Parent Directory
| 
Revision Log
-Fixed a few interfaces so that they make more sense (I hope) -Added preliminary templating code to ContentGenerator -Added a lot of logic to the dispatcher (WeBWorK.pm). More to come, too. -Moved lots of things over to CGI.pm, for my convenience while prototyping -Added preliminary examples of ProblemSets, ProblemSet, and Problem. Problem.pm will some day go on to do what ProcessProblem8 does right now, so keep your eyes on that one. --Dennis
1 package WeBWorK::Authen; 2 3 # Package constants. These should never be changed in other places ever 4 my $key_length = 40; # number of chars in each key 5 my @key_chars = ('A'..'Z', 'a'..'z', '0'..'9', '.', '^', '/', '!', '*'); 6 7 sub new($$$) { 8 my $invocant = shift; 9 my $class = ref($invocant) || $invocant; 10 my $self = {}; 11 ($self->{r}, $self->{courseEnvironment}) = @_; 12 bless $self, $class; 13 return $self; 14 } 15 16 sub generate_key { 17 my $i = $key_length; 18 my $key = ''; 19 srand; 20 while($i) { 21 $key .= $key_chars[rand(@key_chars)]; 22 $i--; 23 } 24 return $key; 25 } 26 27 # verify will return 1 if the person is who they say the are. 28 # If the verification failed because of of invalid authentication data, 29 # a note will be written in the request explaining why it failed. 30 # If the request failed because no authentication data was provided, however, 31 # no note will be written, as this is expected to happen whenever someone 32 # types in a URL manually, and is not considered an error condition. 33 sub verify($) { 34 my $self = shift; 35 my $r = $self->{r}; 36 37 my $user = $r->param('user'); 38 my $passwd = $r->param('passwd'); 39 my $key = $r->param('key'); 40 my $time = time; 41 42 # Get this out of the way first thing. We don't want anything else 43 # having access to this. It's bad enough that it goes over the wire 44 # plaintext. 45 # I wish there was a way to delete this entirely, rather than just 46 # undefining it, just because it would be neater. 47 $r->param('passwd',undef); 48 49 my $return, $error; 50 51 # The first part of this big conditional checks to make that we have 52 # all of the form info that we need. It's pretty boring. The kooky 53 # authen stuff comes after that. 54 if (!defined $user && !defined $passwd && !defined $key) { 55 # The user hasn't even had a chance to say who he is, so we 56 # can't hold it against him that we don't know. 57 undef $error; 58 $return = 0; 59 } elsif (!$user) { 60 $error = "You must specify a username"; 61 $return = 0; 62 } elsif (!$passwd && !$key) { 63 $error = "You must enter a password"; 64 $return = 0; 65 } 66 # OK, we're done with the trivia. Now lets authenticate. 67 # This is the part that will get rewritten after Sam finishes 68 # his work on the database stuff. 69 elsif ($user ne "dennis") { 70 $error = "Unknown user"; 71 $return = 0; 72 } elsif ($passwd) { 73 if ($passwd eq "helloworld") { 74 $key = generate_key; 75 #TODO: enter $key and $time into the database 76 $r->param('key',$key); 77 $return = 1; 78 } else { 79 $error = "Incorrect password"; 80 $return = 0; 81 } 82 } elsif ($key) { 83 if ($key ne 'invalidkeyhahaha') { 84 $return = 1; 85 } else { 86 $error = "Your session has expired. You must re-login"; 87 $return = 0; 88 } 89 } else { 90 $error = "Unexpected authentication error!"; 91 $return = 0; 92 } 93 94 95 $r->notes("authen_error",$error); 96 return $return; 97 98 # Whatever you do, don't delete this! 99 critical($r); 100 } 101 102 1;
| aubreyja at gmail dot com | ViewVC Help |
| Powered by ViewVC 1.0.9 |