86 lines
2.2 KiB
Perl
86 lines
2.2 KiB
Perl
##@file
|
||
# DBI authentication backend file
|
||
|
||
##@class
|
||
# LDAP authentication backend class
|
||
package Lemonldap::NG::Portal::AuthDBI;
|
||
|
||
use Lemonldap::NG::Portal::Simple;
|
||
use base qw(Lemonldap::NG::Portal::_WebForm Lemonldap::NG::Portal::_DBI);
|
||
|
||
our $VERSION = '0.1';
|
||
|
||
## @apmethod int authInit()
|
||
# Check DBI paramaters
|
||
#@return Lemonldap::NG::Portal constant
|
||
sub authInit {
|
||
my $self = shift;
|
||
unless ($self->{dbiAuthChain}
|
||
and $self->{dbiAuthTable}
|
||
and $self->{dbiAuthUser}
|
||
and $self->{dbiAuthPassword}
|
||
and $self->{dbiAuthLoginCol}
|
||
and $self->{dbiAuthPasswordCol} )
|
||
{
|
||
$self->lmLog( "Missing configuration parameters for DBI authentication",
|
||
'error' );
|
||
return PE_ERROR;
|
||
}
|
||
|
||
PE_OK;
|
||
}
|
||
|
||
## @apmethod int authenticate()
|
||
# Find row in DBI backend with user and password criterions
|
||
#@return Lemonldap::NG::Portal constant
|
||
sub authenticate {
|
||
my $self = shift;
|
||
|
||
# Connect
|
||
my $dbh =
|
||
$self->dbh( $self->{dbiAuthChain}, $self->{dbiAuthUser},
|
||
$self->{dbiAuthPassword} );
|
||
return PE_ERROR unless $dbh;
|
||
|
||
# Check credentials
|
||
my $table = $self->{dbiAuthTable};
|
||
my $loginCol = $self->{dbiAuthLoginCol};
|
||
my $passwordCol = $self->{dbiAuthPasswordCol};
|
||
my $user = $self->{user};
|
||
my $password;
|
||
|
||
# Manage password hash
|
||
if ( $self->{dbiAuthPasswordHash} =~ /^(md5|sha|sha1)$/i ) {
|
||
$self->lmLog(
|
||
"Using " . uc( $self->{dbiAuthPasswordHash} ) . " to hash password",
|
||
'debug'
|
||
);
|
||
$password =
|
||
uc( $self->{dbiAuthPasswordHash} ) . "('" . $self->{password} . "')";
|
||
}
|
||
else {
|
||
$self->lmLog( "No valid password hash, using clear text for password",
|
||
'debug' );
|
||
$password = "'" . $self->{password} . "'";
|
||
}
|
||
|
||
my $sth = $dbh->prepare(
|
||
"SELECT $loginCol FROM $table WHERE $loginCol='$user' AND $passwordCol=$password"
|
||
);
|
||
|
||
$sth->execute();
|
||
|
||
my @rows = $sth->fetchrow_array();
|
||
|
||
if ( $#rows eq 0 ) {
|
||
$self->lmLog( "One row returned by SQL query", 'debug' );
|
||
return PE_OK;
|
||
}
|
||
else {
|
||
$self->lmLog( "Bad password for $user", 'error' );
|
||
return PE_BADCREDENTIALS;
|
||
}
|
||
}
|
||
|
||
1;
|