File Coverage

blib/lib/Articulate/Authentication/Preconfigured.pm
Criterion Covered Total %
statement 18 25 72.0
branch 0 4 0.0
condition 0 4 0.0
subroutine 6 7 85.7
pod 1 1 100.0
total 25 41 60.9


line stmt bran cond sub pod time code
1             package Articulate::Authentication::Preconfigured;
2 1     1   844 use strict;
  1         2  
  1         38  
3 1     1   6 use warnings;
  1         1  
  1         36  
4            
5 1     1   6 use Moo;
  1         2  
  1         7  
6            
7 1     1   3770 use Digest::SHA;
  1         2813  
  1         57  
8 1     1   9 use Articulate::Storage;
  1         3  
  1         24  
9 1     1   573 use Time::HiRes; # overrides time()
  1         1572  
  1         4  
10            
11             =head1 NAME
12            
13             Articulate::Authentication::Preconfigured - do not use this in production
14            
15             =cut
16            
17             =head1 WARNING
18            
19             Warning: This is highly insecure, you will be storing your passwords in plain text in the configuration file.
20            
21             It is suitable only for getting a project started, and should be promptly removed when a user account has been created which stores encrypted passwords somewhere.
22            
23             =head1 CONFIGURATION
24            
25             authentication:
26             Articulate::Authentication:
27             providers:
28             - class: Articulate::Authentication::Preconfigured
29             args:
30             passwords:
31             username: insecure_password
32            
33             =head1 ATTRIBUTES
34            
35             =head3 passwords
36            
37             A simple hash of keys and values where the user is the key and the password is the value.
38            
39             =cut
40            
41             has passwords => (
42             is => 'rw',
43             default => sub { { } },
44             );
45            
46             =head3 authenticate
47            
48             $self->authenticate( $credentials );
49            
50             Accepts and returns the credentials if the C matches the C. Always returns the credentials passed in.
51            
52             =cut
53            
54             sub authenticate {
55 0     0 1   my $self = shift;
56 0           my $credentials = shift;
57 0   0       my $user_id = $credentials->fields->{user_id} // return;
58 0   0       my $password = $credentials->fields->{password} // return;
59            
60 0 0         if ( exists $self->passwords->{ $user_id } ) {
61 0 0         return $credentials->accept('Passwords match') if $password eq $self->passwords->{$user_id};
62             }
63             # if we ever need to know if the user does not exist, now is the time to ask,
64             # but we do not externally expose the difference between
65             # "user not found" and "password doesn't match"
66 0           return $credentials;
67             }
68            
69             1;