From 92a3df0360d3df6b6ace99fee3d4cc443e6154d0 Mon Sep 17 00:00:00 2001 From: Ivan Kohler Date: Tue, 7 May 2013 23:55:11 -0700 Subject: [PATCH] NG auth: internal db auth, RT#21563 --- FS/FS/Auth.pm | 25 ++++++++++++++++++++++ FS/FS/AuthCookieHandler.pm | 18 ++++++---------- FS/FS/Mason/Request.pm | 2 +- FS/FS/Schema.pm | 15 +++++++------ ...r-external_auth.pm => Auth-my_external_auth.pm} | 7 +++--- 5 files changed, 43 insertions(+), 24 deletions(-) create mode 100644 FS/FS/Auth.pm rename eg/{access_user-external_auth.pm => Auth-my_external_auth.pm} (56%) diff --git a/FS/FS/Auth.pm b/FS/FS/Auth.pm new file mode 100644 index 000000000..543978e8b --- /dev/null +++ b/FS/FS/Auth.pm @@ -0,0 +1,25 @@ +package FS::Auth; + +use strict; +use FS::Conf; + +sub authenticate { + my $class = shift; + + $class->auth_class->authenticate(@_); +} + +sub auth_class { + #my($class) = @_; + + my $conf = new FS::Conf; + my $module = lc($conf->config('authentication_module')) || 'internal'; + + my $auth_class = 'FS::Auth::'.$module; + eval "use $auth_class;"; + die $@ if $@; + + $auth_class; +} + +1; diff --git a/FS/FS/AuthCookieHandler.pm b/FS/FS/AuthCookieHandler.pm index a8ee37079..cd89f55af 100644 --- a/FS/FS/AuthCookieHandler.pm +++ b/FS/FS/AuthCookieHandler.pm @@ -4,34 +4,29 @@ use base qw( Apache2::AuthCookie ); use strict; use FS::UID qw( adminsuidsetup preuser_setup ); use FS::CurrentUser; - -my $module = 'legacy'; #XXX i am set in a conf somehow? or a config file +use FS::Auth; sub authen_cred { my( $self, $r, $username, $password ) = @_; + preuser_setup(); + unless ( _is_valid_user($username, $password) ) { warn "failed auth $username from ". $r->connection->remote_ip. "\n"; return undef; } warn "authenticated $username from ". $r->connection->remote_ip. "\n"; - adminsuidsetup($username); - FS::CurrentUser->new_session; + FS::CurrentUser->load_user($username); + FS::CurrentUser->new_session; } sub _is_valid_user { my( $username, $password ) = @_; - my $class = 'FS::Auth::'.$module; - - #earlier? - eval "use $class;"; - die $@ if $@; - - $class->authenticate($username, $password); + FS::Auth->authenticate($username, $password); } sub authen_ses_key { @@ -47,7 +42,6 @@ sub authen_ses_key { } $curuser->username; - } 1; diff --git a/FS/FS/Mason/Request.pm b/FS/FS/Mason/Request.pm index 1e2555a76..5d6fc4cd4 100644 --- a/FS/FS/Mason/Request.pm +++ b/FS/FS/Mason/Request.pm @@ -93,7 +93,7 @@ sub freeside_setup { $cgi = new CGI; setcgi($cgi); - #cgisuidsetup is gone, adminsuidsetup is now done in AuthCookieHandler + #cgisuidsetup is gone, equivalent is now done in AuthCookieHandler $fsurl = rooturl(); $p = popurl(2); diff --git a/FS/FS/Schema.pm b/FS/FS/Schema.pm index 923f1fd9d..899b67b35 100644 --- a/FS/FS/Schema.pm +++ b/FS/FS/Schema.pm @@ -3584,13 +3584,14 @@ sub tables_hashref { 'access_user' => { 'columns' => [ - 'usernum', 'serial', '', '', '', '', - 'username', 'varchar', '', $char_d, '', '', - '_password', 'varchar', '', $char_d, '', '', - 'last', 'varchar', '', $char_d, '', '', - 'first', 'varchar', '', $char_d, '', '', - 'user_custnum', 'int', 'NULL', '', '', '', - 'disabled', 'char', 'NULL', 1, '', '', + 'usernum', 'serial', '', '', '', '', + 'username', 'varchar', '', $char_d, '', '', + '_password', 'varchar', '', $char_d, '', '', + '_password_encoding', 'varchar', 'NULL', $char_d, '', '', + 'last', 'varchar', '', $char_d, '', '', + 'first', 'varchar', '', $char_d, '', '', + 'user_custnum', 'int', 'NULL', '', '', '', + 'disabled', 'char', 'NULL', 1, '', '', ], 'primary_key' => 'usernum', 'unique' => [ [ 'username' ] ], diff --git a/eg/access_user-external_auth.pm b/eg/Auth-my_external_auth.pm similarity index 56% rename from eg/access_user-external_auth.pm rename to eg/Auth-my_external_auth.pm index bc6e23a2d..38f9d5bfb 100644 --- a/eg/access_user-external_auth.pm +++ b/eg/Auth-my_external_auth.pm @@ -1,11 +1,10 @@ -package FS::access_user::external_auth; -use base qw( FS::access_user::external ); #inherit from ::external for - # autocreation +package FS::Auth::my_external_auth; +use base qw( FS::Auth::external ); #need to inherit from ::external use strict; sub authenticate { - my( $username, $check_password ) = @_; + my($self, $username, $check_password ) = @_; #magic happens here -- 2.11.0