File Coverage

blib/lib/Rubric/WebApp/Login/Post.pm
Criterion Covered Total %
statement 21 21 100.0
branch 4 4 100.0
condition 2 3 66.6
subroutine 7 7 100.0
pod 3 3 100.0
total 37 38 97.3


line stmt bran cond sub pod time code
1 2     2   779 use strict;
  2         4  
  2         62  
2 2     2   19 use warnings;
  2         6  
  2         105  
3             # ABSTRACT: process web login from query parameters
4              
5             use parent qw(Rubric::WebApp::Login);
6 2     2   9  
  2         10  
  2         24  
7             use Digest::MD5 qw(md5_hex);
8 2     2   101  
  2         5  
  2         402  
9             #pod =head1 DESCRIPTION
10             #pod
11             #pod This module checks the submitted query for information needed to confirm that a
12             #pod user is logged into the Rubric.
13             #pod
14             #pod =head1 METHODS
15             #pod
16             #pod =head2 get_login_username
17             #pod
18             #pod This checks for the username in a current login request. First it checks
19             #pod whether there is a C<current_user> value in this session. If not, it looks for
20             #pod a C<user> query parameter.
21             #pod
22             #pod =cut
23              
24             my ($class, $webapp) = @_;
25              
26 48     48 1 122 $webapp->session->param('current_user') || $webapp->query->param('user');
27             }
28 48 100       210  
29             #pod =head2 authenticate_login($webapp, $user)
30             #pod
31             #pod This returns true if the username came from the session. Otherwise, it checks
32             #pod for a C<password> query parameter and compares its md5sum against the user's
33             #pod stored password md5sum.
34             #pod
35             #pod =cut
36              
37             my ($self, $webapp, $user) = @_;
38              
39             return 1 if
40 17     17 1 67 $webapp->session->param('current_user') and
41             $webapp->session->param('current_user') eq $user;
42 17 100 66     96  
43             my $password = $webapp->query->param('password');
44              
45             return (md5_hex($password) eq $user->password);
46 2         13 }
47              
48 2         300 #pod =head2 set_current_user($webapp, $user)
49             #pod
50             #pod This method sets the current user in the session and then calls the superclass
51             #pod C<set_current_user>.
52             #pod
53             #pod =cut
54              
55             my ($self, $webapp, $user) = @_;
56              
57             $webapp->session->param(current_user => $user->username);
58             $self->SUPER::set_current_user($webapp, $user);
59 17     17 1 55 }
60              
61 17         86 1;
62 17         136  
63              
64             =pod
65              
66             =encoding UTF-8
67              
68             =head1 NAME
69              
70             Rubric::WebApp::Login::Post - process web login from query parameters
71              
72             =head1 VERSION
73              
74             version 0.157
75              
76             =head1 DESCRIPTION
77              
78             This module checks the submitted query for information needed to confirm that a
79             user is logged into the Rubric.
80              
81             =head1 PERL VERSION
82              
83             This code is effectively abandonware. Although releases will sometimes be made
84             to update contact info or to fix packaging flaws, bug reports will mostly be
85             ignored. Feature requests are even more likely to be ignored. (If someone
86             takes up maintenance of this code, they will presumably remove this notice.)
87             This means that whatever version of perl is currently required is unlikely to
88             change -- but also that it might change at any new maintainer's whim.
89              
90             =head1 METHODS
91              
92             =head2 get_login_username
93              
94             This checks for the username in a current login request. First it checks
95             whether there is a C<current_user> value in this session. If not, it looks for
96             a C<user> query parameter.
97              
98             =head2 authenticate_login($webapp, $user)
99              
100             This returns true if the username came from the session. Otherwise, it checks
101             for a C<password> query parameter and compares its md5sum against the user's
102             stored password md5sum.
103              
104             =head2 set_current_user($webapp, $user)
105              
106             This method sets the current user in the session and then calls the superclass
107             C<set_current_user>.
108              
109             =head1 AUTHOR
110              
111             Ricardo SIGNES <rjbs@semiotic.systems>
112              
113             =head1 COPYRIGHT AND LICENSE
114              
115             This software is copyright (c) 2004 by Ricardo SIGNES.
116              
117             This is free software; you can redistribute it and/or modify it under
118             the same terms as the Perl 5 programming language system itself.
119              
120             =cut