74 lines
2.1 KiB
Perl
74 lines
2.1 KiB
Perl
|
##@file
|
|||
|
|
# DBI authentication backend file
|
|||
|
|
|
|||
|
|
##@class
|
|||
|
|
# LDAP authentication backend class
|
|||
|
|
package Lemonldap::NG::Portal::AuthDBI;
|
|||
|
|
|
|||
|
|
use Lemonldap::NG::Portal::Simple;
|
|||
|
|
use base qw(Lemonldap::NG::Portal::_WebForm Lemonldap::NG::Portal::_DBI);
|
|||
|
|
|
|||
|
|
our $VERSION = '0.1';
|
|||
|
|
|
|||
|
|
## @apmethod int authInit()
|
|||
|
|
# Check DBI paramaters
|
|||
|
|
#@return Lemonldap::NG::Portal constant
|
|||
|
|
sub authInit {
|
|||
|
|
my $self = shift;
|
|||
|
|
unless ( $self->{dbiAuthChain}
|
|||
|
|
and $self->{dbiAuthTable}
|
|||
|
|
and $self->{dbiAuthUser}
|
|||
|
|
and $self->{dbiAuthPassword}
|
|||
|
|
and $self->{dbiAuthLoginCol}
|
|||
|
|
and $self->{dbiAuthPasswordCol}
|
|||
|
|
) {
|
|||
|
|
$self->lmLog("Missing configuration parameters for DBI authentication", 'error');
|
|||
|
|
return PE_ERROR;
|
|||
|
|
}
|
|||
|
|
|
|||
|
|
PE_OK;
|
|||
|
|
}
|
|||
|
|
|
|||
|
|
## @apmethod int authenticate()
|
|||
|
|
# Find row in DBI backend with user and password criterions
|
|||
|
|
#@return Lemonldap::NG::Portal constant
|
|||
|
|
sub authenticate {
|
|||
|
|
my $self = shift;
|
|||
|
|
|
|||
|
|
# Connect
|
|||
|
|
my $dbh = $self->dbh( $self->{dbiAuthChain}, $self->{dbiAuthUser}, $self->{dbiAuthPassword} );
|
|||
|
|
return PE_ERROR unless $dbh;
|
|||
|
|
|
|||
|
|
# Check credentials
|
|||
|
|
my $table = $self->{dbiAuthTable};
|
|||
|
|
my $loginCol = $self->{dbiAuthLoginCol};
|
|||
|
|
my $passwordCol = $self->{dbiAuthPasswordCol};
|
|||
|
|
my $user = $self->{user};
|
|||
|
|
my $password;
|
|||
|
|
|
|||
|
|
# Manage password hash
|
|||
|
|
if ( $self->{dbiAuthPasswordHash} =~ /^(md5|sha|sha1)$/i ) {
|
|||
|
|
$self->lmLog( "Using ".uc($self->{dbiAuthPasswordHash})." to hash password", 'debug' );
|
|||
|
|
$password = uc($self->{dbiAuthPasswordHash})."('".$self->{password}."')";
|
|||
|
|
} else {
|
|||
|
|
$self->lmLog( "No valid password hash, using clear text for password", 'debug' );
|
|||
|
|
$password = "'".$self->{password}."'";
|
|||
|
|
}
|
|||
|
|
|
|||
|
|
my $sth = $dbh->prepare("SELECT $loginCol FROM $table WHERE $loginCol='$user' AND $passwordCol=$password");
|
|||
|
|
|
|||
|
|
$sth->execute();
|
|||
|
|
|
|||
|
|
my @rows = $sth->fetchrow_array();
|
|||
|
|
|
|||
|
|
if ($#rows eq 0) {
|
|||
|
|
$self->lmLog( "One row returned by SQL query", 'debug' );
|
|||
|
|
return PE_OK;
|
|||
|
|
} else {
|
|||
|
|
$self->lmLog( "Bad password for $user", 'error' );
|
|||
|
|
return PE_BADCREDENTIALS;
|
|||
|
|
}
|
|||
|
|
}
|
|||
|
|
|
|||
|
|
1;
|