Modify _DBI::checkPassword to make it reuseable by another module than AuthDBI

16 years ago · 23ee91c414
parent 0a618cda34
commit 23ee91c414
3 changed files with 20 additions and 24 deletions
--- a/modules/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Downloader.pm
+++ b/modules/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Downloader.pm
@ -203,8 +203,8 @@ sub keyToH {
 # If $key is not set, uses Lemonldap::NG::Manager::struct().
 # If the URL parameter key is set, uses Lemonldap::NG::Manager::cstruct()
 # with this parameter.
-# This function call itself 1 time if the key is not found using cstruct()
-# using the flag $last.
+# This function call itself 1 time if the key is not found using cstruct().
+# The flag $last is used to avoid loop.
 # @return An array containing :
 # - the (sub)structure of the menu
 # - the help chapter (using inheritance of the up key)
--- a/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/AuthDBI.pm
+++ b/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/AuthDBI.pm
@ -44,17 +44,8 @@ sub authenticate {
    return PE_ERROR unless $dbh;

    # Check credentials
-    my $user        = $self->{user};
-    my $password    = $self->{password};
-    # Prevent SQL injection
-    $user     =~ s/'/''/g;
-    $password =~ s/'/''/g;
-
-    # Password hash
-    $password = $self->hash_password( $password, $self->{dbiAuthPasswordHash} );
-
-    my $result = $self->check_password( $user, $password );
-    if ( $result ) {
+    my $result = $self->check_password($dbh);
+    if ($result) {
        return PE_OK;
    }
    else {
--- a/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/_DBI.pm
+++ b/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/_DBI.pm
@ -54,11 +54,8 @@ sub hash_password {
    my $hash = shift;

    if ( $hash =~ /^(md5|sha|sha1)$/i ) {
-        $self->lmLog(
-            "Using " . uc( $hash ) . " to hash password",
-            'debug'
-        );
-        return uc( $hash ) . "('$password')";
+        $self->lmLog( "Using " . uc($hash) . " to hash password", 'debug' );
+        return uc($hash) . "('$password')";
    }
    else {
        $self->lmLog( "No valid password hash, using clear text for password",
@ -75,17 +72,24 @@ sub hash_password {
 # @return boolean result
 sub check_password {
    my $self = shift;
-    my $user = shift;
-    my $password = shift;
-    
+    my $dbh         = shift;
+    my $user        = $self->{user};
+    my $password    = $self->{password};
    my $table       = $self->{dbiAuthTable};
    my $loginCol    = $self->{dbiAuthLoginCol};
    my $passwordCol = $self->{dbiAuthPasswordCol};

+    # Prevent SQL injection
+    $user     =~ s/'/''/g;
+    $password =~ s/'/''/g;
+
+    # Password hash
+    $password = $self->hash_password( $password, $self->{dbiAuthPasswordHash} );
+
    my @rows = ();
    eval {
-        my $sth = $self->{_dbh}->prepare(
-        "SELECT $loginCol FROM $table WHERE $loginCol='$user' AND $passwordCol=$password"
+        my $sth = $dbh->prepare(
+"SELECT $loginCol FROM $table WHERE $loginCol='$user' AND $passwordCol=$password"
        );
        $sth->execute();
        @rows = $sth->fetchrow_array();
@ -121,7 +125,8 @@ sub modify_password {
    my $passwordCol = $self->{dbiAuthPasswordCol};

    eval {
-        my $sth = $self->{_dbh}->prepare(
+        my $sth =
+          $self->{_dbh}->prepare(
            "UPDATE $table SET $passwordCol=$password WHERE $loginCol='$user'");
        $sth->execute();
    };