default to a session cookie instead of setting an explicit timeout, weird timezone...

[freeside.git] / FS / FS / AuthCookieHandler.pm

diff --git a/FS/FS/AuthCookieHandler.pm b/FS/FS/AuthCookieHandler.pm
index a4a3118..b7d0dbf 100644 (file)
--- a/FS/FS/AuthCookieHandler.pm
+++ b/FS/FS/AuthCookieHandler.pm
@@ -2,55 +2,51 @@ package FS::AuthCookieHandler;
 use base qw( Apache2::AuthCookie );
 
 use strict;
-use Digest::SHA qw( sha1_hex );
-use FS::UID qw( adminsuidsetup );
-
-my $secret = "XXX temporary"; #XXX move to a DB session with random number as key
-
-my $module = 'legacy'; #XXX i am set in a conf somehow?  or a config file
+use FS::UID qw( adminsuidsetup preuser_setup );
+use FS::CurrentUser;
+use FS::Auth;
+
+#Apache 2.2 and below
+sub useragent_ip {
+  my( $self, $r ) = @_;
+  $r->connection->remote_ip;
+}
 
 sub authen_cred {
-  my( $self, $r, $username, $password ) = @_;
-
-  if ( _is_valid_user($username, $password) ) {
-      warn "authenticated $username from ". $r->connection->remote_ip. "\n";
-      adminsuidsetup($username);
-      my $session_key =
-        $username . '::' . sha1_hex( $username, $secret );
-      return $session_key;
-  } else {
-      warn "failed authentication $username from ". $r->connection->remote_ip. "\n";
-  }
+  my( $self, $r, $username, $password, $totp_code ) = @_;
 
-  return undef; #?
-}
+  preuser_setup();
 
-sub _is_valid_user {
-  my( $username, $password ) = @_;
-  my $class = 'FS::Auth::'.$module;
+  my $info = {};
 
-  #earlier?
-  eval "use $class;";
-  die $@ if $@;
+  unless ( FS::Auth->authenticate($username, $password, $totp_code, $info) ) {
+    warn "failed auth $username from ". $self->useragent_ip($r). "\n";
+    return undef;
+  }
+
+  warn "authenticated $username from ". $self->useragent_ip($r). "\n";
 
-  $class->authenticate($username, $password);
+  FS::CurrentUser->load_user( $username,
+                              'autocreate' => FS::Auth->auth_class->autocreate,
+                              %$info,
+                            );
 
+  FS::CurrentUser->new_session;
 }
 
 sub authen_ses_key {
-  my( $self, $r, $session_key ) = @_;
+  my( $self, $r, $sessionkey ) = @_;
 
-  my ($username, $mac) = split /::/, $session_key;
+  preuser_setup();
 
-  if ( sha1_hex( $username, $secret ) eq $mac ) {
-    adminsuidsetup($username);
-    return $username;
-  } else {
-    warn "bad session $session_key from ". $r->connection->remote_ip. "\n";
-  }
+  my $curuser = FS::CurrentUser->load_user_session( $sessionkey );
 
-  return undef;
+  unless ( $curuser ) {
+    warn "bad session $sessionkey from ". $self->useragent_ip($r). "\n";
+    return undef;
+  }
 
+  $curuser->username;
 }
 
 1;