Apache-Wyrd
4 results

 view release on metacpan or  search on metacpan

Wyrd/Interfaces/GetUser.pm  view on Meta::CPAN 

	if ($@) {
		if ($self->can('_error')) {
			$self->_error("User object could not be use-d: $@");
		} else {
			warn("User object could not be use-d: $@");
		}
	}
	my $user = undef;
	#user may have been found in an earlier handler and left in the notes
	my $user_info = $self->req->notes('User');
	if ($user_info) {
		eval('$user=' . $user_object . '->revive($user_info)');
		if ($@) {
			$self->_warn("User could not be made from notes because of: $@.  Using a blank User.");
		}
		return $user;
	}
	#if an Auth handler has not received the request earlier, it may be necessary to build the user out of
	#the browser's cookie.
	my %cookie = Apache::Wyrd::Cookie->fetch;
	my $auth_cookie = $cookie{'auth_cookie'};
	my $ip = undef;
	if ($auth_cookie) {
		$auth_cookie = eval{$auth_cookie->value};
		return undef unless ($auth_cookie);
		use Apache::Wyrd::Services::CodeRing;
		my $cr = Apache::Wyrd::Services::CodeRing->new;
		($ip, $auth_cookie) = split(':', $auth_cookie);
		$ip = ${$cr->decrypt(\$ip)};
		my $ip_ok = 1;
		if ($self->req->dir_config('TieAddr')) {
			my $remote_ip = $self->dbl->req->connection->remote_ip;
			if ($remote_ip ne $ip) {
				$self->_debug("Remote ip $remote_ip does not match cookie IP $ip, discarding cookie");
				$ip_ok = 0;
			} else {
				$self->_debug("Remote ip $remote_ip matches cookie IP $ip, accepting cookie");
			}
		}
		return undef unless ($ip_ok);
		$user_info = ${$cr->decrypt(\$auth_cookie)};
		eval('$user=' . $user_object . '->revive($user_info)');
		if ($@) {
			if ($self->can('_error')) {
				$self->_error("User could not be made from cookie because of: $@");
			} else {
				warn("User could not be made from cookie because of: $@");
			}
		}
		return $user;
	}
	$user_info = $self->null_user_spec($user_object);
	eval('$user=' . $user_object . '->new($user_info)');
	return $user;
}

=pod

=item (hashref) C<null_user_spec> (scalar)

Because the Apache::Wyrd:Services::Auth framework requires that there must
be a user object defined even when no user has logged in, this is a "hook"
method for providing minimum initialization of the non-user user object.  It
is passed the class name of the type of user object being created.  Return
value is a hashref, defaulting to the empty hash. When there is no login,
this method's return value will be passed directly to the C<new> method of
the user object as if it were a new login.

=cut

sub null_user_spec {
	return {};
}

=pod

=back

=head1 BUGS/CAVEATS/RESERVED METHODS

UNKNOWN

=head1 AUTHOR

Barry King E<lt>wyrd@nospam.wyrdwright.comE<gt>

=head1 SEE ALSO

=over

=item Apache::Wyrd

General-purpose HTML-embeddable perl object

=back

=head1 LICENSE

Copyright 2002-2007 Wyrdwright, Inc. and licensed under the GNU GPL.

See LICENSE under the documentation for C<Apache::Wyrd>.

=cut

1;



( run in 0.771 second using v1.01-cache-2.11-cpan-e1769b4cff6 )