to send fancy reset password mail, with translations
* Send the new password by mail instead of diplaying it n the web page
* Remove the need to configure : the value is now set with help of {DOCUMENT_ROOT}


											
										
										
											2010-01-22 12:25:37 +01:00
+								    # Store password to forward it to the user
-												Portal - new feature: token to reset password by mail:
* A token is sent when user ask for password reset
* The token is linked to an apache session
* The password is reset if the token is valid



											
										
										
											2010-01-21 18:38:55 +01:00
+								    $self->{reset_password} = $password;
-												Reset password by mail for DBI backend


											
										
										
											2009-12-30 20:42:17 +01:00
-												Portal:
* Use HTML templates to send fancy reset password mail, with translations
* Send the new password by mail instead of diplaying it n the web page
* Remove the need to configure : the value is now set with help of {DOCUMENT_ROOT}


											
										
										
											2010-01-22 12:25:37 +01:00
+								    PE_OK;
-												First implementation of Auth/UserDB/PasswordDB DBI


											
										
										
											2009-12-10 12:30:43 +01:00
+								}
 ;