From: Ivan Kohler Date: Wed, 8 May 2013 06:55:11 +0000 (-0700) Subject: NG auth: internal db auth, RT#21563 X-Git-Url: http://git.freeside.biz/gitweb/?p=freeside.git;a=commitdiff_plain;h=92a3df0360d3df6b6ace99fee3d4cc443e6154d0 NG auth: internal db auth, RT#21563 --- diff --git a/FS/FS/Auth.pm b/FS/FS/Auth.pm new file mode 100644 index 000000000..543978e8b --- /dev/null +++ b/FS/FS/Auth.pm @@ -0,0 +1,25 @@ +package FS::Auth; + +use strict; +use FS::Conf; + +sub authenticate { + my $class = shift; + + $class->auth_class->authenticate(@_); +} + +sub auth_class { + #my($class) = @_; + + my $conf = new FS::Conf; + my $module = lc($conf->config('authentication_module')) || 'internal'; + + my $auth_class = 'FS::Auth::'.$module; + eval "use $auth_class;"; + die $@ if $@; + + $auth_class; +} + +1; diff --git a/FS/FS/AuthCookieHandler.pm b/FS/FS/AuthCookieHandler.pm index a8ee37079..cd89f55af 100644 --- a/FS/FS/AuthCookieHandler.pm +++ b/FS/FS/AuthCookieHandler.pm @@ -4,34 +4,29 @@ use base qw( Apache2::AuthCookie ); use strict; use FS::UID qw( adminsuidsetup preuser_setup ); use FS::CurrentUser; - -my $module = 'legacy'; #XXX i am set in a conf somehow? or a config file +use FS::Auth; sub authen_cred { my( $self, $r, $username, $password ) = @_; + preuser_setup(); + unless ( _is_valid_user($username, $password) ) { warn "failed auth $username from ". $r->connection->remote_ip. "\n"; return undef; } warn "authenticated $username from ". $r->connection->remote_ip. "\n"; - adminsuidsetup($username); - FS::CurrentUser->new_session; + FS::CurrentUser->load_user($username); + FS::CurrentUser->new_session; } sub _is_valid_user { my( $username, $password ) = @_; - my $class = 'FS::Auth::'.$module; - - #earlier? - eval "use $class;"; - die $@ if $@; - - $class->authenticate($username, $password); + FS::Auth->authenticate($username, $password); } sub authen_ses_key { @@ -47,7 +42,6 @@ sub authen_ses_key { } $curuser->username; - } 1; diff --git a/FS/FS/Mason/Request.pm b/FS/FS/Mason/Request.pm index 1e2555a76..5d6fc4cd4 100644 --- a/FS/FS/Mason/Request.pm +++ b/FS/FS/Mason/Request.pm @@ -93,7 +93,7 @@ sub freeside_setup { $cgi = new CGI; setcgi($cgi); - #cgisuidsetup is gone, adminsuidsetup is now done in AuthCookieHandler + #cgisuidsetup is gone, equivalent is now done in AuthCookieHandler $fsurl = rooturl(); $p = popurl(2); diff --git a/FS/FS/Schema.pm b/FS/FS/Schema.pm index 923f1fd9d..899b67b35 100644 --- a/FS/FS/Schema.pm +++ b/FS/FS/Schema.pm @@ -3584,13 +3584,14 @@ sub tables_hashref { 'access_user' => { 'columns' => [ - 'usernum', 'serial', '', '', '', '', - 'username', 'varchar', '', $char_d, '', '', - '_password', 'varchar', '', $char_d, '', '', - 'last', 'varchar', '', $char_d, '', '', - 'first', 'varchar', '', $char_d, '', '', - 'user_custnum', 'int', 'NULL', '', '', '', - 'disabled', 'char', 'NULL', 1, '', '', + 'usernum', 'serial', '', '', '', '', + 'username', 'varchar', '', $char_d, '', '', + '_password', 'varchar', '', $char_d, '', '', + '_password_encoding', 'varchar', 'NULL', $char_d, '', '', + 'last', 'varchar', '', $char_d, '', '', + 'first', 'varchar', '', $char_d, '', '', + 'user_custnum', 'int', 'NULL', '', '', '', + 'disabled', 'char', 'NULL', 1, '', '', ], 'primary_key' => 'usernum', 'unique' => [ [ 'username' ] ], diff --git a/eg/Auth-my_external_auth.pm b/eg/Auth-my_external_auth.pm new file mode 100644 index 000000000..38f9d5bfb --- /dev/null +++ b/eg/Auth-my_external_auth.pm @@ -0,0 +1,27 @@ +package FS::Auth::my_external_auth; +use base qw( FS::Auth::external ); #need to inherit from ::external + +use strict; + +sub authenticate { + my($self, $username, $check_password ) = @_; + + #magic happens here + + if ( $auth_good ) { #verbose for clarity + return 1; + } else { + return 0; + } + +} + +#omitting these subroutines will eliminate those options from the UI + +#sub create_user { +# + +#sub change_password { +#} + +1; diff --git a/eg/access_user-external_auth.pm b/eg/access_user-external_auth.pm deleted file mode 100644 index bc6e23a2d..000000000 --- a/eg/access_user-external_auth.pm +++ /dev/null @@ -1,28 +0,0 @@ -package FS::access_user::external_auth; -use base qw( FS::access_user::external ); #inherit from ::external for - # autocreation - -use strict; - -sub authenticate { - my( $username, $check_password ) = @_; - - #magic happens here - - if ( $auth_good ) { #verbose for clarity - return 1; - } else { - return 0; - } - -} - -#omitting these subroutines will eliminate those options from the UI - -#sub create_user { -# - -#sub change_password { -#} - -1;