diff options
author | Ivan Kohler <ivan@freeside.biz> | 2013-04-05 01:03:44 -0700 |
---|---|---|
committer | Ivan Kohler <ivan@freeside.biz> | 2013-04-05 01:03:44 -0700 |
commit | 3ff1fb4e10fdaef86527c10bd416e988d2a62a49 (patch) | |
tree | 114c4e41e06749796283bf475b6fcf1c23171fb4 /FS/FS/AuthCookieHandler.pm | |
parent | b70a4b7f41c84aefd7f273974db59e5c37fc368b (diff) |
login/login pages and cookie/session-based auth
Diffstat (limited to 'FS/FS/AuthCookieHandler.pm')
-rw-r--r-- | FS/FS/AuthCookieHandler.pm | 56 |
1 files changed, 56 insertions, 0 deletions
diff --git a/FS/FS/AuthCookieHandler.pm b/FS/FS/AuthCookieHandler.pm new file mode 100644 index 0000000..a4a3118 --- /dev/null +++ b/FS/FS/AuthCookieHandler.pm @@ -0,0 +1,56 @@ +package FS::AuthCookieHandler; +use base qw( Apache2::AuthCookie ); + +use strict; +use Digest::SHA qw( sha1_hex ); +use FS::UID qw( adminsuidsetup ); + +my $secret = "XXX temporary"; #XXX move to a DB session with random number as key + +my $module = 'legacy'; #XXX i am set in a conf somehow? or a config file + +sub authen_cred { + my( $self, $r, $username, $password ) = @_; + + if ( _is_valid_user($username, $password) ) { + warn "authenticated $username from ". $r->connection->remote_ip. "\n"; + adminsuidsetup($username); + my $session_key = + $username . '::' . sha1_hex( $username, $secret ); + return $session_key; + } else { + warn "failed authentication $username from ". $r->connection->remote_ip. "\n"; + } + + return undef; #? +} + +sub _is_valid_user { + my( $username, $password ) = @_; + my $class = 'FS::Auth::'.$module; + + #earlier? + eval "use $class;"; + die $@ if $@; + + $class->authenticate($username, $password); + +} + +sub authen_ses_key { + my( $self, $r, $session_key ) = @_; + + my ($username, $mac) = split /::/, $session_key; + + if ( sha1_hex( $username, $secret ) eq $mac ) { + adminsuidsetup($username); + return $username; + } else { + warn "bad session $session_key from ". $r->connection->remote_ip. "\n"; + } + + return undef; + +} + +1; |