File Coverage

blib/lib/Rubric/WebApp/Login.pm

Criterion	Covered	Total	%
statement	21	24	87.5
branch	6	10	60.0
condition	1	3	33.3
subroutine	7	10	70.0
pod	8	8	100.0
total	43	55	78.1

line	stmt	bran	cond	sub	pod	time	code
1	2			2		1305	use strict;
	2					3
	2					43
2	2			2		17	use warnings;
	2					3
	2					914
3							# ABSTRACT: web login processing
4
5							#pod =head1 DESCRIPTION
6							#pod
7							#pod This module checks for information needed to confirm that a user is logged into
8							#pod the Rubric.
9							#pod
10							#pod =head1 METHODS
11							#pod
12							#pod =head2 Rubric::WebApp::Login->check_for_login($webapp)
13							#pod
14							#pod This method is called by the WebApp's C<cgiapp_init>, and checks for a login
15							#pod attempt in the submitted request.
16							#pod
17							#pod It looks for a login username by calling C<get_login_username>, then converts
18							#pod the login name to a Rubric name by calling C<map_username> and returns
19							#pod immediately if the name can't be shown valid by calling C<valid_username>.
20							#pod
21							#pod It retrieves the User object by calling C<get_login_user> or, if needed,
22							#pod C<autocreate_user>, and returns if it can't get a User object. It tries to
23							#pod authenticate by calling C<authenticate_login>. If the user is authorized but
24							#pod isn't verified, he won't be logged in and the C<user_pending> parameter will be
25							#pod set on the Rubric::WebApp object. Otherwise, he will be logged in with
26							#pod C<set_current_user>.
27							#pod
28							#pod Most of the methods above are virtual methods in this class, and should be
29							#pod implemented in subclasses. The bundled L<Rubric::WebApp::Login::Post> (the
30							#pod default) and L<Rubric::WebApp::Login::HTTP> serve as examples.
31							#pod
32							#pod =cut
33
34							my ($self, $webapp) = @_;
35
36	48			48	1	204	return unless my $username = $self->get_login_username($webapp);
37
38	48	100				248	$username = $self->map_username($username);
39							return unless $self->valid_username($username);
40	17					154	return unless my $user =
41	17	50				75	$self->get_login_user($username) \|\| $self->autocreate_user($username);
42	17	50	33			80	return unless $self->authenticate_login($webapp, $user);
43							if ($user->verification_code) {
44	17	50				24172	$webapp->param('user_pending', 1);
45	17	50				5725	} else {
46	0					0	$self->set_current_user($webapp, $user);
47							}
48	17					21851	}
49
50							#pod =head2 get_login_username($webapp)
51							#pod
52							#pod This method returns the login username taken from the request. It is not
53							#pod necessarily the name of a Rubric user (see C<map_username>).
54							#pod
55							#pod This must be implemented by the login subclass.
56							#pod
57							#pod =cut
58
59
60							#pod =head2 map_username($username)
61	0			0	1	0	#pod
62							#pod This method returns the Rubric username to which the login name maps. By
63							#pod default, it returns the C<$username> verbatim.
64							#pod
65							#pod =cut
66
67
68							#pod =head2 valid_username($username)
69							#pod
70	17			17	1	45	#pod Returns a true or false value, depending on whether the given username string
71							#pod is a valid username.
72							#pod
73							#pod =cut
74
75							my ($self, $username) = @_;
76							$username =~ /^[\pL\d_]+$/;
77							}
78
79							#pod =head2 get_login_user($username)
80	17			17	1	54	#pod
81	17					125	#pod Given a username, this method returns the Rubric::User object for the user.
82							#pod
83							#pod =cut
84
85							my ($self, $username) = @_;
86							Rubric::User->retrieve($username);
87							}
88
89							#pod =head2 autocreate_user($username)
90							#pod
91	17			17	1	59	#pod If C<get_login_user> can't find a user, this method is called to try to create
92	17					164	#pod the user automatically. By default, it always returns nothing. It may be
93							#pod subclassed for implementation. (For example, one could create domain users
94							#pod from a directory.)
95							#pod
96							#pod =cut
97
98
99							#pod =head2 authenticate_login($webapp, $user)
100							#pod
101							#pod This method attempts to authenticate the user's login, checking the given
102							#pod password or performing any other needed check. It returns true or false.
103							#pod
104				0	1		#pod This must be implemented by the login subclass.
105							#pod
106							#pod =cut
107
108
109							#pod =head2 set_current_user($webapp, $user)
110							#pod
111							#pod This method sets the current user on the WebApp by setting the WebApp's
112							#pod "current_user" attribute to the Rubric::User object.
113							#pod
114							#pod =cut
115	0			0	1	0
116							my ($self, $webapp, $user) = @_;
117
118							$webapp->param(current_user => $user);
119							}
120
121							1;
122
123
124							=pod
125	17			17	1	52
126							=encoding UTF-8
127	17					98
128							=head1 NAME
129
130							Rubric::WebApp::Login - web login processing
131
132							=head1 VERSION
133
134							version 0.157
135
136							=head1 DESCRIPTION
137
138							This module checks for information needed to confirm that a user is logged into
139							the Rubric.
140
141							=head1 PERL VERSION
142
143							This code is effectively abandonware. Although releases will sometimes be made
144							to update contact info or to fix packaging flaws, bug reports will mostly be
145							ignored. Feature requests are even more likely to be ignored. (If someone
146							takes up maintenance of this code, they will presumably remove this notice.)
147							This means that whatever version of perl is currently required is unlikely to
148							change -- but also that it might change at any new maintainer's whim.
149
150							=head1 METHODS
151
152							=head2 Rubric::WebApp::Login->check_for_login($webapp)
153
154							This method is called by the WebApp's C<cgiapp_init>, and checks for a login
155							attempt in the submitted request.
156
157							It looks for a login username by calling C<get_login_username>, then converts
158							the login name to a Rubric name by calling C<map_username> and returns
159							immediately if the name can't be shown valid by calling C<valid_username>.
160
161							It retrieves the User object by calling C<get_login_user> or, if needed,
162							C<autocreate_user>, and returns if it can't get a User object. It tries to
163							authenticate by calling C<authenticate_login>. If the user is authorized but
164							isn't verified, he won't be logged in and the C<user_pending> parameter will be
165							set on the Rubric::WebApp object. Otherwise, he will be logged in with
166							C<set_current_user>.
167
168							Most of the methods above are virtual methods in this class, and should be
169							implemented in subclasses. The bundled L<Rubric::WebApp::Login::Post> (the
170							default) and L<Rubric::WebApp::Login::HTTP> serve as examples.
171
172							=head2 get_login_username($webapp)
173
174							This method returns the login username taken from the request. It is not
175							necessarily the name of a Rubric user (see C<map_username>).
176
177							This must be implemented by the login subclass.
178
179							=head2 map_username($username)
180
181							This method returns the Rubric username to which the login name maps. By
182							default, it returns the C<$username> verbatim.
183
184							=head2 valid_username($username)
185
186							Returns a true or false value, depending on whether the given username string
187							is a valid username.
188
189							=head2 get_login_user($username)
190
191							Given a username, this method returns the Rubric::User object for the user.
192
193							=head2 autocreate_user($username)
194
195							If C<get_login_user> can't find a user, this method is called to try to create
196							the user automatically. By default, it always returns nothing. It may be
197							subclassed for implementation. (For example, one could create domain users
198							from a directory.)
199
200							=head2 authenticate_login($webapp, $user)
201
202							This method attempts to authenticate the user's login, checking the given
203							password or performing any other needed check. It returns true or false.
204
205							This must be implemented by the login subclass.
206
207							=head2 set_current_user($webapp, $user)
208
209							This method sets the current user on the WebApp by setting the WebApp's
210							"current_user" attribute to the Rubric::User object.
211
212							=head1 AUTHOR
213
214							Ricardo SIGNES <rjbs@semiotic.systems>
215
216							=head1 COPYRIGHT AND LICENSE
217
218							This software is copyright (c) 2004 by Ricardo SIGNES.
219
220							This is free software; you can redistribute it and/or modify it under
221							the same terms as the Perl 5 programming language system itself.
222
223							=cut