NG auth: pw changes, RT#21563

author: Ivan Kohler <ivan@freeside.biz> 2013-05-09 01:42:39 -0700
committer: Ivan Kohler <ivan@freeside.biz> 2013-05-09 01:42:39 -0700
commit: 120718856665ca90ad852535d1155f8ea8ecb6b6 (patch)
tree: 2ac0472c1fd67ecc843619597f1cca7d8f774204 /FS/FS/Auth/internal.pm
parent: d8843f184a7f6ee87eec99724f2d6430c1df34ea (diff)
1 files changed, 44 insertions, 13 deletions
diff --git a/FS/FS/Auth/internal.pm b/FS/FS/Auth/internal.pm
index 5d9170e..bb116ce 100644
--- a/FS/FS/Auth/internal.pm
+++ b/FS/FS/Auth/internal.pm
@@ -2,29 +2,32 @@ package FS::Auth::internal;
 #use base qw( FS::Auth );
 
 use strict;
-use Crypt::Eksblowfish::Bcrypt qw(bcrypt_hash);
+use Crypt::Eksblowfish::Bcrypt qw(bcrypt_hash en_base64 de_base64);
 use FS::Record qw( qsearchs );
 use FS::access_user;
 
 sub authenticate {
   my($self, $username, $check_password ) = @_;
 
-  my $access_user = qsearchs('access_user', { 'username' => $username,
-                                              'disabled' => '',
-                                            }
-                            )
+  my $access_user =
+    ref($username) ? $username
+                   : qsearchs('access_user', { 'username' => $username,
+                                               'disabled' => '',
+                                             }
+                             )
     or return 0;
 
   if ( $access_user->_password_encoding eq 'bcrypt' ) {
 
     my( $cost, $salt, $hash ) = split(',', $access_user->_password);
 
-    my $check_hash = bcrypt_hash( { key_nul => 1,
-                                    cost    => $cost,
-                                    salt    => $salt,
-                                  },
-                                  $check_password
-                                );
+    my $check_hash = en_base64( bcrypt_hash( { key_nul => 1,
+                                               cost    => $cost,
+                                               salt    => de_base64($salt),
+                                             },
+                                             $check_password
+                                           )
+                              );
 
     $hash eq $check_hash;
 
@@ -39,7 +42,35 @@ sub authenticate {
 
 }
 
-#sub change_password {
-#}
+sub change_password {
+  my($self, $access_user, $new_password) = @_;
+
+  $self->change_password_fields( $access_user, $new_password );
+
+  $access_user->replace;
+
+}
+
+sub change_password_fields {
+  my($self, $access_user, $new_password) = @_;
+
+  $access_user->_password_encoding('bcrypt');
+
+  my $cost = 8;
+
+  my $salt = pack( 'C*', map int(rand(256)), 1..16 );
+
+  my $hash = bcrypt_hash( { key_nul => 1,
+                            cost    => $cost,
+                            salt    => $salt,
+                          },
+                          $new_password,
+                        );
+
+  $access_user->_password(
+    join(',', $cost, en_base64($salt), en_base64($hash) )
+  );
+
+}
 
 1;
author	Ivan Kohler <ivan@freeside.biz>	2013-05-09 01:42:39 -0700
committer	Ivan Kohler <ivan@freeside.biz>	2013-05-09 01:42:39 -0700
commit	120718856665ca90ad852535d1155f8ea8ecb6b6 (patch)
tree	2ac0472c1fd67ecc843619597f1cca7d8f774204 /FS/FS/Auth/internal.pm
parent	d8843f184a7f6ee87eec99724f2d6430c1df34ea (diff)