diff options
Diffstat (limited to 'FS')
| -rw-r--r-- | FS/FS/Auth/internal.pm | 57 | ||||
| -rw-r--r-- | FS/FS/access_user.pm | 23 |
2 files changed, 66 insertions, 14 deletions
diff --git a/FS/FS/Auth/internal.pm b/FS/FS/Auth/internal.pm index 5d9170e23..bb116ce75 100644 --- a/FS/FS/Auth/internal.pm +++ b/FS/FS/Auth/internal.pm @@ -2,29 +2,32 @@ package FS::Auth::internal; #use base qw( FS::Auth ); use strict; -use Crypt::Eksblowfish::Bcrypt qw(bcrypt_hash); +use Crypt::Eksblowfish::Bcrypt qw(bcrypt_hash en_base64 de_base64); use FS::Record qw( qsearchs ); use FS::access_user; sub authenticate { my($self, $username, $check_password ) = @_; - my $access_user = qsearchs('access_user', { 'username' => $username, - 'disabled' => '', - } - ) + my $access_user = + ref($username) ? $username + : qsearchs('access_user', { 'username' => $username, + 'disabled' => '', + } + ) or return 0; if ( $access_user->_password_encoding eq 'bcrypt' ) { my( $cost, $salt, $hash ) = split(',', $access_user->_password); - my $check_hash = bcrypt_hash( { key_nul => 1, - cost => $cost, - salt => $salt, - }, - $check_password - ); + my $check_hash = en_base64( bcrypt_hash( { key_nul => 1, + cost => $cost, + salt => de_base64($salt), + }, + $check_password + ) + ); $hash eq $check_hash; @@ -39,7 +42,35 @@ sub authenticate { } -#sub change_password { -#} +sub change_password { + my($self, $access_user, $new_password) = @_; + + $self->change_password_fields( $access_user, $new_password ); + + $access_user->replace; + +} + +sub change_password_fields { + my($self, $access_user, $new_password) = @_; + + $access_user->_password_encoding('bcrypt'); + + my $cost = 8; + + my $salt = pack( 'C*', map int(rand(256)), 1..16 ); + + my $hash = bcrypt_hash( { key_nul => 1, + cost => $cost, + salt => $salt, + }, + $new_password, + ); + + $access_user->_password( + join(',', $cost, en_base64($salt), en_base64($hash) ) + ); + +} 1; diff --git a/FS/FS/access_user.pm b/FS/FS/access_user.pm index 509cc0950..cdee3773b 100644 --- a/FS/FS/access_user.pm +++ b/FS/FS/access_user.pm @@ -4,6 +4,7 @@ use strict; use base qw( FS::m2m_Common FS::option_Common ); use vars qw( $DEBUG $me $conf $htpasswd_file ); use FS::UID; +use FS::Auth; use FS::Conf; use FS::Record qw( qsearch qsearchs dbh ); use FS::access_user_pref; @@ -563,7 +564,27 @@ sub is_system_user { fs_signup fs_bootstrap fs_selfserv -) ); + ) ); +} + +=item change_password NEW_PASSWORD + +=cut + +sub change_password { + #my( $self, $password ) = @_; + #FS::Auth->auth_class->change_password( $self, $password ); + FS::Auth->auth_class->change_password( @_ ); +} + +=item change_password_fields NEW_PASSWORD + +=cut + +sub change_password_fields { + #my( $self, $password ) = @_; + #FS::Auth->auth_class->change_password_fields( $self, $password ); + FS::Auth->auth_class->change_password_fields( @_ ); } =back |