Name

Bric::App::Auth - Does the dirty work of authentication.

Synopsis

<Perl>
use lib '/usr/local/bricolage/lib';
</Perl>
<VirtualHost _default_:443>
    ErrorLog /usr/local/apache/logs/error_log
    TransferLog /usr/local/apache/logs/access_log
    SSLEngine on
    SSLCipherSuite ALL:!ADH:!EXP56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
    SSLCertificateFile /usr/local/apache/conf/ssl.crt/server.crt
    SSLCertificateKeyFile /usr/local/apache/conf/ssl.key/server.key
    <Location /login>
        SetHandler perl-script
        PerlHandler Bric::App::Auth
    </Location>
</VirtualHost>

Description

This module handles the user authentication.

Interface

Constructors

NONE.

Destructors

NONE.

Public Class Methods

NONE.

Public Functions

my ($res, $msg) = auth($r)

Checks to see if the user is logged in to the current session. Used by Bric::App::AccessHandler.

Throws: NONE.

Side Effects: NONE.

Notes: NONE.

my ($bool, $msg) = login($r, $username, $password)

Logs the user into Bricolage, setting the authentication cookie to allow future access that can be checked by a call to auth(). $bool is true on successful login. $bool is undef on failed login, and $msg contains the reason why the login failed.

Throws: None.

Side Effects: NONE.

Notes: NONE.

masquerade($r, $user)

Sets up a different user for the current user to masquerade as. This is useful when an administrator needs a to masquerade as another user in order to check in assets that user hasn't checked in. Note that masquerade() performs no authentication. It is expected that the current user will have permission to masquerade as the user passed in.

Throws: None.

Side Effects: NONE.

Notes: NONE.

my $bool = logout($r)

Logs the currently logged-in user out.

Throws: None.

Side Effects: NONE.

Notes: NONE.

Private

Private Class Methods

NONE.

Private Instance Methods

NONE.

Private Functions

my $cookie = $make_cookie->($r, $username)
my $cookie = $make_cookie->($r, $username, $lul_time)

Bakes the authentication cookie.

Throws: None.

Side Effects: NONE.

Notes: NONE.

my ($hash, $exp, $ip) = &$make_hash($r, $un)
my ($hash, $exp, $ip) = &$make_hash($r, $un, $exp, $ip, $lul)

Returns the data points required for baking cookies. These include the MD5 hash, the expiration time, and the IP subnet.

Throws: None.

Side Effects: NONE.

Notes: NONE.

my ($ret, $msg) = &$fail($r, $msg)

Expires the user session and then returns an error message explaining why the user wasn't able to authenticate.

Throws:

Side Effects: NONE.

Notes: NONE.

Notes

NONE.

Author

David Wheeler <david@justatheory.com>

See Also

Bric