NG auth: internal db auth, RT#21563

diff --git a/FS/FS/Auth.pm b/FS/FS/Auth.pm
new file mode 100644 (file)
index 0000000..543978e
--- /dev/null
+++ b/FS/FS/Auth.pm
@@ -0,0 +1,25 @@
+package FS::Auth;
+
+use strict;
+use FS::Conf;
+
+sub authenticate {
+  my $class = shift;
+
+  $class->auth_class->authenticate(@_);
+}
+
+sub auth_class {
+  #my($class) = @_;
+
+  my $conf = new FS::Conf;
+  my $module = lc($conf->config('authentication_module')) || 'internal';
+
+  my $auth_class = 'FS::Auth::'.$module;
+  eval "use $auth_class;";
+  die $@ if $@;
+
+  $auth_class;
+}
+
+1;

diff --git a/FS/FS/AuthCookieHandler.pm b/FS/FS/AuthCookieHandler.pm
index a8ee370..cd89f55 100644 (file)
--- a/FS/FS/AuthCookieHandler.pm
+++ b/FS/FS/AuthCookieHandler.pm
@@ -4,34 +4,29 @@ use base qw( Apache2::AuthCookie );
 use strict;
 use FS::UID qw( adminsuidsetup preuser_setup );
 use FS::CurrentUser;
 use strict;
 use FS::UID qw( adminsuidsetup preuser_setup );
 use FS::CurrentUser;

-
-my $module = 'legacy'; #XXX i am set in a conf somehow?  or a config file
+use FS::Auth;

 
 sub authen_cred {
   my( $self, $r, $username, $password ) = @_;
 
 
 sub authen_cred {
   my( $self, $r, $username, $password ) = @_;
 

+  preuser_setup();
+

   unless ( _is_valid_user($username, $password) ) {
     warn "failed auth $username from ". $r->connection->remote_ip. "\n";
     return undef;
   }
 
   warn "authenticated $username from ". $r->connection->remote_ip. "\n";
   unless ( _is_valid_user($username, $password) ) {
     warn "failed auth $username from ". $r->connection->remote_ip. "\n";
     return undef;
   }
 
   warn "authenticated $username from ". $r->connection->remote_ip. "\n";

-  adminsuidsetup($username);

 
 

-  FS::CurrentUser->new_session;
+  FS::CurrentUser->load_user($username);

 
 

+  FS::CurrentUser->new_session;

 }
 
 sub _is_valid_user {
   my( $username, $password ) = @_;
 }
 
 sub _is_valid_user {
   my( $username, $password ) = @_;

-  my $class = 'FS::Auth::'.$module;
-
-  #earlier?
-  eval "use $class;";
-  die $@ if $@;
-
-  $class->authenticate($username, $password);

 
 

+  FS::Auth->authenticate($username, $password);

 }
 
 sub authen_ses_key {
 }
 
 sub authen_ses_key {


@@ -47,7 +42,6 @@ sub authen_ses_key {
   }
 
   $curuser->username;
   }
 
   $curuser->username;

-

 }
 
 1;
 }
 
 1;

diff --git a/FS/FS/Mason/Request.pm b/FS/FS/Mason/Request.pm
index 1e2555a..5d6fc4c 100644 (file)
--- a/FS/FS/Mason/Request.pm
+++ b/FS/FS/Mason/Request.pm
@@ -93,7 +93,7 @@ sub freeside_setup {
         $cgi = new CGI;
         setcgi($cgi);
 
         $cgi = new CGI;
         setcgi($cgi);
 

-        #cgisuidsetup is gone, adminsuidsetup is now done in AuthCookieHandler
+        #cgisuidsetup is gone, equivalent is now done in AuthCookieHandler

 
         $fsurl = rooturl();
         $p = popurl(2);
 
         $fsurl = rooturl();
         $p = popurl(2);

diff --git a/FS/FS/Schema.pm b/FS/FS/Schema.pm
index 923f1fd..899b67b 100644 (file)
--- a/FS/FS/Schema.pm
+++ b/FS/FS/Schema.pm
@@ -3584,13 +3584,14 @@ sub tables_hashref {
 
     'access_user' => {
       'columns' => [
 
     'access_user' => {
       'columns' => [

-        'usernum',   'serial',  '',      '', '', '',
-        'username',  'varchar', '', $char_d, '', '',
-        '_password', 'varchar', '', $char_d, '', '',
-        'last',      'varchar', '', $char_d, '', '', 
-        'first',     'varchar', '', $char_d, '', '', 
-        'user_custnum',  'int', 'NULL',  '', '', '',
-        'disabled',     'char', 'NULL',   1, '', '', 
+        'usernum',             'serial',     '',      '', '', '',
+        'username',           'varchar',     '', $char_d, '', '',
+        '_password',          'varchar',     '', $char_d, '', '',
+        '_password_encoding', 'varchar', 'NULL', $char_d, '', '',
+        'last',               'varchar',     '', $char_d, '', '', 
+        'first',              'varchar',     '', $char_d, '', '', 
+        'user_custnum',           'int', 'NULL',      '', '', '',
+        'disabled',              'char', 'NULL',       1, '', '', 

       ],
       'primary_key' => 'usernum',
       'unique' => [ [ 'username' ] ],
       ],
       'primary_key' => 'usernum',
       'unique' => [ [ 'username' ] ],

diff --git a/eg/Auth-my_external_auth.pm b/eg/Auth-my_external_auth.pm
new file mode 100644 (file)
index 0000000..38f9d5b
--- /dev/null
+++ b/eg/Auth-my_external_auth.pm
@@ -0,0 +1,27 @@
+package FS::Auth::my_external_auth;
+use base qw( FS::Auth::external ); #need to inherit from ::external
+
+use strict;
+
+sub authenticate {
+  my($self, $username, $check_password ) = @_;
+
+  #magic happens here
+
+  if ( $auth_good ) { #verbose for clarity
+    return 1;
+  } else {
+    return 0;
+  }
+
+}
+
+#omitting these subroutines will eliminate those options from the UI
+
+#sub create_user {
+#
+
+#sub change_password {
+#}
+
+1;

diff --git a/eg/access_user-external_auth.pm b/eg/access_user-external_auth.pm
deleted file mode 100644 (file)
index bc6e23a..0000000
--- a/eg/access_user-external_auth.pm
+++ /dev/null
@@ -1,28 +0,0 @@
-package FS::access_user::external_auth;
-use base qw( FS::access_user::external ); #inherit from ::external for
-                                          # autocreation
-
-use strict;
-
-sub authenticate {
-  my( $username, $check_password ) = @_;
-
-  #magic happens here
-
-  if ( $auth_good ) { #verbose for clarity
-    return 1;
-  } else {
-    return 0;
-  }
-
-}
-
-#omitting these subroutines will eliminate those options from the UI
-
-#sub create_user {
-#
-
-#sub change_password {
-#}
-
-1;