Commit 23ee91c4 authored by Yadd's avatar Yadd
Browse files

Modify _DBI::checkPassword to make it reuseable by another module than AuthDBI

parent 0a618cda
......@@ -203,8 +203,8 @@ sub keyToH {
# If $key is not set, uses Lemonldap::NG::Manager::struct().
# If the URL parameter key is set, uses Lemonldap::NG::Manager::cstruct()
# with this parameter.
# This function call itself 1 time if the key is not found using cstruct()
# using the flag $last.
# This function call itself 1 time if the key is not found using cstruct().
# The flag $last is used to avoid loop.
# @return An array containing :
# - the (sub)structure of the menu
# - the help chapter (using inheritance of the up key)
......
......@@ -44,17 +44,8 @@ sub authenticate {
return PE_ERROR unless $dbh;
# Check credentials
my $user = $self->{user};
my $password = $self->{password};
# Prevent SQL injection
$user =~ s/'/''/g;
$password =~ s/'/''/g;
# Password hash
$password = $self->hash_password( $password, $self->{dbiAuthPasswordHash} );
my $result = $self->check_password( $user, $password );
if ( $result ) {
my $result = $self->check_password($dbh);
if ($result) {
return PE_OK;
}
else {
......
......@@ -54,11 +54,8 @@ sub hash_password {
my $hash = shift;
if ( $hash =~ /^(md5|sha|sha1)$/i ) {
$self->lmLog(
"Using " . uc( $hash ) . " to hash password",
'debug'
);
return uc( $hash ) . "('$password')";
$self->lmLog( "Using " . uc($hash) . " to hash password", 'debug' );
return uc($hash) . "('$password')";
}
else {
$self->lmLog( "No valid password hash, using clear text for password",
......@@ -75,17 +72,24 @@ sub hash_password {
# @return boolean result
sub check_password {
my $self = shift;
my $user = shift;
my $password = shift;
my $dbh = shift;
my $user = $self->{user};
my $password = $self->{password};
my $table = $self->{dbiAuthTable};
my $loginCol = $self->{dbiAuthLoginCol};
my $passwordCol = $self->{dbiAuthPasswordCol};
# Prevent SQL injection
$user =~ s/'/''/g;
$password =~ s/'/''/g;
# Password hash
$password = $self->hash_password( $password, $self->{dbiAuthPasswordHash} );
my @rows = ();
eval {
my $sth = $self->{_dbh}->prepare(
"SELECT $loginCol FROM $table WHERE $loginCol='$user' AND $passwordCol=$password"
my $sth = $dbh->prepare(
"SELECT $loginCol FROM $table WHERE $loginCol='$user' AND $passwordCol=$password"
);
$sth->execute();
@rows = $sth->fetchrow_array();
......@@ -121,7 +125,8 @@ sub modify_password {
my $passwordCol = $self->{dbiAuthPasswordCol};
eval {
my $sth = $self->{_dbh}->prepare(
my $sth =
$self->{_dbh}->prepare(
"UPDATE $table SET $passwordCol=$password WHERE $loginCol='$user'");
$sth->execute();
};
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment