dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
dcd4905342
lemonldap-ng/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/AuthDBI.pm
Xavier Guimard 5b2363b959 perltidy
2009-12-11 21:17:06 +00:00

86 lines
2.2 KiB
Perl
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

##@file
# DBI authentication backend file
##@class
# LDAP authentication backend class
package Lemonldap::NG::Portal::AuthDBI;
use Lemonldap::NG::Portal::Simple;
use base qw(Lemonldap::NG::Portal::_WebForm Lemonldap::NG::Portal::_DBI);
our $VERSION = '0.1';
## @apmethod int authInit()
# Check DBI paramaters
#@return Lemonldap::NG::Portal constant
sub authInit {
my $self = shift;
unless ($self->{dbiAuthChain}
and $self->{dbiAuthTable}
and $self->{dbiAuthUser}
and $self->{dbiAuthPassword}
and $self->{dbiAuthLoginCol}
and $self->{dbiAuthPasswordCol} )
{
$self->lmLog( "Missing configuration parameters for DBI authentication",
'error' );
return PE_ERROR;
}
PE_OK;
}
## @apmethod int authenticate()
# Find row in DBI backend with user and password criterions
#@return Lemonldap::NG::Portal constant
sub authenticate {
my $self = shift;
# Connect
my $dbh =
$self->dbh( $self->{dbiAuthChain}, $self->{dbiAuthUser},
$self->{dbiAuthPassword} );
return PE_ERROR unless $dbh;
# Check credentials
my $table = $self->{dbiAuthTable};
my $loginCol = $self->{dbiAuthLoginCol};
my $passwordCol = $self->{dbiAuthPasswordCol};
my $user = $self->{user};
my $password;
# Manage password hash
if ( $self->{dbiAuthPasswordHash} =~ /^(md5|sha|sha1)$/i ) {
$self->lmLog(
"Using " . uc( $self->{dbiAuthPasswordHash} ) . " to hash password",
'debug'
);
$password =
uc( $self->{dbiAuthPasswordHash} ) . "('" . $self->{password} . "')";
}
else {
$self->lmLog( "No valid password hash, using clear text for password",
'debug' );
$password = "'" . $self->{password} . "'";
}
my $sth = $dbh->prepare(
"SELECT $loginCol FROM $table WHERE $loginCol='$user' AND $passwordCol=$password"
);
$sth->execute();
my @rows = $sth->fetchrow_array();
if ( $#rows eq 0 ) {
$self->lmLog( "One row returned by SQL query", 'debug' );
return PE_OK;
}
else {
$self->lmLog( "Bad password for $user", 'error' );
return PE_BADCREDENTIALS;
}
}
1;
Reference in New Issue View Git Blame Copy Permalink