use base qw( Apache2::AuthCookie );
use strict;
-use Digest::SHA qw( sha1_hex );
-use FS::UID qw( adminsuidsetup );
-
-my $secret = "XXX temporary"; #XXX move to a DB session with random number as key
-
-my $module = 'legacy'; #XXX i am set in a conf somehow? or a config file
+use FS::UID qw( adminsuidsetup preuser_setup );
+use FS::CurrentUser;
+use FS::Auth;
+
+#Apache 2.2 and below
+sub useragent_ip {
+ my( $self, $r ) = @_;
+ $r->connection->remote_ip;
+}
sub authen_cred {
my( $self, $r, $username, $password ) = @_;
- if ( _is_valid_user($username, $password) ) {
- warn "authenticated $username from ". $r->connection->remote_ip. "\n";
- adminsuidsetup($username);
- my $session_key =
- $username . '::' . sha1_hex( $username, $secret );
- return $session_key;
- } else {
- warn "failed authentication $username from ". $r->connection->remote_ip. "\n";
- }
+ preuser_setup();
- return undef; #?
-}
+ my $info = {};
-sub _is_valid_user {
- my( $username, $password ) = @_;
- my $class = 'FS::Auth::'.$module;
+ unless ( FS::Auth->authenticate($username, $password, $info) ) {
+ warn "failed auth $username from ". $self->useragent_ip($r). "\n";
+ return undef;
+ }
- #earlier?
- eval "use $class;";
- die $@ if $@;
+ warn "authenticated $username from ". $self->useragent_ip($r). "\n";
- $class->authenticate($username, $password);
+ FS::CurrentUser->load_user( $username,
+ 'autocreate' => FS::Auth->auth_class->autocreate,
+ %$info,
+ );
+ FS::CurrentUser->new_session;
}
sub authen_ses_key {
- my( $self, $r, $session_key ) = @_;
+ my( $self, $r, $sessionkey ) = @_;
- my ($username, $mac) = split /::/, $session_key;
+ preuser_setup();
- if ( sha1_hex( $username, $secret ) eq $mac ) {
- adminsuidsetup($username);
- return $username;
- } else {
- warn "bad session $session_key from ". $r->connection->remote_ip. "\n";
- }
+ my $curuser = FS::CurrentUser->load_user_session( $sessionkey );
- return undef;
+ unless ( $curuser ) {
+ warn "bad session $sessionkey from ". $self->useragent_ip($r). "\n";
+ return undef;
+ }
+ $curuser->username;
}
1;