diff options
| author | einhverfr <einhverfr@4979c152-3d1c-0410-bac9-87ea11338e46> | 2007-10-07 06:57:40 +0000 |
|---|---|---|
| committer | einhverfr <einhverfr@4979c152-3d1c-0410-bac9-87ea11338e46> | 2007-10-07 06:57:40 +0000 |
| commit | 3c8bf664ba66bfcf8345cdc6c0eee7b5b6eae40d (patch) | |
| tree | 6249e39ebb950df7d26aefa24e59660cf9b0ab94 | |
| parent | 10797430c4c1f51dd6dc0b63207c8e0c1383ae37 (diff) | |
Authetication now works as far as the root document
git-svn-id: https://ledger-smb.svn.sourceforge.net/svnroot/ledger-smb/trunk@1714 4979c152-3d1c-0410-bac9-87ea11338e46
| -rwxr-xr-x | LedgerSMB.pm | 24 | ||||
| -rwxr-xr-x | LedgerSMB/Session/DB.pm | 17 | ||||
| -rw-r--r-- | LedgerSMB/User.pm | 37 | ||||
| -rw-r--r-- | scripts/login.pl | 1 |
4 files changed, 15 insertions, 64 deletions
diff --git a/LedgerSMB.pm b/LedgerSMB.pm index b975071c..7980d0b4 100755 --- a/LedgerSMB.pm +++ b/LedgerSMB.pm @@ -173,12 +173,8 @@ sub new { ($self->{action} eq 'authenticate' || !$self->{action})){ return $self; } - my $locale = LedgerSMB::Locale->get_handle($self->{_user}->{countrycode}) - or $self->error(__FILE__.':'.__LINE__.": Locale not loaded: $!\n"); - $self->{_locale} = $locale; $self->_db_init; - $self->{_user} = LedgerSMB::User->fetch_config($self); if ($self->is_run_mode('cgi', 'mod_perl')) { my %cookie; $ENV{HTTP_COOKIE} =~ s/;\s*/;/g; @@ -190,13 +186,15 @@ sub new { #check for valid session unless this is an iniital authentication #request -- CT - if (!($self->{action} eq 'authenticate' - || $self->{script} eq 'login.pl') - || !Session::session_check( $cookie{"LedgerSMB"}, $self) ) { + if (!Session::session_check( $cookie{"LedgerSMB"}, $self) ) { $self->_get_password("Session Expired"); exit; } + $self->{_user} = LedgerSMB::User->fetch_config($self); } + #my $locale = LedgerSMB::Locale->get_handle($self->{_user}->{countrycode}) + #or $self->error(__FILE__.':'.__LINE__.": Locale not loaded: $!\n"); + #self->{_locale} = $locale; $self->{stylesheet} = $self->{_user}->{stylesheet}; @@ -656,10 +654,10 @@ sub _db_init { # connection fails since this probably means bad credentials are entered. # Just in case, however, I think it is a good idea to include the DBI # error string. CT - my $dbh = DBI->connect( + $self->{dbh} = DBI->connect( "dbi:Pg:dbname=$dbname;host=localhost;port=5432", "$login", "$password", { AutoCommit => 0 } ); - $self->{dbh} = $dbh; + my $dbh = $self->{dbh}; # This is the general version check my $sth = $dbh->prepare(" @@ -673,8 +671,8 @@ sub _db_init { } - if ($self->{script} eq 'login.pl' && $self->{action} eq - 'authenticate'){ + if (($self->{script} eq 'login.pl') && ($self->{action} eq + 'authenticate')){ return; } @@ -688,10 +686,6 @@ sub _db_init { # TODO: Add date handling settings and the like. - $self->{dbh} = $dbh; - if ($self->{script} eq 'autheticate' && $self->script eq 'login.pl'){ - return; - } my $query = "SELECT t.extends, coalesce (t.table_name, 'custom_' || extends) || ':' || f.field_name as field_def diff --git a/LedgerSMB/Session/DB.pm b/LedgerSMB/Session/DB.pm index 145e1476..4938b560 100755 --- a/LedgerSMB/Session/DB.pm +++ b/LedgerSMB/Session/DB.pm @@ -135,24 +135,22 @@ sub session_check { sub session_create { my ($lsmb) = @_; - my $lsmb; use Time::HiRes qw(gettimeofday); + my $dbh = $lsmb->{dbh}; + my $login = $lsmb->{login}; #microseconds are more than random enough for transaction_id my ( $ignore, $newTransactionID ) = gettimeofday(); $newTransactionID = int $newTransactionID; - if ( !$ENV{HTTP_HOST} ) { + if ( !$ENV{GATEWAY_INTERFACE} ) { #don't create cookies or sessions for CLI use return 1; } - # use the central database handle - my $dbh = $lsmb->{dbh}; - # TODO Change this to use %myconfig my $deleteExisting = $dbh->prepare( "DELETE @@ -160,7 +158,6 @@ sub session_create { WHERE session.users_id = (select id from users where username = ?) AND age(last_used) > ?::interval" ); - my $seedRandom = $dbh->prepare("SELECT setseed(?);"); my $fetchSequence = @@ -181,14 +178,12 @@ sub session_create { my $auth = $ENV{HTTP_AUTHORIZATION}; $auth =~ s/^Basic //i; - my ($login, undef) = split(/:/, MIME::Base64::decode($auth)); - $login =~ s/[^a-zA-Z0-9._+\@'-]//g; #delete any existing stale sessions with this login if they exist - if ( $lsmb->{timeout} ) { + if ( !$lsmb->{timeout} ) { $lsmb->{timeout} = 86400; } - + print STDERR "Breakpoint\n"; $deleteExisting->execute( $login, "$lsmb->{timeout} seconds" ) || $lsmb->dberror( __FILE__ . ':' . __LINE__ . ': Delete from session: ' ); @@ -218,7 +213,7 @@ sub session_create { my $newCookieValue = $newSessionID . ':' . $newTransactionID . ':' . $lsmb->{company}; - + print STDERR "Breakpoint\n"; #now set the cookie in the browser #TODO set domain from ENV, also set path to install path print qq|Set-Cookie: LedgerSMB=$newCookieValue; path=/;\n|; diff --git a/LedgerSMB/User.pm b/LedgerSMB/User.pm index 41aa0dcd..6107cfcb 100644 --- a/LedgerSMB/User.pm +++ b/LedgerSMB/User.pm @@ -190,43 +190,6 @@ sub fetch_config { # AND u.id = uc.id;" # ); - my $fetchUserSettings = $dbh->prepare(" - SELECT - u.username, - uc.dbname, - uc.port, - uc.host - - FROM users u - JOIN user_connection uc ON uc.user_id = u.id - WHERE u.username = ? - "); - - $fetchUserSettings->execute($login); - - #$fetchUserPrefs->execute($login); - - my $userHashRef = $fetchUserSettings->fetchrow_hashref; - if ( !$userHashRef ) { - &error( $self, "Access Denied" ); - } - - while ( my ( $key, $value ) = each( %{$userHashRef} ) ) { - $myconfig{$key} = $value; - } - - chomp( $myconfig{'port'} ); - chomp( $myconfig{'dbname'} ); - chomp( $myconfig{'host'} ); - - $myconfig{'login'} = $login; - $myconfig{'dbconnect'} = - 'dbi:Pg:dbname=' - . $myconfig{'dbname'} - . ';host=' - . $myconfig{'host'} - . ';port=' - . $myconfig{'port'}; return \%myconfig; } diff --git a/scripts/login.pl b/scripts/login.pl index a117f80d..31d2922f 100644 --- a/scripts/login.pl +++ b/scripts/login.pl @@ -28,7 +28,6 @@ sub authenticate { $request->{company} = 'lsmb13'; $request->_db_init; } - $request->debug({file => '/tmp/request'}); if ($request->{dbh} || $request->{log_out}){ print "Content-Type: text/html\n"; print "Set-Cookie: LedgerSMB=Login;\n"; |