[system] / trunk / webwork2 / lib / WeBWorK / Authen.pm Repository:
ViewVC logotype

View of /trunk/webwork2/lib/WeBWorK/Authen.pm

Parent Directory Parent Directory | Revision Log Revision Log

Revision 313 - (download) (as text) (annotate)
Tue May 28 21:23:45 2002 UTC (10 years, 11 months ago) by malsyned
File size: 2325 byte(s) 
- ContentGenerator.pm is now officially the superclass to all modules called
  by the dispatcher to generate content.
- Authen.pm now has a single point of exit, which makes it easier to read,
  debug, and modify
- Login.pm is now a subclass of ContentGenerator, and apart from the HTML,
  is in it's final form.
- All code has been commented up
- The authentication wrapper is now a working demonstration.  Anyone could
  stick it on a webserver and try it out.  The database code isn't written,
  so it authenticates against hardcoded strings (username: dennis,
  passwd: helloworld), but this at least proves that the system is workable.

--Dennis

    1 package WeBWorK::Authen;
    2 
    3 sub new($$$) {
    4   my $proto = shift;
    5   my $class = ref($proto) || $proto;
    6   my $self = {};
    7   ($self->{r}, $self->{courseEnvironment}) = @_;
    8   bless $self, $class;
    9   return $self;
   10 }
   11 
   12 # verify will return 1 if the person is who they say the are.
   13 # If the verification failed because of of invalid authentication data,
   14 # a note will be written in the request explaining why it failed.
   15 # If the request failed because no authentication data was provided, however,
   16 # no note will be written, as this is expected to happen whenever someone
   17 # types in a URL manually, and is not considered an error condition.
   18 sub verify($) {
   19   # Definition: "magic data": passwd or key
   20   my $self = shift;
   21   my $r = $self->{r};
   22 
   23   my $user = $r->param('user');
   24   my $passwd = $r->param('passwd');
   25   my $key = $r->param('key');
   26 
   27   # Get this out of the way first thing.  We don't want anything else
   28   # having access to this.  It's bad enough that it goes over the wire
   29   # plaintext.
   30   $r->param('passwd',undef);
   31 
   32   my $return, $error;
   33 
   34   # The first part of this big conditional checks to make that we have
   35   # all of the form info that we need. It's pretty boring.  The kooky
   36   # authen stuff comes after that.
   37   if (!defined $user && !defined $passwd && !defined $key) {
   38     # The user hasn't even had a chance to say who he is, so we
   39     # can't hold it against him that we don't know.
   40     undef $error;
   41     $return = 0;
   42   } elsif (!$user) {
   43     $error = "You must specify a username";
   44     $return = 0;
   45   } elsif (!$passwd && !$key) {
   46     $error = "You must enter a password";
   47     $return = 0;
   48   }
   49   # OK, we're done with the trivia.  Now lets authenticate.
   50   # This is the part that will get rewritten after Sam finishes
   51   # his work on the database stuff.
   52   elsif ($user ne "dennis") {
   53     $error = "Unknown user";
   54     $return = 0;
   55   } elsif ($passwd) {
   56     if ($passwd eq "helloworld") {
   57       $r->param('key','tH1siS@pH0n3Yk3y');
   58       $return = 1;
   59     } else {
   60       $error = "Incorrect password";
   61       $return = 0;
   62     }
   63   } elsif ($key) {
   64     if ($key eq 'tH1siS@pH0n3Yk3y') {
   65       $return = 1;
   66     } else {
   67       $error = "Your session has expired.  You must re-login";
   68       $return = 0;
   69     }
   70   } else {
   71     $error = "Unexpected authentication error!";
   72     $return = 0;
   73   }
   74 
   75 
   76   $r->notes("authen_error",$error);
   77   return $return;
   78 
   79   # Whatever you do, don't delete this!
   80   critical($r);
   81 }
   82 
   83 1;
aubreyja at gmail dot com
 ViewVC Help
Powered by ViewVC 1.0.9