Apache-iNcom
view release on metacpan or search on metacpan
* lib/DBIx/SearchProfiles.pm (pod): Corrected rollback
documentation.
1999-11-09 Francis J. Lacoste <francis.lacoste@iNsu.COM>
* lib/Apache/iNcom/Request.pm (new): Implemented
INCOM_SCRAMBLE_PASSWORD configuration directive.
* lib/Apache/iNcom.pm (pod): Documented the INCOM_SCRAMBLE_PASSWORD
configuration directive to change password scrambling option.
* lib/DBIx/UserDB.pm: Made password's scrambling optional.
1999-11-08 Francis J. Lacoste <francis.lacoste@iNsu.COM>
* demo/incom.sql: Fix errors in group_acl index definitions.
* lib/Apache/iNcom.pm (new_session_handler): Forgot to pass
request object in call to return_error.
(dispatch_handler): Added Pragma and Cache-control headers for
browser that ignores the Expires header.
* lib/Apache/iNcom/Request.pm (new): INCOM_ROOT may be relative
to the server root.
1999-10-15 Francis J. Lacoste <francis.lacoste@iNsu.COM>
* lib/Apache/Session/DBIUUStore.pm: Removed requirements on
MIME::Base64, used perl internal
pack and unpack.
Added possibility to specify DSN,
username and password rather than
an open DBI connection.
* Many files: Name space reorganization.
TAG: INCOM_0_03
* iNcom.spec: Set BuildArchitectures to noarch.
* lib/iNcom/UserDBAuthen.pm: Added.
demo/incom.sql view on Meta::CPAN
id CHAR(32) PRIMARY KEY,
length INT,
a_session TEXT,
created TIMESTAMP DEFAULT 'now()',
last_update TIMESTAMP DEFAULT 'now()'
);
CREATE TABLE userdb (
uid SERIAL PRIMARY KEY,
username CHAR(32) UNIQUE,
password CHAR(32),
carts TEXT,
visits INT DEFAULT 0,
last_login TIMESTAMP DEFAULT 'now()',
last_host CHAR(128),
fullname CHAR(128),
b_name CHAR(128),
b_address CHAR(128),
b_city CHAR(128),
b_state CHAR(32),
b_country CHAR(2),
lib/Apache/Session/DBIBase64Store.pm view on Meta::CPAN
return bless {}, $class;
}
sub get_handle {
my ($self,$session) = @_;
my $dbh = $session->{args}{dbh} || $self->{dbh};
unless ( $dbh ) {
my $dsn = $session->{args}{DataSource};
my $username = $session->{args}{UserName};
my $password = $session->{args}{Password};
die "No opened database connection and no DSN\n" unless $dsn;
$dbh = DBI->connect( $dsn, $username, $password, { AutoCommit => 0,
RaiseError => 1,
} );
# Save it for future use
$self->{dbh} = $dbh;
}
die "No opened database connection\n" unless $dbh;
return $dbh;
}
lib/Apache/iNcom.pm view on Meta::CPAN
C<userdb>. See DBIx::UserDB(3) for more information. To disable the
use of a DBIx::UserDB object, sets this directives to C<NONE>.
=item INCOM_GROUPDB_PROFILE
Name of the profile to use for the group database access. Defaults to
C<groupdb>. See DBIx::UserDB(3) for more information.
=item INCOM_SCRAMBLE_PASSWORD
Turn on or off scrambling of user's password in the UserDB.
=back
=head2 LOCALIZATION DIRECTIVES
=over
=item INCOM_DEFAULT_LANGUAGE
lib/Apache/iNcom/Request.pm view on Meta::CPAN
# Setup the UserDB object
my $userdb_tmpl = $req_rec->dir_config( "INCOM_USERDB_PROFILE" );
unless ( $userdb_tmpl eq "NONE" ) {
$self->{userdb} = new DBIx::UserDB( $self->{database},
$userdb_tmpl,
$req_rec->dir_config( "INCOM_GROUPDB_PROFILE" ) );
my $scramble = $req_rec->dir_config( "INCOM_SCRAMBLE_PASSWORD" );
if ( defined $scramble ) {
$scramble = $scramble =~ /t(rue)?|1|on|y(es)?/i;
$self->{userdb}->scramble_password( $scramble );
}
# Load it if the user has logged into this session
if ( exists $self->{session}{_incom_logged_in} ) {
$self->{user} =
$self->{userdb}->user_get( $self->{session}{_incom_logged_in} );
}
}
}
lib/Apache/iNcom/Request.pm view on Meta::CPAN
Returns the ip address of the user.
=cut
sub remote_ip {
return $_[0]->{req_rec}->connection->remote_ip;
}
=pod
=head2 login ( $username, $password )
Invokes the C<login> methods of the UserDB and if the login succeeded,
the user will be associated with the current Session, and its informations
will be available on each subsequent requests until the user logout.
=cut
sub login {
my ($self,$username,$password) = @_;
# Throw an exception if the UserDB feature was turn off.
croak "login called when INCOM_USERDB_PROFILE set to NONE"
unless $_[0]->{userdb};
my $user;
if ( $user = $self->{userdb}->user_login( $username, $password ) ) {
# The login succeeded
# Update the session and save the user
$self->{session}{_incom_logged_in} = $user->{uid};
$user->{last_login} = time;
$user->{last_host} = $self->remote_host || $self->remote_ip;
$user->{visits} ||= 0;
$user->{visits}++;
$self->{userdb}->user_update( $user );
lib/Apache/iNcom/UserDBAuthen.pm view on Meta::CPAN
# Get user credentials
my ( $rc, $passwd ) = $r->get_basic_auth_pw();
return $rc if $rc != OK;
# Get the username
my $username = $r->connection->user;
# We are missing some infos here
unless ( $username and $passwd ) {
$r->note_basic_auth_failure;
$r->log_reason( "Missing username or password for authentication",
$r->filename );
return Apache::iNcom::return_error( $r, AUTH_REQUIRED );
}
# Check authentication
if ( $userdb->user_login( $username, $passwd ) ) {
return OK;
} else {
$r->note_basic_auth_failure;
$r->log_reason( "Authentication failed for $username",
lib/DBIx/UserDB.pm view on Meta::CPAN
DBIx::UserDB - Module to manage a user database using DBIx::SearchProfiles
=head1 SYNOPSIS
use DBIx::UserDB;
use DBIx::SearchProfiles;
my $db = new DBIx::SearchProfiles( ... );
my $userdb = new DBIx::UserDB( $db );
my $user = { username => $username, password => $password };
$user = $userdb->user_create( $user );
# Later on
my $user = $userdb->login( $user, $password );
die "Login failed" unless $user;
# Much later
if ( $userdb->allowed( $user, $target, "DELETE" ) ) {
...
}
=head1 DESCRIPTION
The DBIx::UserDB uses DBIx::SearchProfiles to manage a user and group
lib/DBIx/UserDB.pm view on Meta::CPAN
=head1 CONFIGURATION
In order to use DBIx::UserDB you will need to create a few tables in
your DMBS and to create the approriate DBIx::SearchProfiles.
Here is the minimal schema required in your DBMS :
CREATE TABLE userdb (
uid SERIAL PRIMARY KEY,
username CHAR(32) UNIQUE,
password CHAR(32)
);
CREATE TABLE groupdb (
gid SERIAL PRIMARY KEY,
groupname CHAR(32) UNIQUE
);
CREATE TABLE groupmembers (
gid INT REFERENCES groupdb,
uid INT REFERENCES userdb,
lib/DBIx/UserDB.pm view on Meta::CPAN
negated BOOL DEFAULT 0,
PRIMARY KEY (target,privilege)
);
This SQL was tested with PostgreSQL, modify according to your RDBMS.
And here is its related DBIx::SearchProfiles profile :
{
userdb =>
{
fields => [qw( username password ) ],
keys => [qw( uid )],
table => "userdb",
},
groupdb =>
{
query => q{ SELECT m.gid,uid,groupname FROM groupdb, groupmembers m
WHERE uid = ? },
params => [ qw( uid ) ],
fields => [ qw( groupname ) ],
keys => [ qw( gid )],
lib/DBIx/UserDB.pm view on Meta::CPAN
You may add any fields to the groupdb and userdb tables as long as you
add them to the profiles. The I<userdb> profile should be a C<record>
profile (see DBIx::SearchProfiles(3)) and I<groupdb> should contains
both template profile's information (for finding the users associated
with a group) and record profile's information (for inserting and
updating group's information). Additionaly you may change the fields
length of all required fields.
Passwords are uuencoded for storage (for minimal privacy not for
security), so take this into account when setting the password field's
length. If you want to store password in plaintext, use the
C<scramble_password> method.
=head1 INITIALIZATION
Initializing the DBIx::UserDB is as simple as
my $userdb = new DBIx::UserDB( $DB, "userdb", "groupdb" );
The first parameter is a DBIx::SearchProfiles object which will be
used to access the database. The second parameter is the name of the
profile that should be used to access the users' information (defaults
lib/DBIx/UserDB.pm view on Meta::CPAN
$self->{DB} = $DB;
$self->{user_profile} = $user_profile;
$self->{group_profile} = $group_profile;
$self->{scramble} = 1;
$self;
}
=pod
=head2 scramble_password ( [new_setting] )
Return the scramble password setting. You may also change the setting
by giving the method a new value. If scramble password is true, user's
password will be uuencoded before being stored in the database.
=cut
sub scramble_password($;$) {
$_[0]->{scramble} = $_[1] if @_ == 2;
$_[0]->{scramble};
}
=pod
=head1 USER METHODS
Here are the methods for managing users in the database.
=head2 user_create ( \%user )
This method creates a user with the information specified in the hash
reference in the database. In the user's hash, at least the fields
I<username> and I<password> should be set.
The methods return true on success and false if there is already a
username with that name in the database. Exception are thrown on
database errors. Additionally, on return, the method will add the UID
of the newly created user.
=cut
sub user_create {
my ( $self, $user ) = @_;
# Check for a user with the same username
my $old_user = $self->{DB}->record_search( $self->{user_profile},
{username => $user->{username}}
);
return undef if @$old_user;
# Scramble the password for persistence
$user->{password} = pack "u*", $user->{password}
if ( $self->{scramble} );
$self->{DB}->record_insert( $self->{user_profile}, $user );
# Load the user back
my $new_user = $self->{DB}->record_search( $self->{user_profile},
{username => $user->{username}}
);
die "Can't find new user\n" unless @$new_user == 1;
# Copy the fields of the new user back in this one
while ( my ($name,$value) = each %{$new_user->[0]} ) {
$user->{$name} = $value;
}
# Unscramble the password
$user->{password} = unpack "u*", $user->{password}
if $self->{scramble};
return $user;
}
sub user_load {
my ($self,$user) = @_;
# Unscramble the password
$user->{password} = unpack "u*", $user->{password}
if $self->{scramble};
$user->{groups} =
$self->{DB}->template_search( $self->{group_profile},
{ uid => $user->{uid} } );
return $user;
}
=pod
=head2 user_search ( \%params )
lib/DBIx/UserDB.pm view on Meta::CPAN
my $users = $self->{DB}->record_search( $self->{user_profile},
{ username => $uidorname } );
return undef unless @$users;
$user = $users->[0];
}
$self->user_load( $user );
}
=pod
=head2 user_login ( $username, $password )
This method will return the user which have the corresponding username
and password or undef if the username or password is invalid.
=cut
sub user_login {
my ( $self, $username, $password) = @_;
my $user = $self->{DB}->record_search( $self->{user_profile},
{username => $username,
password => ($self->{scramble} ?
pack( "u*", $password ) :
$password)
}
);
return undef unless @$user == 1;
$user = $user->[0];
$self->user_load($user);
}
=pod
lib/DBIx/UserDB.pm view on Meta::CPAN
method has no effects on the group information. Use the
C<group_add_user> and C<group_remove_user> methods for modifying the
groups associated with a user.
=cut
sub user_update {
my ( $self, $user ) = @_;
die "Bad user: no uid\n" unless defined $user->{uid};
# Scramble password
$user->{password} = pack "u*", $user->{password}
if $self->{scramble};
$self->{DB}->record_update( $self->{user_profile}, $user );
# Unscramble
$user->{password} = unpack "u*", $user->{password}
if $self->{scramble};
}
=pod
=head1 GROUP METHODS
Here are the methods to manage group information
=head2 group_create ( \%group )
lib/DBIx/UserDB.pm view on Meta::CPAN
__END__
=pod
=head1 BUGS AND LIMITATIONS
Please report bugs, suggestions, patches and thanks to
<bugs@iNsu.COM>.
Authentication is limited to clear text password authentication.
User and group data structure is restricted to single level hash.
=head1 AUTHOR
Copyright (c) 1999 Francis J. Lacoste and iNsu Innovations Inc.
All rights reserved.
This program is free software; you can redistribute it and/or modify
it under the terms as perl itself.
( run in 0.563 second using v1.01-cache-2.11-cpan-49f99fa48dc )