cleaned up pluggable auth.

2002-12-05 00:42:48 +00:00 · 2002-12-05 00:42:48 +00:00 · ee10a590d8
commit ee10a590d8
parent 96587791c0
8 changed files with 539 additions and 328 deletions
--- a/lib/WebGUI/Operation/Account.pm
+++ b/lib/WebGUI/Operation/Account.pm
@ -10,9 +10,7 @@ package WebGUI::Operation::Account;
 # http://www.plainblack.com                     info@plainblack.com
 #-------------------------------------------------------------------

-use Digest::MD5 qw(md5_base64);
 use Exporter;
-use Net::LDAP;
 use strict qw(vars subs);
 use URI;
 use WebGUI::DateTime;
@ -59,21 +57,6 @@ sub _accountOptions {
 	return $output;
 }

-#-------------------------------------------------------------------
-sub _hasBadPassword {
-	my ($error);
-	if ($_[0] ne $_[1]) {
-		$error = '<li>'.WebGUI::International::get(78);
-	} 
-	if ($_[0] eq "password") {
-		$error .= '<li>'.WebGUI::International::get(727);
-	}
-	if ($_[0] eq "") {
-		$error .= '<li>'.WebGUI::International::get(726);
-	}
-	return $error;
-}
-
 #-------------------------------------------------------------------
 sub _hasBadUsername {
 	my ($error,$otherUser);
@ -122,7 +105,7 @@ sub _validateProfileData {

 #-------------------------------------------------------------------
 sub www_createAccount {
-	my ($output, %language, @array, $cmd, $return,
+	my ($output, %language, @array,
        	$previousCategory, $category, $f, $a, %data, $default, $label, $values, $method);
        tie %data, 'Tie::CPHash';
 	if ($session{user}{userId} != 1) {
@ -137,15 +120,7 @@ sub www_createAccount {
 		unless ($session{setting}{authMethod} ne "WebGUI" && $session{setting}{usernameBinding}) {
 			$f->text("username",WebGUI::International::get(50),$session{form}{username});
 		}
-		if ($session{setting}{authMethod} ne 'WebGUI') {
-			$f->text("loginId", 'loginName');
-		}
- 
-		$cmd = $session{authentication}{$session{setting}{authMethod}} . "::formCreateAccount";
-		$return = eval {&$cmd};
-               	WebGUI::ErrorHandler::fatalError("Unable to load method formCreateAccount on Authentication module: $session{setting}{authMethod}. ".$@) if($@);
-		$f->raw($return);
-
+		$f->raw(WebGUI::Authentication::registrationForm());
        	$a = WebGUI::SQL->read("select * from userProfileField,userProfileCategory 
 			where userProfileField.profileCategoryId=userProfileCategory.profileCategoryId 
 			order by userProfileCategory.sequenceNumber,userProfileField.sequenceNumber");
@ -205,22 +180,14 @@ sub www_createAccountSave {
                $username = $session{form}{username};
        }
 	$error = _hasBadUsername($username);
-
-	$cmd = $session{authentication}{$session{setting}{authMethod}} . '::hasBadUserData';
-	$error .= eval {&$cmd};
-	WebGUI::ErrorHandler::fatalError("Unable to load method hasBadUserData on Authentication module: $session{setting}{authMethod}. ".$@) if($@);
-
+	$error .= WebGUI::Authentication::registrationFormValidate();
 	($profile, $temp) = _validateProfileData();
 	$error .= $temp;
        if ($error eq "") {
 		$u = WebGUI::User->new("new");
 		$u->username($username);
 		$u->authMethod($session{setting}{authMethod});
-
-		$cmd = $session{authentication}{$session{setting}{authMethod}} . '::saveCreateAccount';
-		eval {&$cmd($u->userId)};
-               	WebGUI::ErrorHandler::fatalError("Unable to load method saveCreateAccount on Authentication module: $session{setting}{authMethod}. ".$@) if($@);
-
+		WebGUI::Authentication::registrationFormSave($u->userId);
 		$u->karma($session{setting}{karmaPerLogin},"Login","Just for logging in.") if ($session{setting}{useKarma});
 		foreach $fieldName (keys %{$profile}) {
 			$u->profileField($fieldName,${$profile}{$fieldName});
@ -282,14 +249,7 @@ sub www_displayAccount {
 		} else {
        		$f->text("username",WebGUI::International::get(50),$session{user}{username});
 		}
-
-		if ($session{user}{authMethod} ne "WebGUI") {
-        		$f->hidden("identifier1","password");
-        		$f->hidden("identifier2","password");
-		} else {
-        		$f->password("identifier1",WebGUI::International::get(51),"password");
-        		$f->password("identifier2",WebGUI::International::get(55),"password");
-		}
+		$f->raw(WebGUI::Authentication::userForm());
 		$f->submit;
 		$output .= $f->print;
 		$output .= _accountOptions();
@ -420,9 +380,7 @@ sub www_login {
 	if ($uid) {
 		$u = WebGUI::User->new($uid);
 		if ($u->status eq 'Active') {
-			$cmd = $session{authentication}{$u->authMethod}."::validateUser";
-			$success = eval{&$cmd($uid, $session{form}{identifier})};
-			WebGUI::ErrorHandler::fatalError("Unable to load method validateUser on Authentication module: $_. ".$@) if($@);
+			$success = WebGUI::Authentication::authenticate($uid,$session{form}{identifier},$u->authMethod);
 		} else {
 			$success = WebGUI::International::get(820);			
 		}
@ -437,6 +395,7 @@ sub www_login {
 		return "";
 	} else {
 		_logLogin($uid, $success);
+		WebGUI::ErrorHandler::security("login to account ".$session{form}{username}." with invalid information.");
 		return "<h1>".WebGUI::International::get(70)."</h1>".$success.www_displayLogin();
 	}
 }
@ -507,15 +466,14 @@ sub www_recoverPasswordFinish {
 sub www_updateAccount {
        my ($output, $error, $encryptedPassword, $passwordStatement, $u);
        if ($session{user}{userId} != 1) {
-        	if ($session{form}{identifier1} ne "password") {
-			$error = _hasBadPassword($session{form}{identifier1},$session{form}{identifier2});
-		}
+		$error = WebGUI::Authentication::userFormValidate();
 		$error .= _hasBadUsername($session{form}{username});
        	if ($error eq "") {
 			$u = WebGUI::User->new($session{user}{userId});
-			$u->identifier(Digest::MD5::md5_base64($session{form}{identifier1})) if ($session{form}{identifier1} ne "password");
 			$u->username($session{form}{username});
-                	$output .= WebGUI::International::get(81).'<p>';
+			WebGUI::Authentication::userFormSave();
+                	$output .= '<li>'.WebGUI::International::get(81).'<p>';
+			WebGUI::Session::refreshUserInfo($u->userId);
        	} else {
                	$output = $error;
        	}
--- a/lib/WebGUI/Operation/Settings.pm
+++ b/lib/WebGUI/Operation/Settings.pm
@ -56,14 +56,9 @@ sub www_editUserSettings {
        $f->select("authMethod",\%authMethod,WebGUI::International::get(119),[$session{setting}{authMethod}]);
        $f->yesNo("usernameBinding",WebGUI::International::get(306),$session{setting}{usernameBinding});
 	$f->yesNo("selfDeactivation","Allow users to deactivate their account",$session{setting}{selfDeactivation});
-
-	foreach (@{$session{authentication}{available}}) {
-               	$cmd = "WebGUI::Authentication::".$_."::formEditUserSettings";
-               	$html = eval{&$cmd};
-               	WebGUI::ErrorHandler::fatalError("Unable to load method formEditUserSettings on Authentication module: $_. ".$@) if($@);
-		$f->raw($html);
+	foreach (keys %{$session{authentication}}) {
+		$f->raw(WebGUI::Authentication::settingsForm($_));
 	}
-
 	$f->submit;
 	$output .= $f->print;
        return _submenu($output);
--- a/lib/WebGUI/Operation/User.pm
+++ b/lib/WebGUI/Operation/User.pm
@ -10,7 +10,6 @@ package WebGUI::Operation::User;
 # http://www.plainblack.com                     info@plainblack.com
 #-------------------------------------------------------------------

-use Digest::MD5 qw(md5_base64);
 use Exporter;
 use strict qw(vars subs);
 use Tie::CPHash;
@ -56,8 +55,7 @@ sub _submenu {

 #-------------------------------------------------------------------
 sub www_addUser {
-        my (@array, $output, $groups, %hash, $f, $cmd, $html, %status);
-	tie %hash, 'Tie::IxHash';
+        my (@array, $output, $groups, $f, $cmd, $html, %status);
        return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3));
        $output .= helpIcon(5);
 	$output .= '<h1>'.WebGUI::International::get(163).'</h1>';
@ -80,14 +78,9 @@ sub www_addUser {
        push(@array,7); #everyone
        $groups = WebGUI::SQL->buildHashRef("select groupId,groupName from groups where groupId not in (".join(",",@array).") order by groupName");
        $f->select("groups",$groups,WebGUI::International::get(605),[],5,1);
-	%hash = map {$_ => $_} @{$session{authentication}{available}};
-	$f->select("authMethod",\%hash,WebGUI::International::get(164),[$session{setting}{authMethod}]);
-
-	foreach (@{$session{authentication}{available}}) {
-              	$cmd = "WebGUI::Authentication::".$_."::formAddUser";
-              	$html = eval{&$cmd};
-               	WebGUI::ErrorHandler::fatalError("Unable to load method formAddUser on Authentication module: $_. ".$@) if($@);
-		$f->raw($html);
+	$f->select("authMethod",$session{authentication},WebGUI::International::get(164),[$session{setting}{authMethod}]);
+	foreach (keys %{$session{authentication}}) {
+		$f->raw(WebGUI::Authentication::adminForm(0,$_));
 	}
 	$f->submit;
 	$output .= $f->print;
@ -104,13 +97,9 @@ sub www_addUserSave {
 		$u = WebGUI::User->new("new");
 		$session{form}{uid}=$u->userId;
 		$u->username($session{form}{username});
-
-		foreach (@{$session{authentication}{available}}) {
-        	       	$cmd = "WebGUI::Authentication::".$_."::saveAddUser";
-                	eval{&$cmd};
-                	WebGUI::ErrorHandler::fatalError("Unable to load method saveAddUser on Authentication module: $_. ".$@) if($@);
+		foreach (keys %{$session{authentication}}) {
+			WebGUI::Authentication::adminFormSave($u->userId,$_);
 	 	}
-		
 		$u->status($session{form}{status});
 		$u->authMethod($session{form}{authMethod});
               	@groups = $session{cgi}->param('groups');
@ -180,6 +169,7 @@ sub www_deleteUserConfirm {
 		return WebGUI::Privilege::vitalComponent();
        } else {
 		$u = WebGUI::User->new($session{form}{uid});
+		WebGUI::Authentication::deleteParams($u->userId);
 		$u->delete;
                return www_listUsers();
        }
@ -215,7 +205,7 @@ sub www_editGroupingSave {
 #-------------------------------------------------------------------
 sub www_editUser {
 	return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3));
-        my ($output, $f, $u, $cmd, $html, %hash, %status);
+        my ($output, $f, $u, $cmd, $html, %status);
 	$u = WebGUI::User->new($session{form}{uid});
        $output .= helpIcon(5);
 	$output .= '<h1>'.WebGUI::International::get(168).'</h1>';
@ -227,7 +217,6 @@ sub www_editUser {
        $f->readOnly(epochToHuman($u->dateCreated,"%z"),WebGUI::International::get(453));
        $f->readOnly(epochToHuman($u->lastUpdated,"%z"),WebGUI::International::get(454));
        $f->text("username",WebGUI::International::get(50),$u->username);
-
 	tie %status, 'Tie::IxHash';
 	%status = (
 		Active		=>WebGUI::International::get(817),
@ -235,17 +224,10 @@ sub www_editUser {
 		Selfdestructed	=>WebGUI::International::get(819)
 		);
 	$f->select("status",\%status,WebGUI::International::get(816),[$u->status]);
-
-	%hash = map {$_ => $_} @{$session{authentication}{available}};	
-       	$f->select("authMethod",\%hash,WebGUI::International::get(164),[$session{setting}{authMethod}]);
-
-	foreach (@{$session{authentication}{available}}) {
-               	$cmd = "WebGUI::Authentication::".$_."::formEditUser";
-               	$html = eval{&$cmd};
-               	WebGUI::ErrorHandler::fatalError("Unable to load method formEditUser on Authentication module: $_. ".$@) if($@);
-		$f->raw($html);
+       	$f->select("authMethod",$session{authentication},WebGUI::International::get(164),[$session{setting}{authMethod}]);
+	foreach (keys %{$session{authentication}}) {
+		$f->raw(WebGUI::Authentication::adminForm($u->userId,$_));
 	}
-
        $f->submit;
 	$output .= $f->print;
 	return _submenu($output);
@ -261,10 +243,8 @@ sub www_editUserSave {
 		$u->username($session{form}{username});
 		$u->authMethod($session{form}{authMethod});
 		$u->status($session{form}{status});
-		foreach (@{$session{authentication}{available}}) {
-                	$cmd = "WebGUI::Authentication::".$_."::saveEditUser";
-               		eval{&$cmd};
-               		WebGUI::ErrorHandler::fatalError("Unable to load method saveEditUser on Authentication module: $_. ".$@) if($@);
+		foreach (keys %{$session{authentication}}) {
+			WebGUI::Authentication::adminFormSave($u->userId,$_);
 	 	}
 	} else {
                $error = '<ul><li>'.WebGUI::International::get(77).' '.$session{form}{username}.'Too or '.$session{form}{username}.'02</ul>';