Parent Directory
| 
Revision Log
Revision 335 - (view) (download) (as text)
| 1 : | malsyned | 305 | package WeBWorK::Authen; |
| 2 : | |||
| 3 : | malsyned | 335 | use WeBWorK::DB::Auth |
| 4 : | |||
| 5 : | malsyned | 323 | # Package constants. These should never be changed in other places ever |
| 6 : | my $key_length = 40; # number of chars in each key | ||
| 7 : | my @key_chars = ('A'..'Z', 'a'..'z', '0'..'9', '.', '^', '/', '!', '*'); | ||
| 8 : | |||
| 9 : | malsyned | 305 | sub new($$$) { |
| 10 : | malsyned | 323 | my $invocant = shift; |
| 11 : | my $class = ref($invocant) || $invocant; | ||
| 12 : | malsyned | 305 | my $self = {}; |
| 13 : | ($self->{r}, $self->{courseEnvironment}) = @_; | ||
| 14 : | bless $self, $class; | ||
| 15 : | return $self; | ||
| 16 : | } | ||
| 17 : | |||
| 18 : | malsyned | 323 | sub generate_key { |
| 19 : | my $i = $key_length; | ||
| 20 : | my $key = ''; | ||
| 21 : | srand; | ||
| 22 : | while($i) { | ||
| 23 : | $key .= $key_chars[rand(@key_chars)]; | ||
| 24 : | $i--; | ||
| 25 : | } | ||
| 26 : | return $key; | ||
| 27 : | } | ||
| 28 : | |||
| 29 : | malsyned | 313 | # verify will return 1 if the person is who they say the are. |
| 30 : | # If the verification failed because of of invalid authentication data, | ||
| 31 : | # a note will be written in the request explaining why it failed. | ||
| 32 : | # If the request failed because no authentication data was provided, however, | ||
| 33 : | # no note will be written, as this is expected to happen whenever someone | ||
| 34 : | # types in a URL manually, and is not considered an error condition. | ||
| 35 : | malsyned | 305 | sub verify($) { |
| 36 : | my $self = shift; | ||
| 37 : | my $r = $self->{r}; | ||
| 38 : | malsyned | 335 | my $course_env = $self->{courseEnvironment}; |
| 39 : | malsyned | 305 | |
| 40 : | malsyned | 313 | my $user = $r->param('user'); |
| 41 : | my $passwd = $r->param('passwd'); | ||
| 42 : | my $key = $r->param('key'); | ||
| 43 : | malsyned | 323 | my $time = time; |
| 44 : | malsyned | 313 | |
| 45 : | # Get this out of the way first thing. We don't want anything else | ||
| 46 : | # having access to this. It's bad enough that it goes over the wire | ||
| 47 : | # plaintext. | ||
| 48 : | malsyned | 323 | # I wish there was a way to delete this entirely, rather than just |
| 49 : | # undefining it, just because it would be neater. | ||
| 50 : | malsyned | 313 | $r->param('passwd',undef); |
| 51 : | |||
| 52 : | my $return, $error; | ||
| 53 : | |||
| 54 : | malsyned | 335 | my $auth = WeBWorK::DB::Auth->new($course_env); |
| 55 : | |||
| 56 : | malsyned | 313 | # The first part of this big conditional checks to make that we have |
| 57 : | # all of the form info that we need. It's pretty boring. The kooky | ||
| 58 : | # authen stuff comes after that. | ||
| 59 : | if (!defined $user && !defined $passwd && !defined $key) { | ||
| 60 : | # The user hasn't even had a chance to say who he is, so we | ||
| 61 : | # can't hold it against him that we don't know. | ||
| 62 : | undef $error; | ||
| 63 : | $return = 0; | ||
| 64 : | } elsif (!$user) { | ||
| 65 : | $error = "You must specify a username"; | ||
| 66 : | $return = 0; | ||
| 67 : | } elsif (!$passwd && !$key) { | ||
| 68 : | $error = "You must enter a password"; | ||
| 69 : | $return = 0; | ||
| 70 : | malsyned | 305 | } |
| 71 : | malsyned | 313 | # OK, we're done with the trivia. Now lets authenticate. |
| 72 : | # This is the part that will get rewritten after Sam finishes | ||
| 73 : | # his work on the database stuff. | ||
| 74 : | malsyned | 335 | elsif ($passwd) { |
| 75 : | if ($auth->verifyPassword($user, $passwd)) { | ||
| 76 : | malsyned | 323 | $key = generate_key; |
| 77 : | malsyned | 335 | $auth->setKey($user, $key, time); |
| 78 : | malsyned | 323 | $r->param('key',$key); |
| 79 : | malsyned | 313 | $return = 1; |
| 80 : | } else { | ||
| 81 : | malsyned | 335 | $error = "Incorrect username or password"; |
| 82 : | malsyned | 313 | $return = 0; |
| 83 : | } | ||
| 84 : | } elsif ($key) { | ||
| 85 : | malsyned | 335 | # The timestamp gets updated by verifyKey with the time passed in |
| 86 : | if ($auth->verifyKey($user, $key, time)) { | ||
| 87 : | malsyned | 313 | $return = 1; |
| 88 : | } else { | ||
| 89 : | malsyned | 329 | $error = "Your session has expired. You must login again"; |
| 90 : | malsyned | 313 | $return = 0; |
| 91 : | } | ||
| 92 : | } else { | ||
| 93 : | $error = "Unexpected authentication error!"; | ||
| 94 : | $return = 0; | ||
| 95 : | malsyned | 305 | } |
| 96 : | malsyned | 313 | |
| 97 : | |||
| 98 : | $r->notes("authen_error",$error); | ||
| 99 : | return $return; | ||
| 100 : | |||
| 101 : | # Whatever you do, don't delete this! | ||
| 102 : | critical($r); | ||
| 103 : | malsyned | 305 | } |
| 104 : | |||
| 105 : | 1; |
| aubreyja at gmail dot com | ViewVC Help |
| Powered by ViewVC 1.0.9 |