Apache-Authen-Generic
view release on metacpan or search on metacpan
PerlSetVar generic_auth_cookie_name test_cookie
PerlSetVar generic_auth_ref_url_var ref_url
PerlSetVar generic_auth_set_cookie_env 1
</Location>
# cgi script
use Apache::Authen::Generic;
my $auth_obj = Apache::Authen::Generic->new;
if (&check_login($user, $pwd)) {
my $cookie = $auth_obj->($data, $key);
print "Set-Cookie: $cookie\n";
print "Location: $redirect_url\n";
print "\n";
} else {
&handle_invalid_password()
}
# Efforts have been made to make this module work under Apache
# 1.3.* and mod_perl 1.0, but it has only been tested under
# Apache 2.0.* and mod_perl 2.0.
This is a regular expression that will be run against the URI
the user is trying to access. If a match occurs, the user will
be allowed through, as if the user had been authenticated. This
is useful for allowing the user to access the login page and to
allow access to other public pages.
=head3 generic_auth_cookie_name
This is the name of the cookie that will be used to verify
authentication. This must match the name passed to the
generateAuthCookie() method when using a CGI script for the
login process.
=head3 generic_auth_ref_url_var
This is the name of the field the handler will use to pass the
current URI to the authentication failed page. This is useful
for redirecting the user to the page the user was originally
trying to access when prompted with the login page.
=head3 generic_auth_set_cookie_env
If this is set to a true value, and the first argument passed to
the generateAuthCookie() method is a hash, those values will be
available to your CGI scripts as environment variables whose
names are the keys of the hash prefixed with the cookie name (as
set by generic_auth_cookie_name) and an underscore.
=head1 METHODS
=cut
use strict;
use Crypt::CBC;
}
sub new {
my ($proto) = @_;
my $self = bless {}, ref($proto) || $proto;
return $self;
}
=pod
=head2 generateAuthCookie($data, $key, $cookie_params, $cookie_name)
This method is used to generate the authentication cookie from a
CGI script. The return value is the value to set for the header
Set-Cookie without the end of line sequence, e.g.,
my $cookie = $auth_obj->($data, $key);
print "Set-Cookie: $cookie\n";
print "Location: $redirect_url\n";
print "\n";
The value for $key must be the same value assigned to
generic_auth_cipher_key in the webserver configuration.
if $data is a reference to a hash and the
generic_auth_set_cookie_env variable is set to a true value in
the Apache configuration, the values from the hash will be
available to your CGI scripts as environment variables whose
names are the keys of the hash prefixed with the cookie name (as
set by generic_auth_cookie_name) and an underscore.
=cut
# This method is normally to be run from a CGI script
sub generateAuthCookie {
my ($self, $data, $key, $cookie_params, $cookie_name) = @_;
$cookie_params = {} unless ref($cookie_params) eq 'HASH';
$cookie_name = $self->getAuthCookieName if $cookie_name eq '';
my $array = [ 1, $data ];
# this value is encoded -- should be safe for cookies
my $val = $self->encrypt($array, undef, $key);
my $path = $$cookie_params{path};
$path = '/' unless defined $path;
my $params = [ "path=$path" ];
if (defined($$cookie_params{domain})) {
return MP2 ? Apache::OK() : Apache::Constants::OK();
}
# redirect to login page
return $self->redirectToAuthFailedPage($req);
}
sub checkAlreadyAuthenticated {
my ($self, $req) = @_;
my $cookies = $self->getCookies($req);
my $cookie_name = $self->getAuthCookieName($req);
my $cipher_val = $$cookies{$cookie_name};
return undef if $cipher_val eq '';
my $data = $self->decrypt($cipher_val, $req);
unless (ref($data) eq 'ARRAY' and scalar(@$data) > 0) {
local(*OUT);
open(OUT, ">>/tmp/test_auth_log.txt");
print OUT "\$data not an array\n";
close OUT;
return undef;
if (defined($hash) and ref($hash) eq 'HASH') {
while (my ($key, $value) = each %$hash) {
$req->subprocess_env("${cookie_name}_$key" => $value);
}
}
}
return 1;
}
sub getAuthCookieName {
my ($self, $req) = @_;
if ($req) {
my $cookie_name = $req->dir_config('generic_auth_cookie_name');
return $cookie_name unless $cookie_name eq '';
}
return 'generic_auth';
}
$obj = Digest::SHA1->new;
$$self{_digest_obj} = $obj;
return $obj;
}
sub getCipher {
my ($self, $req) = @_;
return 'Crypt::Rijndael';
}
sub getCookies {
my ($self, $req) = @_;
my $headers = $req->headers_in;
return $self->parseCookieData($$headers{Cookie});
}
sub parseCookieData {
my ($self, $cookie_data) = @_;
my $results = {};
my(@pairs) = split("; ", $cookie_data);
foreach my $key_value (@pairs) {
my ($key, $value) = split("=", $key_value);
$$results{$key} = $value;
}
return $results unless wantarray;
return %$results;
PerlSetVar generic_auth_cookie_name test_cookie
PerlSetVar generic_auth_ref_url_var ref_url
PerlSetVar generic_auth_set_cookie_env 1
</Location>
# cgi script
use Apache::Authen::Generic;
my $auth_obj = Apache::Authen::Generic->new;
if (&check_login($user, $pwd)) {
my $cookie = $auth_obj->($data, $key);
print "Set-Cookie: $cookie\n";
print "Location: $redirect_url\n";
print "\n";
} else {
&handle_invalid_password()
}
# Efforts have been made to make this module work under Apache
# 1.3.* and mod_perl 1.0, but it has only been tested under
# Apache 2.0.* and mod_perl 2.0.
generic_auth_allow_url
This is a regular expression that will be run against the URI
the user is trying to access. If a match occurs, the user will
be allowed through, as if the user had been authenticated. This
is useful for allowing the user to access the login page and to
allow access to other public pages.
generic_auth_cookie_name
This is the name of the cookie that will be used to verify
authentication. This must match the name passed to the
generateAuthCookie() method when using a CGI script for the
login process.
generic_auth_ref_url_var
This is the name of the field the handler will use to pass the
current URI to the authentication failed page. This is useful
for redirecting the user to the page the user was originally
trying to access when prompted with the login page.
generic_auth_set_cookie_env
If this is set to a true value, and the first argument passed to
the generateAuthCookie() method is a hash, those values will be
available to your CGI scripts as environment variables whose
names are the keys of the hash prefixed with the cookie name (as
set by generic_auth_cookie_name) and an underscore.
METHODS
generateAuthCookie($data, $key, $cookie_params, $cookie_name)
This method is used to generate the authentication cookie from a
CGI script. The return value is the value to set for the header
Set-Cookie without the end of line sequence, e.g.,
my $cookie = $auth_obj->($data, $key);
print "Set-Cookie: $cookie\n";
print "Location: $redirect_url\n";
print "\n";
The value for $key must be the same value assigned to
generic_auth_cipher_key in the webserver configuration.
if $data is a reference to a hash and the
generic_auth_set_cookie_env variable is set to a true value in
the Apache configuration, the values from the hash will be
available to your CGI scripts as environment variables whose
examples/login.cgi view on Meta::CPAN
$cgi->parse;
my $fields = $cgi->vars;
my $username = $$fields{username};
my $password = $$fields{password};
my $ref_url = $$fields{ref_url};
if ($username eq 'test' and $password eq 'pwd') {
my $key = q{abcdefghijklmnopqrstuvwxyz012346};
my $auth = Apache::Authen::Generic->new;
my $cookie = $auth->generateAuthCookie({ test_var1 => 1, auth_level => 8 },
$key, {}, 'test_cookie');
if ($ref_url =~ m{^/}) {
$ref_url = $cgi->getSelfRefHostUrl . $ref_url;
}
print "Set-Cookie: $cookie\n";
print "Location: $ref_url\n\n";
exit 0;
} else {
my $args = { ref_url => $ref_url, msg => 'Password does not match' };
my $url = '/cgi-bin/login/login_form.cgi';
$url = $cgi->addParamsToUrl($url, $args);
print "Location: $url\n\n";
exit 0;
}
( run in 0.384 second using v1.01-cache-2.11-cpan-e9199f4ba4c )