Apache-SdnFw
13 results

 view release on metacpan or  search on metacpan

lib/Apache/SdnFw/lib/Core.pm  view on Meta::CPAN 


	$s->tt('interface_login.tt',{ s => $s });

	return 0;
}

sub _interface_check_login {
	my $s = shift;

	if ($s->{in}{interface_email} && $s->{in}{interface_password}) {
		$s->{in}{interface_email} = lc $s->{in}{interface_email};
		my %hash = $s->db_q("
			SELECT *
			FROM $s->{o}{view}
			WHERE interface_email=?
			",'hash',
			v => [ $s->{in}{interface_email} ],
			);

		my $md5pass;
		if ($s->{env}{DEV}) {
			# skip password checking on dev
			$md5pass = $hash{interface_password};
		} else {
			$md5pass = md5_hex($hash{interface_email}.$s->{in}{interface_password});
		}

		if ($md5pass eq $hash{interface_password}) {
			my $cookie = $s->_interface_cookie_key(
				id => $hash{$s->{o}{id}},
				password => $hash{interface_password},
				);
			$s->{$s->{o}{id}} = $hash{$s->{o}{id}};
			$s->{$s->{o}{interface}} = { %hash };
			push @{$s->{r}{set_cookie}}, "IL=$cookie; path=/;";
			$s->db_update_key($s->{o}{table},$s->{o}{id},$hash{$s->{o}{id}},{
				interface_cookie => $cookie,
				});
			return 1;
		} else {
			$s->{error}{login} = "Invalid password";
		}
	}

	return 0;
}

sub _interface_check_cookie {
	my $s = shift;

	if ($s->{cookies}{IL}) {
		my %hash = $s->db_q("
			SELECT *
			FROM $s->{o}{view}
			WHERE interface_cookie=?
			",'hash',
			v => [ $s->{cookies}{IL} ],
			);

		if ($hash{$s->{o}{id}}) {
			my $validate = $s->_interface_cookie_key(
				id => $hash{$s->{o}{id}},
				password => $hash{interface_password},
				);

			if ($validate eq $s->{cookies}{IL}) {
				$s->{$s->{o}{id}} = $hash{$s->{o}{id}};
				$s->{$s->{o}{interface}} = { %hash };
				return 1;
			} else {
				push @{$s->{r}{set_cookie}}, 'IL=; path=/;';
				$s->db_update_key($s->{o}{table},$s->{o}{id},$hash{$s->{o}{id}},{
					interface_cookie => '',
					});
			}
		} else {
			push @{$s->{r}{set_cookie}}, 'IL=; path="/";';
		}
	}

	return 0;
}

sub _interface_cookie_key {
	my $s = shift;
	my %args = @_;

	my $expire;
	if ($s->{env}{ETERNAL_COOKIE}) {
		$expire = $s->{server_name}; # just add a little more to try and make this unique
	} else {
		$expire = time2str('%x',time());
	}
	return md5_hex("84Fw$args{id}YouSuck$args{passwd}7f2$expire");
}

sub _employee_permissions {
	my $s = shift;

	# build a data structure we can use in add_action to determine if
	# we should even show something to someone

	# first get a list of all actions that are not assigned to a group
	# which means everyone can do them
	# then append to this the actions that this specific person can do
	my @list = $s->db_q("
		SELECT a.a_object, a.a_function
		FROM actions a
			LEFT JOIN group_actions ga ON a.action_id=ga.action_id
		WHERE ga.group_id IS NULL
		UNION
		SELECT a.a_object, a.a_function
		FROM employee_groups eg
			JOIN group_actions ga ON eg.group_id=ga.group_id
			JOIN actions a ON ga.action_id=a.action_id
		WHERE eg.employee_id=?
		",'arrayhash',
		c => "employeepermission$s->{employee_id}",
		cache_for => '60',
		v => [ $s->{employee_id} ]);

	# now, from this list, lets make a data structure we can use
	foreach my $ref (@list) {
		$s->{employee}{object}{$ref->{a_object}}{$ref->{a_function}} = 1;
	}
}

lib/Apache/SdnFw/lib/Core.pm  view on Meta::CPAN 

					$v =~ s/%([0-9a-fA-F]{2})/pack("c",hex($1))/ge;
					$s->{in}{$k} = $v;
				}
			}

			return 1;
		}
	}

	return 0;
}

sub _check_api {
	my $s = shift;

	if ($s->{in}{key}) {
		my $employee_id = $s->db_q("
			SELECT employee_id
			FROM employees
			WHERE apikey=?
			AND COALESCE(expired_ts,now()) >= now()
			",'scalar',
			c => "apikey$s->{in}{key}",
			cache_for => '60',
			v => [ $s->{in}{key} ]);

		if ($employee_id) {
			$s->{employee_id} = $employee_id;
			%{$s->{employee}} = $s->db_q("
				SELECT *
				FROM employees_v_login
				WHERE employee_id=?
				",'hash',
				c => "login$employee_id",
				cache_for => '60',
				v => [ $s->{employee_id} ]);
			$s->{api} = 1;
			_employee_permissions($s);
			delete $s->{in}{key};
			return 1;
		} else {
			$s->{error}{login} = "Invalid key";
			return 0;
		}	
	}
}

sub _check_cookie {
	my $s = shift;

	if ($s->{cookies}{L}) {
		my %hash = $s->db_q("
			SELECT *
			FROM employees_v_login
			WHERE cookie=?
			",'hash',
			v => [ $s->{cookies}{L} ],
			);

		if ($hash{employee_id}) {
			my $validate = $s->_cookie_key(
				employee_id => $hash{employee_id},
				passwd => $hash{passwd} || $hash{ip_addr},
				);

			if ($validate eq $s->{cookies}{L} && !$hash{account_expired}) {
				$s->{employee_id} = $hash{employee_id};
				$s->{employee} = { %hash };
				_employee_permissions($s);
				return 1;
			} else {
				push @{$s->{r}{set_cookie}}, 'L=; path=/;';
				$s->db_update_key('employees','employee_id',$hash{employee_id},{
					cookie => '',
					});
			}
		} else {
			push @{$s->{r}{set_cookie}}, 'L=; path="/";';
		}
	}

	return 0;
}

sub _cookie_key {
	my $s = shift;
	my %args = @_;

	# should we make the cookie expire today, or allow them to stay logged in
	# forever?  Default to today unless we have a site config that says otherwise

	my $expire;

	if ($s->{env}{ETERNAL_COOKIE}) {
		$expire = $s->{server_name}; # just add a little more to try and make this unique
	} else {
		$expire = time2str('%x',time());
	}

	return md5_hex("23xf$args{employee_id}wwcl8w4$args{passwd}hqs$expire");
}

1;



( run in 0.692 second using v1.01-cache-2.11-cpan-39bf76dae61 )