2009-12-10 12:30:43 +01:00
|
|
|
|
##@file
|
|
|
|
|
# DBI authentication backend file
|
|
|
|
|
|
|
|
|
|
##@class
|
|
|
|
|
# LDAP authentication backend class
|
|
|
|
|
package Lemonldap::NG::Portal::AuthDBI;
|
|
|
|
|
|
|
|
|
|
use Lemonldap::NG::Portal::Simple;
|
|
|
|
|
use base qw(Lemonldap::NG::Portal::_WebForm Lemonldap::NG::Portal::_DBI);
|
|
|
|
|
|
|
|
|
|
our $VERSION = '0.1';
|
|
|
|
|
|
|
|
|
|
## @apmethod int authInit()
|
|
|
|
|
# Check DBI paramaters
|
|
|
|
|
#@return Lemonldap::NG::Portal constant
|
|
|
|
|
sub authInit {
|
|
|
|
|
my $self = shift;
|
2009-12-11 22:17:06 +01:00
|
|
|
|
unless ($self->{dbiAuthChain}
|
2009-12-10 12:30:43 +01:00
|
|
|
|
and $self->{dbiAuthTable}
|
|
|
|
|
and $self->{dbiAuthUser}
|
|
|
|
|
and $self->{dbiAuthPassword}
|
|
|
|
|
and $self->{dbiAuthLoginCol}
|
2009-12-11 22:17:06 +01:00
|
|
|
|
and $self->{dbiAuthPasswordCol} )
|
|
|
|
|
{
|
|
|
|
|
$self->lmLog( "Missing configuration parameters for DBI authentication",
|
|
|
|
|
'error' );
|
|
|
|
|
return PE_ERROR;
|
2009-12-10 12:30:43 +01:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
PE_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
## @apmethod int authenticate()
|
|
|
|
|
# Find row in DBI backend with user and password criterions
|
|
|
|
|
#@return Lemonldap::NG::Portal constant
|
|
|
|
|
sub authenticate {
|
|
|
|
|
my $self = shift;
|
|
|
|
|
|
|
|
|
|
# Connect
|
2009-12-11 22:17:06 +01:00
|
|
|
|
my $dbh =
|
|
|
|
|
$self->dbh( $self->{dbiAuthChain}, $self->{dbiAuthUser},
|
|
|
|
|
$self->{dbiAuthPassword} );
|
2009-12-10 12:30:43 +01:00
|
|
|
|
return PE_ERROR unless $dbh;
|
|
|
|
|
|
|
|
|
|
# Check credentials
|
2009-12-11 22:17:06 +01:00
|
|
|
|
my $table = $self->{dbiAuthTable};
|
|
|
|
|
my $loginCol = $self->{dbiAuthLoginCol};
|
2009-12-10 12:30:43 +01:00
|
|
|
|
my $passwordCol = $self->{dbiAuthPasswordCol};
|
2009-12-11 22:17:06 +01:00
|
|
|
|
my $user = $self->{user};
|
2009-12-10 12:30:43 +01:00
|
|
|
|
my $password;
|
|
|
|
|
|
|
|
|
|
# Manage password hash
|
|
|
|
|
if ( $self->{dbiAuthPasswordHash} =~ /^(md5|sha|sha1)$/i ) {
|
2009-12-11 22:17:06 +01:00
|
|
|
|
$self->lmLog(
|
|
|
|
|
"Using " . uc( $self->{dbiAuthPasswordHash} ) . " to hash password",
|
|
|
|
|
'debug'
|
|
|
|
|
);
|
|
|
|
|
$password =
|
|
|
|
|
uc( $self->{dbiAuthPasswordHash} ) . "('" . $self->{password} . "')";
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
$self->lmLog( "No valid password hash, using clear text for password",
|
|
|
|
|
'debug' );
|
|
|
|
|
$password = "'" . $self->{password} . "'";
|
2009-12-10 12:30:43 +01:00
|
|
|
|
}
|
|
|
|
|
|
2009-12-11 22:17:06 +01:00
|
|
|
|
my $sth = $dbh->prepare(
|
|
|
|
|
"SELECT $loginCol FROM $table WHERE $loginCol='$user' AND $passwordCol=$password"
|
|
|
|
|
);
|
2009-12-10 12:30:43 +01:00
|
|
|
|
|
|
|
|
|
$sth->execute();
|
|
|
|
|
|
|
|
|
|
my @rows = $sth->fetchrow_array();
|
|
|
|
|
|
2009-12-11 22:17:06 +01:00
|
|
|
|
if ( $#rows eq 0 ) {
|
2009-12-10 12:30:43 +01:00
|
|
|
|
$self->lmLog( "One row returned by SQL query", 'debug' );
|
|
|
|
|
return PE_OK;
|
2009-12-11 22:17:06 +01:00
|
|
|
|
}
|
|
|
|
|
else {
|
2009-12-10 12:30:43 +01:00
|
|
|
|
$self->lmLog( "Bad password for $user", 'error' );
|
|
|
|
|
return PE_BADCREDENTIALS;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
1;
|