Changeset 888
- Timestamp:
- 01/26/12 16:14:06 (12 years ago)
- Location:
- LATMOS-Accounts-Web
- Files:
-
- 2 added
- 3 edited
Legend:
- Unmodified
- Added
- Removed
-
LATMOS-Accounts-Web/lib/Catalyst/Authentication/Credential/La.pm
r361 r888 3 3 use strict; 4 4 use warnings; 5 use MIME::Base64; 5 6 6 7 sub new { … … 9 10 } 10 11 11 sub authenticate { 12 sub _search_user { 13 my ($self, $c, $attribute, $value) = @_; 14 15 my $base = $c->model('Accounts')->db; 16 # quick prefilter 17 my @res = $base->search_objects( 18 'user', 19 sprintf('%s~%s', $attribute, $value) 20 ); 21 22 @res = grep { 23 my $o = $base->get_object('user', $_); 24 $o && grep { lc($_) eq lc($value) } $o->get_attributes($attribute); 25 } @res; 26 27 if (@res == 1) { 28 return $res[0]; 29 } else { 30 $c->log->error(sprintf 31 "Can't identify `%s' user from `%s' attributes, multiple user found: %s", 32 $value, 33 $attribute, 34 join(', ', @res), 35 ); 36 return; 37 } 38 } 39 40 sub _ssl_auth { 12 41 my ($self, $c, $realm, $authinfo) = @_; 13 return $realm->find_user($authinfo) 42 if ($ENV{HTTP_SSL_CLIENT_S_DN_EMAIL}) { 43 $c->log->debug(sprintf 44 'Trying to find user `%s\' from env `%s\'', 45 $ENV{HTTP_SSL_CLIENT_S_DN_EMAIL}, 46 'HTTP_SSL_CLIENT_S_DN_EMAIL' 47 ); 48 if (my $u = $self->_search_user($c, 'mail', $ENV{HTTP_SSL_CLIENT_S_DN_EMAIL})) { 49 $c->log->info(sprintf 'SSL auth for %s as %s', $ENV{HTTP_SSL_CLIENT_S_DN_EMAIL}, $u); 50 $authinfo->{username} = $u; 51 return 1; 52 } else { 53 return; 54 } 55 } 56 } 57 58 sub _login_auth { 59 my ($self, $c, $realm, $authinfo) = @_; 60 my $authheader = $c->req->headers->header('Authorization'); 61 # TODO check auth type 62 my ($type, $base64) = $authheader =~ /(\w+) (\S+)/; 63 ($authinfo->{username}, $authinfo->{password}) 64 = decode_base64($base64) =~ /^([^:]+):(.*)/; 65 14 66 if($c->model('Accounts')->db->connect( 15 67 $authinfo->{username}, 16 68 $authinfo->{password} 17 )); 18 return; 69 )) { 70 $c->log->info(sprintf 'basic auth for %s', $authinfo->{username}); 71 return $realm->find_user($authinfo) 72 } else { 73 return; 74 $c->log->error(sprintf 75 'Invalid password or user for user %s', 76 $authinfo->{username} || 77 '(none)' 78 ); 79 } 80 } 81 82 sub authenticate { 83 my ($self, $c, $realm, $authinfo) = @_; 84 if (! ( 85 $self->_ssl_auth ($c, $realm, $authinfo) || 86 $self->_login_auth($c, $realm, $authinfo) 87 )) { return; } 88 89 $c->model('Accounts')->db->{_user} = $authinfo->{username}; 90 return $realm->find_user($authinfo); 19 91 } 20 92 -
LATMOS-Accounts-Web/lib/LATMOS/Accounts/Web/Controller/Root.pm
r886 r888 4 4 use warnings; 5 5 use base 'Catalyst::Controller'; 6 use MIME::Base64;7 6 8 7 # … … 37 36 my ( $self, $c ) = @_; 38 37 38 require Data::Dumper; 39 39 if ($c->user_exists) { 40 40 # Set login user: 41 warn$c->model('Accounts')->db->{_user} = $c->user->{username};41 $c->model('Accounts')->db->{_user} = $c->user->{username}; 42 42 } else { 43 43 # No need to login for About section 44 if ($c->namespace ne 'about') { 45 if ($c->authenticate({}, 'remote')) { 46 # Set login user: 47 $c->model('Accounts')->db->{_user} = $c->user->{username}; 48 } elsif (my $authheader = $c->req->headers->header('Authorization')) { 49 # TODO check auth type 50 my ($type, $base64) = $authheader =~ /(\w+) (\S+)/; 51 my ($login, $pass) = decode_base64($base64) =~ /^([^:]+):(.*)/; 52 if (!$c->authenticate({ 53 username => $login, 54 password => $pass }, 'la')) { 55 $c->forward('auth_required'); 56 return; 57 } 58 } else { 59 $c->forward('auth_required'); 60 return; 61 } 44 if (!$c->authenticate({}, 'la')) { 45 $c->forward('auth_required'); 46 return; 62 47 } 63 48 } -
LATMOS-Accounts-Web/root/html/includes/header.tt
r886 r888 178 178 <span> 179 179 [% luri = c.uri_for('/logout') %] 180 [% luri.userinfo( 'none:x') %]180 [% luri.userinfo(c.user.username _ ':x') %] 181 181 <a href="[% luri %]" 182 182 onMouseOver="document.getElementById('menui').innerHTML='Se déconnecter';"
Note: See TracChangeset
for help on using the changeset viewer.