diff --git a/lib/WebGUI/Auth.pm b/lib/WebGUI/Auth.pm
index 31c00b70a..590f283e5 100644
--- a/lib/WebGUI/Auth.pm
+++ b/lib/WebGUI/Auth.pm
@@ -302,7 +302,7 @@ sub createAccountSave {
$u->authMethod($self->authMethod);
$u->karma($self->session->setting->get("karmaPerLogin"),"Login","Just for logging in.") if ($self->session->setting->get("useKarma"));
$u->updateProfileFields($profile) if ($profile);
- $self->saveParams($userId,$self->authMethod,$properties);
+ $self->update($properties);
if ($self->getSetting("sendWelcomeMessage")){
my $var;
@@ -433,32 +433,65 @@ sub deactivateAccountConfirm {
#-------------------------------------------------------------------
+=head2 delete ( [param] )
+
+Delete one or all parameters for this auth method. Deleting all parameters
+effectively removes this auth method from the user.
+
+=cut
+
+sub delete {
+ my ( $self, $param ) = @_;
+ my ( $db ) = $self->session->quick(qw( db ));
+
+ if ( $param ) {
+ $db->write( "DELETE FROM authentication WHERE userId=? AND authMethod=? AND fieldName=?",
+ [ $self->userId, $self->authMethod, $param ]
+ );
+ }
+ else {
+ $db->write( "DELETE FROM authentication WHERE userId=? AND authMethod=?",
+ [ $self->userId, $self->authMethod ]
+ );
+ }
+}
+
+#-------------------------------------------------------------------
+
=head2 deleteParams ( )
+NOTE: This method is deprecated and will be removed in a future version. Instead,
+use delete() to delete this auth method from the user.
+
Removes the user's authentication parameters from the database for all
authentication methods. This is primarily useful when deleting the user's
account.
=cut
+# DEPRECATED. Remove in 9.0
sub deleteParams {
my $self = shift;
- $self->session->db->write("delete from authentication where userId=".$self->session->db->quote($self->userId));
+ $self->delete;
}
#-------------------------------------------------------------------
=head2 deleteSingleParam ( )
+NOTE: This method is deprecated and will be removed in a future version. Instead,
+use delete("param") to delete a single param from this auth method.
+
Removes a single authentication parameter from the database.
=cut
+# DEPRECATED. Remove in 9.0
sub deleteSingleParam {
my $self = shift;
my ($userId, $authMethod, $fieldName) = @_;
- $self->session->db->write('delete from authentication where userId = ? and authMethod = ? and fieldName = ?', [$userId, $authMethod, $fieldName]);
+ $self->delete( $fieldName );
}
@@ -579,37 +612,48 @@ sub editUserForm {
#-------------------------------------------------------------------
-=head2 editUserFormSave ( properties )
+=head2 editUserFormSave ( )
Saves user elements unique to this authentication method
=cut
sub editUserFormSave {
- my $self = shift;
- $self->saveParams($self->userId,$self->authMethod,$_[0]);
+ # Added for interface purposes only. Needs to be implemented in the subclass
}
#-------------------------------------------------------------------
-=head2 editUserSettingsForm ( )
+=head2 editSettingsForm ( )
You need to override this method in your auth module. It needs to return a the rows in a form for the stuff you want to be configured through webgui settings.
=cut
+sub editSettingsForm {
+}
+
+# Backwards compatiblity for method renaming
sub editUserSettingsForm {
+ my $self = shift;
+ return $self->editSettingsForm( @_ );
}
#-------------------------------------------------------------------
-=head2 editUserSettingsFormSave ( )
+=head2 editSettingsFormSave ( )
-You need to override this method in your auth module. It's the save for the editUserSettingsFormSave method.
+You need to override this method in your auth module. It's the save for the editSettingsFormSave method.
=cut
+sub editSettingsFormSave {
+}
+
+# Backwards compatiblity for method renaming
sub editUserSettingsFormSave {
+ my $self = shift;
+ return $self->editSettingsFormSave( @_ );
}
#-------------------------------------------------------------------
@@ -623,9 +667,37 @@ Sets or returns the error currently stored in the object
sub error {
my $self = shift;
return $self->{error} if (!$_[0]);
+ $self->session->log->error( $_[0] );
$self->{error} = $_[0];
}
+#----------------------------------------------------------------------------
+
+=head2 get ( [param] )
+
+Get one or all parameters for this auth instance. Returns either a hashref or a
+single scalar.
+
+=cut
+
+sub get {
+ my ( $self, $param ) = @_;
+ my ( $db ) = $self->session->quick(qw( db ));
+
+ if ( $param ) {
+ return $db->quickScalar(
+ "SELECT fieldData FROM authentication WHERE userId=? AND authMethod=? AND fieldName=?",
+ [ $self->userId, $self->authMethod, $param ],
+ );
+ }
+ else {
+ return $db->buildHashRef(
+ "SELECT fieldName, fieldData FROM authentication WHERE userId=? AND authMethod=?",
+ [ $self->userId, $self->authMethod ],
+ );
+ }
+}
+
#-------------------------------------------------------------------
=head2 getAccountTemplateId ( )
@@ -732,10 +804,13 @@ sub getLoginTemplateId {
=head2 getParams ( )
+NOTE: This method is deprecated and will be removed in a future version. Use get() instead.
+
Returns a hash reference with the user's authentication information. This method uses data stored in the instance of the object.
=cut
+# DEPRECATED. Remove in 9.0
sub getParams {
my $self = shift;
my $userId = $_[0] || $self->userId;
@@ -780,23 +855,29 @@ sub init {
=head2 isAdmin ()
+NOTE: This method is deprecated. Use user->isAdmin instead.
+
Returns 1 if the user is user 3 (admin).
=cut
+# DEPRECATED. Remove in 9.0
sub isAdmin {
my $self = shift;
- return $self->userId eq '3';
+ return $self->user->isAdmin;
}
#-------------------------------------------------------------------
=head2 isCallable ( method )
+NOTE: Deprecated. Unnecessary when setCallable is removed.
+
Returns whether or not a method is callable
=cut
+# DEPRECATED. Remove in 9.0
sub isCallable {
my $self = shift;
return 1 if $_[0] ~~ $self->{callable};
@@ -808,23 +889,29 @@ sub isCallable {
=head2 isRegistered ()
+NOTE: Deprecated. Use user->isRegistered instead.
+
Returns 1 if the user is not a visitor.
=cut
+# DEPRECATED. Remove in 9.0
sub isRegistered {
my $self = shift;
- return $self->userId ne '1';
+ return $self->user->isRegistered;
}
#-------------------------------------------------------------------
=head2 isVisitor ()
+NOTE: Deprecated. Use user->isVisitor instead.
+
Returns 1 if the user is a visitor.
=cut
+# DEPRECATED. Remove in 9.0
sub isVisitor {
my $self = shift;
return $self->userId eq '1';
@@ -843,7 +930,6 @@ Open version tag is reclaimed if user is in site wide or singlePerUser mode.
sub login {
my $self = shift;
-
#Create a new user
my $uid = $self->userId;
my $u = WebGUI::User->new($self->session,$uid);
@@ -923,61 +1009,37 @@ sub logout {
#-------------------------------------------------------------------
-=head2 new ( session, authMethod [,userId,callable] )
+=head2 new ( session, [ userId ] )
Constructor.
=head3 session
-=head3 authMethod
-
-This object's authentication method
-
=head3 userId
userId for the user requesting authentication. This defaults to $self->session->user->userId
-=head3 callable
-
-Array reference of methods allowed to be called externally;
-
=cut
sub new {
- my $self = {};
my $class = shift;
+ my $self = bless {}, $class;
$self->{_session} = shift;
- $self->{authMethod} = shift;
my $userId = shift || $self->{_session}->user->userId;
- # Can't do this... if you're updating the account of a user that's not you, this will not work
- #$self->{user} = $self->{_session}->user;
$self->{user} = WebGUI::User->new($self->{_session}, $userId);
$self->{error} = "";
$self->{profile} = ();
- $self->{warning} = "";
- my $call = shift;
- my @callable = ('init', 'showMessageOnLogin', @{$call});
- $self->{callable} = \@callable;
- bless $self, $class;
+
+ # Determine the authmethod from the classname
+ ($self->{authMethod}) = $class =~ m/^WebGUI::Auth::(.+)/;
+
+ $self->setCallable([qw( init showMessageOnLogin )]);
+
return $self;
}
#-------------------------------------------------------------------
-=head2 profile ( )
-
-Sets or returns the Profile hash for a user.
-
-=cut
-
-sub profile {
- my $self = shift;
- return $self->{profile} if (!$_[0]);
- $self->{profile} = $_[0];
-}
-
-#-------------------------------------------------------------------
-
sub session {
my $self = shift;
return $self->{_session};
@@ -987,6 +1049,9 @@ sub session {
=head2 setCallable ( callableMethods )
+NOTE: This method is deprecated and will be removed in a future version. Instead,
+any method prefixed with www_ is available from the web interface.
+
adds elements to the callable routines list. This list determines whether or not a method in this instance is
allowed to be called externally
@@ -996,6 +1061,7 @@ Array reference containing a list of methods for this authentication instance th
=cut
+# DEPRECATED. Remove in 9.0
sub setCallable {
my $self = shift;
my @callable = @{$self->{callable}};
@@ -1007,6 +1073,9 @@ sub setCallable {
=head2 saveParams ( userId, authMethod, data )
+NOTE: This method is deprecated and will be removed in a future version. Instead,
+use update() to update the parameters of this auth instance.
+
Saves the user's authentication parameters to the database.
=head3 userId
@@ -1023,13 +1092,11 @@ A hash reference containing parameter names and values to be saved.
=cut
+# DEPRECATED. Remove in 9.0
sub saveParams {
my $self = shift;
my ($uid, $authMethod, $data) = @_;
- foreach (keys %{$data}) {
- $self->session->db->write("delete from authentication where userId=".$self->session->db->quote($uid)." and authMethod=".$self->session->db->quote($authMethod)." and fieldName=".$self->session->db->quote($_));
- $self->session->db->write("insert into authentication (userId,authMethod,fieldData,fieldName) values (".$self->session->db->quote($uid).",".$self->session->db->quote($authMethod).",".$self->session->db->quote($data->{$_}).",".$self->session->db->quote($_).")");
- }
+ return $self->update( $data );
}
#----------------------------------------------------------------------------
@@ -1057,8 +1124,6 @@ sub showMessageOnLogin {
# Add the link to continue
my $session = $self->session;
- $session->log->warn("returnUrl: >".$self->session->form->get( 'returnUrl' )."<");
- $session->log->warn("redirectAfterLoginUrl: >".$self->session->form->get( 'returnUrl' )."<");
my $redirectUrl = $self->session->form->get( 'returnUrl' )
|| $self->session->setting->get("redirectAfterLoginUrl")
|| $self->session->scratch->get( 'redirectAfterLogin' )
@@ -1101,6 +1166,39 @@ sub timeRecordSession {
}
}
+#----------------------------------------------------------------------------
+
+=head2 update ( params )
+
+Update the parameters for this auth instance. Params is a list of name => value pairs.
+
+=cut
+
+sub update {
+ my $self = shift;
+ my ( $db ) = $self->session->quick(qw( db ));
+ my %params;
+
+ # Allow both hashref and hash
+ if ( @_ == 1 ) {
+ %params = %{ $_[0] };
+ }
+ else {
+ %params = @_;
+ }
+
+ foreach my $param (keys %params) {
+ $db->write(
+ "delete from authentication where userId=? and authMethod=? and fieldName=?",
+ [ $self->userId, $self->authMethod, $param ],
+ );
+ $db->write(
+ "insert into authentication (userId,authMethod,fieldName,fieldData) values (?,?,?,?)",
+ [ $self->userId, $self->authMethod, $param, $params{ $param } ],
+ );
+ }
+}
+
#-------------------------------------------------------------------
=head2 user ( [user] )
@@ -1168,18 +1266,4 @@ sub validUsername {
return $error eq "";
}
-#-------------------------------------------------------------------
-
-=head2 warning ( [warningMsg] )
-
-Sets or Returns a warning in the object
-
-=cut
-
-sub warning {
- my $self = shift;
- return $self->{warning} if (!$_[0]);
- $self->{warning} = $_[0];
-}
-
1;
diff --git a/lib/WebGUI/Auth/Facebook.pm b/lib/WebGUI/Auth/Facebook.pm
index 3801e0950..7b03bbb9f 100644
--- a/lib/WebGUI/Auth/Facebook.pm
+++ b/lib/WebGUI/Auth/Facebook.pm
@@ -34,19 +34,6 @@ These methods are available from this class:
#----------------------------------------------------------------------------
-=head2 new ( ... )
-
-Create a new object
-
-=cut
-
-sub new {
- my $self = shift->SUPER::new(@_);
- return bless $self, __PACKAGE__; # Auth requires rebless
-}
-
-#----------------------------------------------------------------------------
-
=head2 createFacebookUser ( fbuser )
my $user = $self->createFacebookUser( $fb->fetch('me') );
@@ -62,9 +49,9 @@ sub createFacebookUser {
$user->profileField('email', $fbuser->{email});
$user->profileField('firstName', $fbuser->{first_name});
$user->profileField('lastName', $fbuser->{last_name});
- $self->saveParams( $user->userId, $self->authMethod, {
+ $self->update(
"facebookUserId" => $fbuser->{id},
- } );
+ );
return $user;
}
diff --git a/lib/WebGUI/Auth/LDAP.pm b/lib/WebGUI/Auth/LDAP.pm
index fc8d83921..e8f508ffc 100644
--- a/lib/WebGUI/Auth/LDAP.pm
+++ b/lib/WebGUI/Auth/LDAP.pm
@@ -154,7 +154,9 @@ sub authenticate {
my $userId = $self->userId;
my $identifier = $_[1];
- my $userData = $self->getParams;
+ my $userData = $self->get;
+
+ $self->session->log->error( "USERID: " . $userId );
$error .= ''.$i18n->get(12,'AuthLDAP').'' if ($userData->{ldapUrl} eq "");
$error .= ''.$i18n->get(11,'AuthLDAP').'' if ($userData->{connectDN} eq "");
@@ -185,7 +187,7 @@ sub authenticate {
# _isValidLDAPUser will set _connectDN to new correct value
$auth = $ldap->bind(dn=>$self->{_connectDN}, password=>$identifier);
my $message = "DN has been changed for user ".$_[0]." from \"".$userData->{connectDN}."\" to \"".$self->{_connectDN}."\"";
- $self->saveParams($self->user->userId, $self->authMethod, { connectDN => $self->{_connectDN} });
+ $self->update( connectDN => $self->{_connectDN} );
$self->session->log->warn($message);
}
@@ -453,7 +455,7 @@ sub displayLogin {
sub editUserForm {
my $self = shift;
- my $userData = $self->getParams;
+ my $userData = $self->get;
my $connection = $self->getLDAPConnection;
return '' unless $connection;
my $ldapUrl = $self->session->form->process('authLDAP_ldapUrl') || $userData->{ldapUrl} || $connection->{ldapUrl};
@@ -729,20 +731,21 @@ sub login {
#-------------------------------------------------------------------
-=head2 new ( session, authMethod, userId )
+=head2 new ( session, userId )
-Create a new Auth instance. C is the name of this auth method ("ldap").
-C is the ID of the user to be authenticated.
+Create a new Auth instance. C is the ID of the user to be authenticated.
=cut
sub new {
my $class = shift;
my $session = shift;
- my $authMethod = $_[0];
- my $userId = $_[1];
- my @callable = ('createAccount','deactivateAccount','displayAccount','displayLogin','login','logout','createAccountSave','deactivateAccountConfirm');
- my $self = WebGUI::Auth->new($session,$authMethod,$userId,\@callable);
+ my $userId = shift;
+ my $self = $class->SUPER::new($session,$userId);
+ $self->setCallable([
+ 'createAccount','deactivateAccount','displayAccount','displayLogin',
+ 'login','logout','createAccountSave','deactivateAccountConfirm',
+ ]);
#my $connection = $session->scratch->get("ldapConnection") || $session->setting->get("ldapConnection");
#my $ldaplink = WebGUI::LDAPLink->new($session,$connection);
#$self->{_connection} = $ldaplink->get if $ldaplink;
@@ -751,7 +754,7 @@ sub new {
my %ldapStatusCode = map { $_ => $i18n->get("LDAPLink_".$_) }
(0..21, 32,33,34,36, 48..54, 64..71, 80);
$self->{_statusCode} = \%ldapStatusCode;
- bless $self, $class;
+ return $self;
}
#-------------------------------------------------------------------
diff --git a/lib/WebGUI/Auth/Twitter.pm b/lib/WebGUI/Auth/Twitter.pm
index de2408aa1..21c6d974c 100644
--- a/lib/WebGUI/Auth/Twitter.pm
+++ b/lib/WebGUI/Auth/Twitter.pm
@@ -34,19 +34,6 @@ These methods are available from this class:
#----------------------------------------------------------------------------
-=head2 new ( ... )
-
-Create a new object
-
-=cut
-
-sub new {
- my $self = shift->SUPER::new(@_);
- return bless $self, __PACKAGE__; # Auth requires rebless
-}
-
-#----------------------------------------------------------------------------
-
=head2 createTwitterUser ( twitterUserId, username )
my $user = $self->createTwitterUser( $twitterUserId, $username );
@@ -59,9 +46,10 @@ sub createTwitterUser {
my ( $self, $twitterUserId, $username ) = @_;
my $user = WebGUI::User->create( $self->session );
$user->username( $username );
- $self->saveParams( $user->userId, $self->authMethod, {
+ $self->user( $user );
+ $self->update(
"twitterUserId" => $twitterUserId,
- } );
+ );
return $user;
}
@@ -281,7 +269,6 @@ sub www_setUsername {
if ( !WebGUI::User->newByUsername( $session, $username ) ) {
my $twitterUserId = $scratch->get( "AuthTwitterUserId" );
my $user = $self->createTwitterUser( $twitterUserId, $username );
- $self->user( $user );
return $self->login;
}
diff --git a/lib/WebGUI/Auth/WebGUI.pm b/lib/WebGUI/Auth/WebGUI.pm
index 04b6bbde6..bdc3a3ef5 100644
--- a/lib/WebGUI/Auth/WebGUI.pm
+++ b/lib/WebGUI/Auth/WebGUI.pm
@@ -120,7 +120,7 @@ sub authenticate {
return 0 if !$auth;
$identifier = $_[1];
- $userData = $self->getParams;
+ $userData = $self->get;
if (($self->hashPassword($identifier) eq $$userData{identifier}) && ($identifier ne "")) {
return 1;
}
@@ -275,7 +275,7 @@ sub createAccountSave {
# Send validation e-mail if required
if ($setting->get("webguiValidateEmail")) {
my $key = $session->id->generate;
- $self->saveParams($self->userId,"WebGUI",{emailValidationKey=>$key});
+ $self->update(emailValidationKey=>$key);
my $mail = WebGUI::Mail::Send->create($self->session, {
to => $profile->{email},
subject => $i18n->get('email address validation email subject','AuthWebGUI')
@@ -344,7 +344,7 @@ sub displayAccount {
my $vars;
return $self->displayLogin($_[0]) if ($self->isVisitor);
my $i18n = WebGUI::International->new($self->session);
- my $userData = $self->getParams;
+ my $userData = $self->get;
$vars->{'account.message'} = $_[0] if ($_[0]);
$vars->{'account.noform'} = 1;
if($userData->{changeUsername} || (!defined $userData->{changeUsername} && $self->session->setting->get("webguiChangeUsername"))){
@@ -393,7 +393,7 @@ sub displayLogin {
sub editUserForm {
my $self = shift;
- my $userData = $self->getParams;
+ my $userData = $self->get;
my $f = WebGUI::HTMLForm->new($self->session);
my $i18n = WebGUI::International->new($self->session);
$f->password(
@@ -440,7 +440,7 @@ sub editUserFormSave {
my $self = shift;
my $userId = $self->session->form->get("uid");
my $properties;
- my $userData = $self->getParams($userId);
+ my $userData = $self->get;
my $identifier = $self->session->form->process('authWebGUI.identifier');
unless (!$identifier || $identifier eq "password") {
$properties->{identifier} = $self->hashPassword($self->session->form->process('authWebGUI.identifier'));
@@ -781,7 +781,7 @@ sub login {
return $self->displayLogin("".$i18n->get(70)."
".$self->error);
}
- my $userData = $self->getParams;
+ my $userData = $self->get;
if($self->getSetting("passwordTimeout") && $userData->{passwordTimeout}){
my $expireTime = $userData->{passwordLastUpdated} + $userData->{passwordTimeout};
if (time() >= $expireTime){
@@ -798,11 +798,16 @@ sub login {
sub new {
my $class = shift;
my $session = shift;
- my $authMethod = $_[0];
- my $userId = $_[1];
- my @callable = ('validateEmail','createAccount','deactivateAccount','displayAccount','displayLogin','login','logout','recoverPassword','resetExpiredPassword','recoverPasswordFinish','createAccountSave','deactivateAccountConfirm','resetExpiredPasswordSave','updateAccount', 'emailResetPassword', 'emailResetPasswordFinish');
- my $self = WebGUI::Auth->new($session,$authMethod,$userId,\@callable);
- bless $self, $class;
+ my $userId = $_[0];
+ my $self = $class->SUPER::new($session,$userId);
+ $self->setCallable([
+ 'validateEmail','createAccount','deactivateAccount','displayAccount',
+ 'displayLogin','login','logout','recoverPassword','resetExpiredPassword',
+ 'recoverPasswordFinish','createAccountSave','deactivateAccountConfirm',
+ 'resetExpiredPasswordSave','updateAccount', 'emailResetPassword',
+ 'emailResetPasswordFinish',
+ ]);
+ return $self;
}
#-------------------------------------------------------------------
@@ -1060,9 +1065,9 @@ sub profileRecoverPasswordFinish {
if ($self->_isValidPassword($password, $passwordConfirm)) {
$self->user( $user );
- $self->saveParams($userId, $self->authMethod,
- { identifier => $self->hashPassword($password),
- passwordLastUpdated => time });
+ $self->update(
+ identifier => $self->hashPassword($password),
+ passwordLastUpdated => time);
$self->_logSecurityMessage;
return $self->SUPER::login;
} else {
@@ -1110,10 +1115,10 @@ sub emailRecoverPasswordFinish {
return $self->recoverPassword( $i18n->get( 'no email address', 'AuthWebGUI' ) );
}
- my $authsettings = $self->getParams($userId);
+ my $authsettings = $self->get;
$authsettings->{emailRecoverPasswordVerificationNumber} = $recoveryGuid;
- $self->saveParams($userId, 'WebGUI', $authsettings);
+ $self->update($authsettings);
my $mail = WebGUI::Mail::Send->create($session, { to=>$email, subject=>$i18n->get('WebGUI password recovery')});
$mail->addText($i18n->get('recover password email text1', 'AuthWebGUI') . $url. ". \n\n".$i18n->get('recover password email text2', 'AuthWebGUI')." \n\n ".$url."?op=auth;method=emailResetPassword;token=$recoveryGuid"."\n\n ". $i18n->get('recover password email text3', 'AuthWebGUI'));
@@ -1211,13 +1216,13 @@ sub emailResetPasswordFinish {
if ($self->_isValidPassword($password, $passwordConfirm)) {
$self->user(WebGUI::User->new($self->session, $userId));
- $self->saveParams($userId, $self->authMethod,
- { identifier => $self->hashPassword($password),
- passwordLastUpdated => time });
+ $self->update(
+ identifier => $self->hashPassword($password),
+ passwordLastUpdated => time);
$self->_logSecurityMessage;
# delete the emailRecoverPasswordVerificationNumber
- $self->deleteSingleParam($userId, $self->authMethod, 'emailRecoverPasswordVerificationNumber');
+ $self->delete('emailRecoverPasswordVerificationNumber');
return $self->SUPER::login;
} else {
return $self->emailResetPassword($self->error);
@@ -1269,7 +1274,7 @@ sub resetExpiredPasswordSave {
$properties->{identifier} = $self->hashPassword($self->session->form->process("identifier"));
$properties->{passwordLastUpdated} =time();
- $self->saveParams($u->userId,$self->authMethod,$properties);
+ $self->update($properties);
$self->_logSecurityMessage();
return $self->SUPER::login();
}
@@ -1340,7 +1345,7 @@ sub updateAccount {
$u->username($username);
}
if($password){
- my $userData = $self->getParams;
+ my $userData = $self->get;
unless ($password eq "password") {
$properties->{identifier} = $self->hashPassword($password);
$self->_logSecurityMessage();
@@ -1350,7 +1355,7 @@ sub updateAccount {
}
}
}
- $self->saveParams($u->userId,$self->authMethod,$properties);
+ $self->update($properties);
$self->session->user(undef,undef,$u);
return $self->displayAccount($display);
diff --git a/lib/WebGUI/Operation/Auth.pm b/lib/WebGUI/Operation/Auth.pm
index 70ef13a93..4c3b818ec 100644
--- a/lib/WebGUI/Operation/Auth.pm
+++ b/lib/WebGUI/Operation/Auth.pm
@@ -45,7 +45,7 @@ sub getInstance {
my $userId = $_[1];
#Create Auth Object
- my $auth = eval { WebGUI::Pluggable::instanciate("WebGUI::Auth::".$authMethod, "new", [ $session, $authMethod, $userId ] ) };
+ my $auth = eval { WebGUI::Pluggable::instanciate("WebGUI::Auth::".$authMethod, "new", [ $session, $userId ] ) };
if ($@) {
$session->log->fatal($@);
}
diff --git a/lib/WebGUI/User.pm b/lib/WebGUI/User.pm
index 0f7f11b9c..949b12ee6 100644
--- a/lib/WebGUI/User.pm
+++ b/lib/WebGUI/User.pm
@@ -20,6 +20,7 @@ use WebGUI::Workflow::Instance;
use JSON ();
use WebGUI::Exception;
use WebGUI::ProfileField;
+use WebGUI::Inbox;
use Scalar::Util qw( weaken );
use Net::CIDR::Lite;
@@ -195,10 +196,14 @@ sub acceptsFriendsRequests {
=head2 authInstance
+NOTE: This method is deprecated. Users may have any number of auth methods.
+Instead, instantiate the desired auth method and give it the user's ID.
+
Returns an instance of the authentication object for this user.
=cut
+# DEPRECATED. Remove in 9.0
sub authInstance {
my $self = shift;
my $session = $self->session;
@@ -215,7 +220,7 @@ sub authInstance {
}
my $authClass = 'WebGUI::Auth::' . $authMethod;
WebGUI::Pluggable::load($authClass);
- my $auth = $authClass->new($session, $authMethod, $self->getId);
+ my $auth = $authClass->new($session, $self->getId);
return $auth;
}
@@ -380,8 +385,8 @@ sub delete {
$group->deleteUsers([$userId]) if $group;
}
- my $auth = $self->authInstance;
- $auth->deleteParams($userId);
+ # Delete all auth instances for this user
+ $db->write( "DELETE FROM authentication WHERE userId=?", [ $userId ] );
$self->friends->delete
if ($self->{_user}{"friendsGroup"} ne "");
diff --git a/t/Auth.t b/t/Auth.t
index 1b984ca4a..ec558bb51 100644
--- a/t/Auth.t
+++ b/t/Auth.t
@@ -24,7 +24,6 @@ use WebGUI::Session;
my $session = WebGUI::Test->session;
my @cleanupUsernames = (); # Will be cleaned up when we're done
-my $AUTH_METHOD = "TEST"; # Used as second argument to WebGUI::Auth->new
my $auth; # will be used to create auth instances
my ($request, $oldRequest, $output);
@@ -40,7 +39,7 @@ my $createAccountSession = WebGUI::Test->newSession(0, {
returnUrl => 'REDIRECT_URL',
});
-$auth = WebGUI::Auth->new( $createAccountSession, $AUTH_METHOD );
+$auth = WebGUI::Auth->new( $createAccountSession );
my $username = $createAccountSession->id->generate;
push @cleanupUsernames, $username;
$output = $auth->createAccountSave( $username, { }, "PASSWORD" );
@@ -77,7 +76,7 @@ my $loginSession = WebGUI::Test->newSession(0, {
returnUrl => 'REDIRECT_LOGIN_URL',
});
-$auth = WebGUI::Auth->new( $loginSession, $AUTH_METHOD, 3 );
+$auth = WebGUI::Auth->new( $loginSession, 3 );
my $username = $loginSession->id->generate;
push @cleanupUsernames, $username;
$session->setting->set('showMessageOnLogin', 0);
diff --git a/t/Auth/LDAP.t b/t/Auth/LDAP.t
index 095282a41..eb3460d95 100644
--- a/t/Auth/LDAP.t
+++ b/t/Auth/LDAP.t
@@ -55,11 +55,11 @@ $user->update({
username => "Andy Dufresne",
});
my $auth = $user->authInstance;
-$auth->saveParams( $user->getId, $user->get('authMethod'), {
+$auth->update(
ldapUrl => $ldapProps->{ldapUrl},
connectDN => "uid=Andy Dufresne,o=shawshank",
ldapConnection => $ldapProps->{ldapLinkId},
-} );
+);
$session->request->setup_body({
username => 'Andy Dufresne',
@@ -134,7 +134,7 @@ $auth = WebGUI::Auth::LDAP->new( $session, 'LDAP' );
$out = $auth->login;
is $session->user->get('username'), 'Brooks Hatley', 'Brooks was created';
cmp_deeply(
- $auth->getParams,
+ $auth->get,
{
connectDN => 'uid=Brooks Hatley,o=shawshank',
ldapConnection => '00000000000000testlink',
@@ -167,7 +167,7 @@ $auth = WebGUI::Auth::LDAP->new( $session, 'LDAP' );
$out = $auth->login;
is $session->user->get('username'), 'Brooks Hatley', 'Brooks was logged in after name change';
cmp_deeply(
- $auth->getParams,
+ $auth->get,
{
connectDN => 'uid=Brooks Hatlen,o=shawshank',
ldapConnection => '00000000000000testlink',
diff --git a/t/Auth/Twitter.t b/t/Auth/Twitter.t
index 9ed95e582..4062792aa 100644
--- a/t/Auth/Twitter.t
+++ b/t/Auth/Twitter.t
@@ -88,8 +88,9 @@ my $userId = $session->db->quickScalar(
"SELECT userId FROM authentication WHERE authMethod=? AND fieldName=? AND fieldData=?",
[ "Twitter", "twitterUserId", "2345" ],
);
-ok( $userId, 'user exists in authentication table' );
$user = WebGUI::User->new( $session, $userId );
+note( $userId );
+isnt( $user->userId, 1, 'user exists in authentication table' );
is( $user->username, "RedHerring", "correct username is set" );
WebGUI::Test->addToCleanup( $user );
diff --git a/t/Auth/mech.t b/t/Auth/mech.t
index f0398913e..f03ab0da2 100644
--- a/t/Auth/mech.t
+++ b/t/Auth/mech.t
@@ -47,9 +47,9 @@ WebGUI::Test->addToCleanup($user);
$user->username( $USERNAME );
$user->addToGroups( ['3'] );
my $auth = WebGUI::Operation::Auth::getInstance( $session, $user->authMethod, $user->userId );
-$auth->saveParams( $user->userId, $user->authMethod, {
+$auth->update(
'identifier' => $auth->hashPassword($IDENTIFIER)
-});
+);
my ($redirect, $response, $url);
@@ -115,8 +115,6 @@ $mech->get_ok( $assetUrl . "?op=auth;method=displayLogin" );
$mech->submit_form_ok(
{
with_fields => {
- op => 'auth',
- method => 'login',
username => $USERNAME,
identifier => $IDENTIFIER,
},