WeBWorK::Authen - Check user identity, manage session keys.
# Get the name of the appropriate Authen class, based on the %authen hash in $ce.
my $class_name = WeBWorK::Authen::class($ce, "user_module");
# Load that class.
runtime_use $class_name;
# Create an authen object.
my $authen = $class_name->new($c);
# Verify credentials.
$authen->verify or die "Authentication failed";
# Verification status is stored for quick retrieval later.
my $auth_ok = $authen->was_verified;
# For some reason, you might want to clear that cache.
$authen->forget_verification;WeBWorK::Authen is the base class for all WeBWorK authentication classes. It provides default authentication behavior which can be selectively overridden in subclasses.
Instantiates a new WeBWorK::Authen object for the given WeBWorK::Controller $c.
Usage: class($ce, $type)
This subroutine consults the given WeBWorK::CourseEnvironment object to determine which WeBWorK::Authen subclass should be used. $type can be any key given in the %authen hash in the course environment. If the type is not found in the %authen hash, an exception is thrown.
Returns true if verify returned true the last time it was called.
Future calls to was_verified will return false, until verify is called again and succeeds.
This method can be used to get or set values in the session. Note that if session_management_via is "session_cookie" then the Mojolicous cookie session is used. If session_management_via is "key", then only the session in the database is used. Note that database session is really a hash stored in $c->stash->{'webwork2.database_session} that has the following structure:
{ user_id => $userID, key => $key, timestamp => $timestamp, session => {} }Only keys in the session sub-hash can be set with this method. The user_id, key, and timestamp should be set directly in the webwork2.database_session hash.
A single value from the session can be obtained as follows.
$authen->session('key1');Values can be set as in the following examples.
$authen->session(key1 => 'value 1', key2 => 'value 2');
$authen->session({ key1 => 'value 1', key2 => 'value 2' });The entire session can be obtained as a hash reference as follows.
my $session = $authen->session;This sets data in the session that only persists for the next request.
Store the database session. This is called after the current request has been dispatched (in the after_dispatch hook). This allows database session values to be set or modified at any point before that is done.
Usage: $authen->check_session($userID, $possibleKey, $updateTimestamp)
This method returns 0 if no session is found for the given $useriD. If a session is found, then this method returns a list of three boolean values. The first will be 1 in this case and indicates the existence of the session, the second whether the given $possibleKey matches the stored key, and the third whether the time stamp is valid. If $updateTimestamp is true, the session time stamp is updated.