2009-12-10 12:30:43 +01:00
|
|
|
|
##@file
|
|
|
|
|
# DBI password backend file
|
|
|
|
|
|
|
|
|
|
##@class
|
|
|
|
|
# DBI password backend class
|
|
|
|
|
package Lemonldap::NG::Portal::PasswordDBDBI;
|
|
|
|
|
|
2009-12-30 20:42:17 +01:00
|
|
|
|
use strict;
|
2009-12-10 12:30:43 +01:00
|
|
|
|
use Lemonldap::NG::Portal::Simple;
|
2009-12-11 22:17:06 +01:00
|
|
|
|
use Lemonldap::NG::Portal::AuthDBI; #inherits
|
2009-12-30 20:42:17 +01:00
|
|
|
|
use base qw(Lemonldap::NG::Portal::_DBI );
|
|
|
|
|
#use Lemonldap::NG::Portal::_SMTP; #inherits
|
2009-12-10 12:30:43 +01:00
|
|
|
|
|
|
|
|
|
our $VERSION = '0.1';
|
|
|
|
|
|
2009-12-30 20:42:17 +01:00
|
|
|
|
## @apmethod int passwordDBInit()
|
|
|
|
|
# Load SMTP functions and call DBI authInit()
|
|
|
|
|
# @return Lemonldap::NG::Portal constant
|
|
|
|
|
sub passwordDBInit {
|
|
|
|
|
my $self = shift;
|
|
|
|
|
eval { use base qw(Lemonldap::NG::Portal::_SMTP) };
|
|
|
|
|
if ($@) {
|
|
|
|
|
$self->lmLog( "Unable to load SMTP functions ($@)", 'error' );
|
|
|
|
|
return PE_ERROR;
|
|
|
|
|
}
|
|
|
|
|
unless ( $self->{dbiPasswordMailCol} )
|
|
|
|
|
{
|
|
|
|
|
$self->lmLog( "Missing configuration parameters for DBI password reset",
|
|
|
|
|
'error' );
|
|
|
|
|
return PE_ERROR;
|
|
|
|
|
}
|
|
|
|
|
return $self->Lemonldap::NG::Portal::AuthDBI::authInit();
|
|
|
|
|
}
|
2009-12-10 12:30:43 +01:00
|
|
|
|
|
|
|
|
|
## @apmethod int modifyPassword()
|
2009-12-21 23:28:38 +01:00
|
|
|
|
# Modify the password
|
2009-12-10 12:30:43 +01:00
|
|
|
|
# @return Lemonldap::NG::Portal constant
|
|
|
|
|
sub modifyPassword {
|
|
|
|
|
my $self = shift;
|
|
|
|
|
|
|
|
|
|
# Exit if no password change requested
|
|
|
|
|
return PE_OK unless ( $self->{newpassword} );
|
|
|
|
|
|
|
|
|
|
# Verify confirmation password matching
|
2009-12-11 22:17:06 +01:00
|
|
|
|
return PE_PASSWORD_MISMATCH
|
|
|
|
|
unless ( $self->{newpassword} eq $self->{confirmpassword} );
|
2009-12-10 12:30:43 +01:00
|
|
|
|
|
|
|
|
|
# Connect
|
2009-12-11 22:17:06 +01:00
|
|
|
|
my $dbh =
|
|
|
|
|
$self->dbh( $self->{dbiAuthChain}, $self->{dbiAuthUser},
|
|
|
|
|
$self->{dbiAuthPassword} );
|
2009-12-10 12:30:43 +01:00
|
|
|
|
return PE_ERROR unless $dbh;
|
|
|
|
|
|
2009-12-21 23:28:38 +01:00
|
|
|
|
my $user = $self->{sessionInfo}->{_user};
|
2009-12-11 22:17:06 +01:00
|
|
|
|
|
2009-12-10 12:30:43 +01:00
|
|
|
|
# Check old passord
|
|
|
|
|
if ( $self->{oldpassword} ) {
|
|
|
|
|
|
2009-12-21 23:28:38 +01:00
|
|
|
|
# Password hash
|
|
|
|
|
my $password = $self->hash_password( $self->{oldpassword}, $self->{dbiAuthPasswordHash} );
|
2009-12-10 12:30:43 +01:00
|
|
|
|
|
2009-12-21 23:28:38 +01:00
|
|
|
|
my $result = $self->check_password( $user, $password );
|
2009-12-10 12:30:43 +01:00
|
|
|
|
|
2009-12-21 23:28:38 +01:00
|
|
|
|
unless ( $result ) {
|
2009-12-10 12:30:43 +01:00
|
|
|
|
return PE_BADOLDPASSWORD;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
# Modify password
|
2009-12-21 23:28:38 +01:00
|
|
|
|
my $password = $self->hash_password( $self->{newpassword}, $self->{dbiAuthPasswordHash} );
|
|
|
|
|
|
|
|
|
|
my $result = $self->modify_password( $user, $password );
|
2009-12-10 12:30:43 +01:00
|
|
|
|
|
2009-12-21 23:28:38 +01:00
|
|
|
|
unless ( $result ) {
|
2009-12-10 12:30:43 +01:00
|
|
|
|
return PE_ERROR;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$self->lmLog( "Password changed for $user", 'debug' );
|
|
|
|
|
PE_PASSWORD_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
## @apmethod int resetPasswordByMail()
|
|
|
|
|
# Reset the password and send a mail.
|
|
|
|
|
# @return Lemonldap::NG::Portal constant
|
|
|
|
|
sub resetPasswordByMail {
|
|
|
|
|
my $self = shift;
|
|
|
|
|
|
2009-12-30 20:42:17 +01:00
|
|
|
|
# Exit method if no mail
|
|
|
|
|
return PE_OK unless ( $self->{mail} );
|
|
|
|
|
|
|
|
|
|
# Find mail in database
|
|
|
|
|
my $dbh =
|
|
|
|
|
$self->dbh( $self->{dbiAuthChain}, $self->{dbiAuthUser},
|
|
|
|
|
$self->{dbiAuthPassword} );
|
|
|
|
|
return PE_ERROR unless $dbh;
|
2009-12-10 12:30:43 +01:00
|
|
|
|
|
2009-12-30 20:42:17 +01:00
|
|
|
|
my $table = $self->{dbiAuthTable};
|
|
|
|
|
my $mail = $self->{mail};
|
|
|
|
|
my $mailCol = $self->{dbiPasswordMailCol};
|
|
|
|
|
$mail =~ s/'/''/g;
|
|
|
|
|
my $sth;
|
|
|
|
|
|
|
|
|
|
eval {
|
|
|
|
|
$sth = $dbh->prepare("SELECT * FROM $table WHERE $mailCol='$mail'");
|
|
|
|
|
$sth->execute();
|
|
|
|
|
};
|
|
|
|
|
if ($@) {
|
|
|
|
|
$self->lmLog( "DBI error: $@", 'error' );
|
|
|
|
|
return PE_ERROR;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
unless ( $sth->fetchrow_hashref() ) {
|
|
|
|
|
$self->lmLog( "Mail $mail not found", 'notice' );
|
|
|
|
|
return PE_BADCREDENTIALS;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$self->lmLog( "Reset password request for " . $self->{mail}, 'debug' );
|
|
|
|
|
|
|
|
|
|
# Generate a complex password
|
|
|
|
|
my $password = $self->gen_password( $self->{randomPasswordRegexp} );
|
|
|
|
|
|
|
|
|
|
$self->lmLog( "Generated password: " . $password, 'debug' );
|
|
|
|
|
|
|
|
|
|
# Modify password
|
|
|
|
|
my $hpassword = $self->hash_password( $password, $self->{dbiAuthPasswordHash} );
|
|
|
|
|
my $result = $self->modify_password( $self->{mail}, $hpassword, $self->{dbiPasswordMailCol} );
|
|
|
|
|
|
|
|
|
|
return PE_ERROR unless $result;
|
|
|
|
|
|
|
|
|
|
# Send new password by mail
|
|
|
|
|
$result = $self->send_password( $password, $self->{mail} );
|
|
|
|
|
|
|
|
|
|
return PE_ERROR unless $result;
|
|
|
|
|
|
|
|
|
|
PE_PASSWORD_OK;
|
2009-12-10 12:30:43 +01:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
1;
|