File Coverage

blib/lib/Catalyst/Plugin/Authentication/Credential/Password.pm

Criterion	Covered	Total	%
statement	35	45	77.7
branch	16	32	50.0
condition	7	22	31.8
subroutine	5	5	100.0
pod	1	1	100.0
total	64	105	60.9

line	stmt	bran	cond	sub	pod	time	code
1							package Catalyst::Plugin::Authentication::Credential::Password;
2
3	1			1		2119766	use strict;
	1					3
	1					45
4	1			1		9	use warnings;
	1					2
	1					68
5
6	1			1		603	use Catalyst::Authentication::Credential::Password ();
	1					13
	1					748
7
8							## BACKWARDS COMPATIBILITY - all subs below here are deprecated
9							## They are here for compatibility with older modules that use / inherit from C::P::A::Password
10							## login()'s existance relies rather heavily on the fact that only Credential::Password
11							## is being used as a credential. This may not be the case. This is only here
12							## for backward compatibility. It will go away in a future version
13							## login should not be used in new applications.
14
15							sub login {
16	7			7	1	192	my ( $c, $user, $password, @rest ) = @_;
17
18	7	50	0			34	unless (
			33
19							defined($user)
20							or
21							$user = $c->request->param("login")
22							\|\| $c->request->param("user")
23							\|\| $c->request->param("username")
24							) {
25	0	0				0	$c->log->debug(
26							"Can't login a user without a user object or user ID param")
27							if $c->debug;
28	0					0	return;
29							}
30
31	7	50	0			28	unless (
			33
32							defined($password)
33							or
34							$password = $c->request->param("password")
35							\|\| $c->request->param("passwd")
36							\|\| $c->request->param("pass")
37							) {
38	0	0				0	$c->log->debug("Can't login a user without a password")
39							if $c->debug;
40	0					0	return;
41							}
42
43	7	50	33			23	unless ( Scalar::Util::blessed($user)
44							and $user->isa("Catalyst::Authentication::User") )
45							{
46	7	50				31	if ( my $user_obj = $c->get_user( $user, $password, @rest ) ) {
47	7					15	$user = $user_obj;
48							}
49							else {
50	0	0				0	$c->log->debug("User '$user' doesn't exist in the default store")
51							if $c->debug;
52	0					0	return;
53							}
54							}
55
56	7	100				68	if ( $c->_check_password( $user, $password ) ) {
57	5					33	$c->set_authenticated($user);
58	5	50				103	$c->log->debug("Successfully authenticated user '$user'.")
59							if $c->debug;
60	5					52	return 1;
61							}
62							else {
63	1	50				9	$c->log->debug(
64							"Failed to authenticate user '$user'. Reason: 'Incorrect password'")
65							if $c->debug;
66	1					12	return;
67							}
68
69							}
70
71							## also deprecated. Here for compatibility with older credentials which do not inherit from C::P::A::Password
72							sub _check_password {
73	7			7		49	my ( $c, $user, $password ) = @_;
74
75	7	100				32	if ( $user->supports(qw/password clear/) ) {
		100
		100
		50
		50
76	1					16	return $user->password eq $password;
77							}
78							elsif ( $user->supports(qw/password crypted/) ) {
79	2					18	my $crypted = $user->crypted_password;
80	2					70	return $crypted eq crypt( $password, $crypted );
81							}
82							elsif ( $user->supports(qw/password hashed/) ) {
83
84	3					62	my $d = Digest->new( $user->hash_algorithm );
85	3		50			169	$d->add( $user->password_pre_salt \|\| '' );
86	3					12	$d->add($password);
87	3		50			19	$d->add( $user->password_post_salt \|\| '' );
88
89	3					19	my $stored = $user->hashed_password;
90	3					34	my $computed = $d->clone()->digest;
91	3					33	my $b64computed = $d->clone()->b64digest;
92
93	3		66			50	return ( ( $computed eq $stored )
94							\|\| ( unpack( "H*", $computed ) eq $stored )
95							\|\| ( $b64computed eq $stored)
96							\|\| ( $b64computed.'=' eq $stored) );
97							}
98							elsif ( $user->supports(qw/password salted_hash/) ) {
99	0					0	require Crypt::SaltedHash;
100
101	0	0				0	my $salt_len =
102							$user->can("password_salt_len") ? $user->password_salt_len : 0;
103
104	0					0	return Crypt::SaltedHash->validate( $user->hashed_password, $password,
105							$salt_len );
106							}
107							elsif ( $user->supports(qw/password self_check/) ) {
108
109							# while somewhat silly, this is to prevent code duplication
110	0					0	return $user->check_password($password);
111
112							}
113							else {
114	1					29	Catalyst::Exception->throw(
115							"The user object $user does not support any "
116							. "known password authentication mechanism." );
117							}
118							}
119
120							__PACKAGE__;
121
122							__END__
123
124							=pod
125
126							=head1 NAME
127
128							Catalyst::Plugin::Authentication::Credential::Password - Compatibility shim
129
130							=head1 DESCRIPTION
131
132							THIS IS A COMPATIBILITY SHIM. It allows old configurations of Catalyst
133							Authentication to work without code changes.
134
135							B<DO NOT USE IT IN ANY NEW CODE!>
136
137							Please see L<Catalyst::Authentication::Credential::Password> for more information.
138
139							=head1 METHODS
140
141							=head2 login( )
142
143							=cut