Gantry
view release on metacpan or search on metacpan
lib/Gantry/Plugins/AuthCookie.pm view on Meta::CPAN
# check for controller config, look for auth stuff and process
if ( my $config_ref = $gobj->can( 'controller_config' ) ) {
my $config = $config_ref->();
foreach my $m ( @{ $config->{authed_methods} } ) {
if ( $m->{action} eq $gobj->action() ) {
$gobj->auth_deny( 'yes' );
# set group access
if ( $m->{group} ) {
$gobj->auth_require( 'group' );
$gobj->auth_groups( $m->{group} );
}
# set valid-user access
else {
$gobj->auth_require( 'valid-user' );
}
}
}
}
if ( $gobj->auth_optional() eq 'yes' && $gobj->auth_deny() ne 'yes' ) {
validate_user( $gobj );
}
elsif ( $gobj->auth_deny() eq 'yes' ) {
# check auth && redirect if not authed
if ( ! validate_user( $gobj ) ) {
my $goto;
my $qstring = '';
my $req = $gobj->apache_request();
my $loc = $gobj->location;
my $uri = $gobj->uri;
my $crypt = Gantry::Utils::Crypt->new(
{ 'secret' => $gobj->auth_secret() }
);
$uri =~ s/^$loc//;
$goto = $uri || '/';
# Add parameters.
foreach my $param ( $req->param() ) {
$qstring .= sprintf( '&%s=%s', $param, $req->param( $param ) );
}
if ( $qstring ) {
# Change the first & to a ? and add query string to goto.
$qstring =~ s/^&/?/o;
$goto .= $qstring;
}
# Encrypt goto
$goto = $gobj->url_encode( $crypt->encrypt( $goto ) );
$loc =~ s!^/$!!; # fix for root page login redirection
$gobj->relocate( $loc . "/login?url=${goto}" );
}
}
}
#-----------------------------------------------------------
# validate_user
#-----------------------------------------------------------
sub validate_user {
my $gobj = shift;
# stash an empty object
my $obj = Gantry::Plugins::AuthCookie::AuthUserObject->new( {
'id' => '',
'user_id' => '',
$gobj->auth_user_field() => '',
$gobj->auth_password_field() => '',
} );
$gobj->auth_user_row( $obj );
# immediately return success for login and static
my $app_rootp = $gobj->app_rootp() || '';
my $regex = qr/^${app_rootp}\/(login|static).*/;
return 1 if $gobj->uri =~ /^$regex|login|cookiecheck$/;
my $cookie_name = 'auth_cookie';
eval { $cookie_name = $gobj->auth_cookie_name(); };
my $cookie = $gobj->get_cookies( $cookie_name );
return 0 if ! $cookie;
my( $username, $password ) = decrypt_cookie( $gobj, $cookie );
return 0 if ( ! $username || ! $password );
my $user_groups = {};
if ( $gobj->auth_file() ) {
my $pwfile = Authen::Htpasswd->new(
$gobj->auth_file(), { encrypt_hash => 'md5' }
);
my $user = $pwfile->lookup_user( $username );
return 0 if ! $user;
if ( $user && $user->check_password( $password ) ) {
my $obj = Gantry::Plugins::AuthCookie::AuthUserObject->new( {
id => $username,
user_id => $username,
$gobj->auth_user_field() => $username,
} );
$gobj->auth_user_row( $obj );
$gobj->user( $username );
}
else {
return 0;
lib/Gantry/Plugins/AuthCookie.pm view on Meta::CPAN
my $domain;
eval { $cookie_name = $self->auth_cookie_name(); };
eval { $domain = $self->auth_cookie_domain(); };
my $encd = encrypt_cookie(
$self,
$opts->{user},
$opts->{password}
);
# set cookie, redirect to do_frontpage.
$self->set_cookie( {
name => $cookie_name,
value => $encd,
path => '/',
domain => $domain,
} );
}
#-----------------------------------------------------------
# auth_execute_logout
#-----------------------------------------------------------
sub auth_execute_logout {
my ( $self ) = @_;
my $cookie_name = 'auth_cookie';
my $domain;
eval { $cookie_name = $self->auth_cookie_name(); };
eval { $domain = $self->auth_cookie_domain(); };
$self->set_cookie( {
name => $cookie_name,
value => '',
expires => 0,
path => '/',
domain => $domain,
} );
}
#-----------------------------------------------------------
# do_login
#-----------------------------------------------------------
sub do_login {
my ( $self, $page ) = @_;
my %param = $self->get_param_hash();
my $cookie_name = 'auth_cookie';
my $domain;
eval { $cookie_name = $self->auth_cookie_name(); };
eval { $domain = $self->auth_cookie_domain(); };
if ( defined $param{logout} ) {
$self->auth_execute_logout();
my $relocation;
eval {
$relocation = $self->auth_logout_url;
};
if ( $@ ) {
$relocation = auth_logout_url( $self );
}
$self->relocate( $relocation );
return();
}
$page ||= $param{page};
$self->stash->view->template( 'login.tt' );
$self->stash->view->title( 'Login' );
my @errors;
if ( ! ( @errors = checkvals( $self ) ) ) {
$self->auth_execute_login( {
user => $param{username},
password => $param{password}
} );
# check for url param then redirect
if ( $param{url} ) {
my $crypt = Gantry::Utils::Crypt->new(
{ 'secret' => $self->auth_secret() }
);
$self->relocate( $self->location . $crypt->decrypt( $param{url} ) );
}
# check for ":" separated paths then redirect
elsif ( $page ) {
$page =~ s/\:/\//g;
$self->relocate( $page );
}
# else send them to the application root
else {
$self->relocate( $self->auth_login_url );
}
return();
}
my $retval = {};
my $url = $param{url} || '';
$retval->{page} = $page;
$retval->{url} = $url;
$retval->{param} = \%param;
$retval->{login_form} = login_form( $self, $page, $url );
$retval->{errors} = ( $self->is_post() ) ? \@errors : 0;
$self->status( $self->status_const( 'FORBIDDEN' ) );
$self->stash->view->data( $retval );
}
#-------------------------------------------------
# login_form( $self )
#-------------------------------------------------
sub login_form {
my ( $self, $page, $url ) = @_;
my %in = $self->get_param_hash();
$in{page} = $page;
$in{url} = $url;
my @form = ( ht_form( $self->uri ),
q!<TABLE border=0>!,
ht_input( 'page', 'hidden', \%in ),
ht_input( 'url', 'hidden', \%in ),
q!<TR><TD><B>Username</B><BR>!,
ht_input( 'username', 'text', \%in, 'size=15 id="username"' ),
qq!</TD></TR>!,
q!<TR><TD><B>Password</B><BR>!,
ht_input( 'password', 'password', \%in, 'size=15' ),
q!</TD></TR>!,
q!<TR><TD align=right>!,
ht_submit( 'submit', 'Log In' ),
q!</TD></TR>!,
q!</TABLE>!,
ht_uform()
);
return( join( ' ', @form ) );
} # END login_form
#-------------------------------------------------
# decrypt_cookie
#-------------------------------------------------
sub decrypt_cookie {
my ( $self, $encrypted ) = @_;
$encrypted ||= '';
( run in 1.071 second using v1.01-cache-2.11-cpan-5511b514fd6 )