[system] / trunk / webwork2 / lib / WeBWorK / Authen.pm Repository:
ViewVC logotype

View of /trunk/webwork2/lib/WeBWorK/Authen.pm

Parent Directory Parent Directory | Revision Log Revision Log


Revision 323 - (download) (as text) (annotate)
Thu May 30 20:34:46 2002 UTC (17 years, 7 months ago) by malsyned
File size: 2832 byte(s)
-Fixed a few interfaces so that they make more sense (I hope)
-Added preliminary templating code to ContentGenerator
-Added a lot of logic to the dispatcher (WeBWorK.pm).  More to come, too.
-Moved lots of things over to CGI.pm, for my convenience while prototyping
-Added preliminary examples of ProblemSets, ProblemSet, and Problem.
 Problem.pm will some day go on to do what ProcessProblem8 does right now,
 so keep your eyes on that one.
--Dennis

    1 package WeBWorK::Authen;
    2 
    3 # Package constants.  These should never be changed in other places ever
    4 my $key_length = 40;      # number of chars in each key
    5 my @key_chars = ('A'..'Z', 'a'..'z', '0'..'9', '.', '^', '/', '!', '*');
    6 
    7 sub new($$$) {
    8   my $invocant = shift;
    9   my $class = ref($invocant) || $invocant;
   10   my $self = {};
   11   ($self->{r}, $self->{courseEnvironment}) = @_;
   12   bless $self, $class;
   13   return $self;
   14 }
   15 
   16 sub generate_key {
   17   my $i = $key_length;
   18   my $key = '';
   19   srand;
   20   while($i) {
   21     $key .= $key_chars[rand(@key_chars)];
   22     $i--;
   23   }
   24   return $key;
   25 }
   26 
   27 # verify will return 1 if the person is who they say the are.
   28 # If the verification failed because of of invalid authentication data,
   29 # a note will be written in the request explaining why it failed.
   30 # If the request failed because no authentication data was provided, however,
   31 # no note will be written, as this is expected to happen whenever someone
   32 # types in a URL manually, and is not considered an error condition.
   33 sub verify($) {
   34   my $self = shift;
   35   my $r = $self->{r};
   36 
   37   my $user = $r->param('user');
   38   my $passwd = $r->param('passwd');
   39   my $key = $r->param('key');
   40   my $time = time;
   41 
   42   # Get this out of the way first thing.  We don't want anything else
   43   # having access to this.  It's bad enough that it goes over the wire
   44   # plaintext.
   45   # I wish there was a way to delete this entirely, rather than just
   46   # undefining it, just because it would be neater.
   47   $r->param('passwd',undef);
   48 
   49   my $return, $error;
   50 
   51   # The first part of this big conditional checks to make that we have
   52   # all of the form info that we need. It's pretty boring.  The kooky
   53   # authen stuff comes after that.
   54   if (!defined $user && !defined $passwd && !defined $key) {
   55     # The user hasn't even had a chance to say who he is, so we
   56     # can't hold it against him that we don't know.
   57     undef $error;
   58     $return = 0;
   59   } elsif (!$user) {
   60     $error = "You must specify a username";
   61     $return = 0;
   62   } elsif (!$passwd && !$key) {
   63     $error = "You must enter a password";
   64     $return = 0;
   65   }
   66   # OK, we're done with the trivia.  Now lets authenticate.
   67   # This is the part that will get rewritten after Sam finishes
   68   # his work on the database stuff.
   69   elsif ($user ne "dennis") {
   70     $error = "Unknown user";
   71     $return = 0;
   72   } elsif ($passwd) {
   73     if ($passwd eq "helloworld") {
   74       $key = generate_key;
   75       #TODO: enter $key and $time into the database
   76       $r->param('key',$key);
   77       $return = 1;
   78     } else {
   79       $error = "Incorrect password";
   80       $return = 0;
   81     }
   82   } elsif ($key) {
   83     if ($key ne 'invalidkeyhahaha') {
   84       $return = 1;
   85     } else {
   86       $error = "Your session has expired.  You must re-login";
   87       $return = 0;
   88     }
   89   } else {
   90     $error = "Unexpected authentication error!";
   91     $return = 0;
   92   }
   93 
   94 
   95   $r->notes("authen_error",$error);
   96   return $return;
   97 
   98   # Whatever you do, don't delete this!
   99   critical($r);
  100 }
  101 
  102 1;

aubreyja at gmail dot com
ViewVC Help
Powered by ViewVC 1.0.9