File Coverage

blib/lib/Articulate/Authentication/Preconfigured.pm
Criterion Covered Total %
statement 18 25 72.0
branch 0 4 0.0
condition 0 4 0.0
subroutine 6 7 85.7
pod 1 1 100.0
total 25 41 60.9


line stmt bran cond sub pod time code
1             package Articulate::Authentication::Preconfigured;
2 1     1   1381 use strict;
  1         2  
  1         37  
3 1     1   5 use warnings;
  1         1  
  1         26  
4              
5 1     1   4 use Moo;
  1         1  
  1         5  
6              
7 1     1   339 use Digest::SHA;
  1         2  
  1         59  
8 1     1   324 use Articulate::Storage;
  1         5  
  1         43  
9 1     1   9 use Time::HiRes; # overrides time()
  1         3  
  1         10  
10              
11             =head1 NAME
12              
13             Articulate::Authentication::Preconfigured - do not use this in production
14              
15             =cut
16              
17             =head1 WARNING
18              
19             Warning: This is highly insecure, you will be storing your passwords in plain text in the configuration file.
20              
21             It is suitable only for getting a project started, and should be promptly removed when a user account has been created which stores encrypted passwords somewhere.
22              
23             =head1 CONFIGURATION
24              
25             authentication:
26             Articulate::Authentication:
27             providers:
28             - class: Articulate::Authentication::Preconfigured
29             args:
30             passwords:
31             username: insecure_password
32              
33             =head1 ATTRIBUTES
34              
35             =head3 passwords
36              
37             A simple hash of keys and values where the user is the key and the password is the value.
38              
39             =cut
40              
41             has passwords => (
42             is => 'rw',
43             default => sub { {} },
44             );
45              
46             =head3 authenticate
47              
48             $self->authenticate( $credentials );
49              
50             Accepts and returns the credentials if the C matches the C. Always returns the credentials passed in.
51              
52             =cut
53              
54             sub authenticate {
55 0     0 1   my $self = shift;
56 0           my $credentials = shift;
57 0   0       my $user_id = $credentials->fields->{user_id} // return;
58 0   0       my $password = $credentials->fields->{password} // return;
59              
60 0 0         if ( exists $self->passwords->{$user_id} ) {
61 0 0         return $credentials->accept('Passwords match')
62             if $password eq $self->passwords->{$user_id};
63             }
64              
65             # if we ever need to know if the user does not exist, now is the time to ask,
66             # but we do not externally expose the difference between
67             # "user not found" and "password doesn't match"
68 0           return $credentials;
69             }
70              
71             1;