File Coverage

blib/lib/MyLibrary/Auth/Basic.pm

Criterion	Covered	Total	%
statement	12	65	18.4
branch	0	8	0.0
condition	0	15	0.0
subroutine	4	8	50.0
pod	1	1	100.0
total	17	97	17.5

line	stmt	bran	cond	sub	pod	time	code
1							package MyLibrary::Auth::Basic;
2
3	1			1		951	use base qw(MyLibrary::Auth);
	1					2
	1					715
4	1			1		7	use MyLibrary::Patron;
	1					2
	1					22
5	1			1		4	use Carp qw(croak cluck);
	1					2
	1					50
6	1			1		4	use strict;
	1					2
	1					803
7
8							=head1 NAME
9
10							MyLibrary::Auth::Basic
11
12							=head1 SYNOPSIS
13
14							use MyLibrary::Auth::Basic;
15
16							# create a new authentication object
17							my $auth = MyLibrary::Auth::Basic->new();
18							my $auth = MyLibrary::Auth::Basic->new(sessid => $sessid);
19
20							# access session attributes
21							my $sessid = $auth->sessid();
22							my $status = $auth->status();
23							my $username = $auth->username();
24
25							# authenticate
26							my $return_code = $auth->authenticate(username => 'user', password => 'password');
27
28							# place session cookie
29							$auth->place_cookie();
30
31							# remove session cookie
32							$auth->remove_cookie();
33
34							# close a session
35							$auth->close_session();
36
37							=head1 DESCRIPTION
38
39							This method of authentication uses an internal mechanism to MyLibrary, with a simply encryption scheme. The user credentials are stored within the MyLibrary database structure. Users are required to create their own usernames and passwords, and are thus required to memorize them separately from any institutional authentication system. Changing the username and password is handled via the Patron.pm API.
40
41							=head1 METHODS
42
43							=head2 new()
44
45							This is the constructor for the class. It creates an object with a default set of attributes if no session id is supplied, and initializes the attributes according to session data previously saved if a session id is supplied. This object uses encapsulated data, so the only means to manipulate session variables is via the supplied API. This is done for security reasons and to help maintain data integrity.
46
47							# create a new auth object
48							my $auth = MyLibrary::Auth->new();
49
50							# create an auth object based upon session id
51							my $auth = MyLibrary::Auth->new(sessid => $sessid);
52
53							=head2 sessid()
54
55							Get the session id for the current auth object. This method cannot set the session id, only retrieve it.
56
57							# get the session id
58							my $sessid = $auth->sessid();
59
60							=head2 status()
61
62							Retrieve the status for this session. There are several status indicators based upon whether or not the user was able to successfully authenticate or is in the process of authentication. The state of authentication status can only be changed internal to the object itself.
63
64							# status info
65							my $status = $auth->status();
66
67							=head2 username()
68
69							The username is the name entered for authentication purposes and is retained throughout the life of the session. This is used to identify who the last person was to authenticate from the host where authentication was initiated.
70
71							# username
72							my $username = $auth->username();
73
74							=head2 place_cookie()
75
76							This method will return a header used to place a cookie with the browser initiating the authentication request.
77
78							# place a cookie
79							my $place_cookie_header = $auth->place_cookie();
80
81							=head2 remove_cookie()
82
83							This method return a header that will delete a cookie from the browser for the current session. This usually occurs when the user indicate that they would like their session terminated.
84
85							# delete a cookie
86							my $remove_cookie_header = $auth->remove_cookie();
87
88
89							=head2 authenticate()
90
91							This method is used to simply receive a message as a return value indicating the status of an authentication attempt. The two required parameters are username and password. If either of these is not present, then the method will return an error message.
92
93							# authenticate
94							my $return_code = $auth->authenticate(username => 'joe', password => 'password');
95
96
97							=head2 close_session()
98
99							This method will delete the session object from the database, and it will no longer be accessible using the session id.
100
101							# close the session
102							$auth->close_session()
103
104							=head1 SEE ALSO
105
106							For more information, see the MyLibrary home page: http://dewey.library.nd.edu/mylibrary/.
107
108							=head1 AUTHORS
109
110							Robert Fox
111
112							=cut
113
114
115							{
116							# Allowable object attributes with defaults
117							my %_attr_data =
118							( auth_method => 'BASIC',
119							crypt_password => undef,
120							file => __FILE__
121							);
122
123							# Class methods used to operate on encapsulated data
124							sub _attr_defaults {
125	0			0			return \%_attr_data;
126							}
127							sub _standard_keys {
128	0			0			keys %_attr_data;
129							}
130							}
131
132							sub _encrypt_password {
133	0			0			my $self = shift;
134	0						my $password = shift;
135	0	0					if (defined $password) {
136	0						my $salt = substr($password, 0, 2);
137	0						my $crypted_pw = crypt($password, $salt);
138	0						return $crypted_pw;
139							} else {
140	0						croak "Password not indicated for encryption.\n";
141							}
142							}
143
144							sub authenticate {
145	0			0	1		my $self = shift;
146	0						my %args = @_;
147	0	0	0				if (defined $args{username} && defined $args{password} && $args{username} ne '' && $args{password} ne '' && $args{username} !~ /^\s/ && $args{password} !~ /^\s/) {
			0
			0
			0
			0
148	0						my $patron = MyLibrary::Patron->new(username => $args{username});
149	0	0					unless (defined $patron) {
150	0						my $_auth_obj = $self->SUPER::_attr_hash();
151	0						$_auth_obj->{${$self}}->{status_accessor}->($self, 'failed authentication - user not in patron table');
	0
152	0						$_auth_obj->{${$self}}->{_sess_ref}->param('status', $self->status());
	0
153	0						return 'username failure';
154							}
155	0						my $crypt_password = $self->_encrypt_password($args{password});
156	0	0					if ($crypt_password eq $patron->patron_password()) {
157	0						my $_auth_obj = $self->SUPER::_attr_hash();
158	0						$_auth_obj->{${$self}}->{status_accessor}->($self, 'authenticated');
	0
159	0						$_auth_obj->{${$self}}->{crypt_password} = $crypt_password;
	0
160	0						$_auth_obj->{${$self}}->{username} = $args{username};
	0
161	0						$_auth_obj->{${$self}}->{user_id} = $patron->patron_id();
	0
162	0						$_auth_obj->{${$self}}->{_sess_ref}->param('crypt_password', $crypt_password);
	0
163	0						$_auth_obj->{${$self}}->{_sess_ref}->param('username', $args{username});
	0
164	0						$_auth_obj->{${$self}}->{_sess_ref}->param('user_id', $patron->patron_id());
	0
165	0						$_auth_obj->{${$self}}->{_sess_ref}->param('_logged_in', '1');
	0
166	0						$_auth_obj->{${$self}}->{_sess_ref}->param('status', $self->status());
	0
167	0						$_auth_obj->{${$self}}->{_sess_ref}->expire('_logged_in', '+1m');
	0
168	0						return 'success';
169							} else {
170	0						my $_auth_obj = $self->SUPER::_attr_hash();
171	0						$_auth_obj->{${$self}}->{status_accessor}->($self, 'failed authentication - invalid password');
	0
172	0						$_auth_obj->{${$self}}->{_sess_ref}->param('status', $self->status());
	0
173	0						$_auth_obj->{${$self}}->{_sess_ref}->param('_logged_in', '0');
	0
174	0						return 'password failure';
175							}
176							} else {
177	0						return 'error';
178							}
179							}
180
181							1;