File Coverage

blib/lib/Rubric/WebApp/Login/Post.pm
Criterion Covered Total %
statement 21 21 100.0
branch 4 4 100.0
condition 2 3 66.6
subroutine 7 7 100.0
pod 3 3 100.0
total 37 38 97.3


line stmt bran cond sub pod time code
1 2     2   1057 use strict;
  2         6  
  2         67  
2 2     2   12 use warnings;
  2         4  
  2         130  
3             package Rubric::WebApp::Login::Post;
4             # ABSTRACT: process web login from query parameters
5             $Rubric::WebApp::Login::Post::VERSION = '0.156';
6 2     2   16 use parent qw(Rubric::WebApp::Login);
  2         4  
  2         32  
7              
8 2     2   110 use Digest::MD5 qw(md5_hex);
  2         8  
  2         487  
9              
10             #pod =head1 DESCRIPTION
11             #pod
12             #pod This module checks the submitted query for information needed to confirm that a
13             #pod user is logged into the Rubric.
14             #pod
15             #pod =head1 METHODS
16             #pod
17             #pod =head2 get_login_username
18             #pod
19             #pod This checks for the username in a current login request. First it checks
20             #pod whether there is a C value in this session. If not, it looks for
21             #pod a C query parameter.
22             #pod
23             #pod =cut
24              
25             sub get_login_username {
26 48     48 1 111 my ($class, $webapp) = @_;
27              
28 48 100       245 $webapp->session->param('current_user') || $webapp->query->param('user');
29             }
30              
31             #pod =head2 authenticate_login($webapp, $user)
32             #pod
33             #pod This returns true if the username came from the session. Otherwise, it checks
34             #pod for a C query parameter and compares its md5sum against the user's
35             #pod stored password md5sum.
36             #pod
37             #pod =cut
38              
39             sub authenticate_login {
40 17     17 1 69 my ($self, $webapp, $user) = @_;
41              
42 17 100 66     82 return 1 if
43             $webapp->session->param('current_user') and
44             $webapp->session->param('current_user') eq $user;
45              
46 2         8 my $password = $webapp->query->param('password');
47              
48 2         73 return (md5_hex($password) eq $user->password);
49             }
50              
51             #pod =head2 set_current_user($webapp, $user)
52             #pod
53             #pod This method sets the current user in the session and then calls the superclass
54             #pod C.
55             #pod
56             #pod =cut
57              
58             sub set_current_user {
59 17     17 1 102 my ($self, $webapp, $user) = @_;
60              
61 17         77 $webapp->session->param(current_user => $user->username);
62 17         103 $self->SUPER::set_current_user($webapp, $user);
63             }
64              
65             1;
66              
67             __END__