File Coverage

blib/lib/Rubric/WebApp/Login/Post.pm
Criterion Covered Total %
statement 21 21 100.0
branch 4 4 100.0
condition 2 3 66.6
subroutine 7 7 100.0
pod 3 3 100.0
total 37 38 97.3


line stmt bran cond sub pod time code
1 2     2   1076 use strict;
  2         4  
  2         82  
2 2     2   11 use warnings;
  2         3  
  2         138  
3             package Rubric::WebApp::Login::Post;
4             # ABSTRACT: process web login from query parameters
5             $Rubric::WebApp::Login::Post::VERSION = '0.155';
6 2     2   10 use parent qw(Rubric::WebApp::Login);
  2         4  
  2         36  
7              
8 2     2   134 use Digest::MD5 qw(md5_hex);
  2         5  
  2         828  
9              
10             # =head1 DESCRIPTION
11             #
12             # This module checks the submitted query for information needed to confirm that a
13             # user is logged into the Rubric.
14             #
15             # =head1 METHODS
16             #
17             # =head2 get_login_username
18             #
19             # This checks for the username in a current login request. First it checks
20             # whether there is a C value in this session. If not, it looks for
21             # a C query parameter.
22             #
23             # =cut
24              
25             sub get_login_username {
26 48     48 1 106 my ($class, $webapp) = @_;
27              
28 48 100       294 $webapp->session->param('current_user') || $webapp->query->param('user');
29             }
30              
31             # =head2 authenticate_login($webapp, $user)
32             #
33             # This returns true if the username came from the session. Otherwise, it checks
34             # for a C query parameter and compares its md5sum against the user's
35             # stored password md5sum.
36             #
37             # =cut
38              
39             sub authenticate_login {
40 17     17 1 53 my ($self, $webapp, $user) = @_;
41              
42 17 100 66     90 return 1 if
43             $webapp->session->param('current_user') and
44             $webapp->session->param('current_user') eq $user;
45              
46 2         13 my $password = $webapp->query->param('password');
47              
48 2         126 return (md5_hex($password) eq $user->password);
49             }
50              
51             # =head2 set_current_user($webapp, $user)
52             #
53             # This method sets the current user in the session and then calls the superclass
54             # C.
55             #
56             # =cut
57              
58             sub set_current_user {
59 17     17 1 53 my ($self, $webapp, $user) = @_;
60              
61 17         90 $webapp->session->param(current_user => $user->username);
62 17         123 $self->SUPER::set_current_user($webapp, $user);
63             }
64              
65             1;
66              
67             __END__