Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- package Imos::AuthCookieHandler;
- use strict;
- use diagnostics;
- use Apache2::Const qw(:common HTTP_FORBIDDEN);
- use Apache2::AuthCookie;
- use Apache2::RequestRec;
- use Apache2::RequestIO;
- use vars qw($VERSION @ISA);
- # MD5 hashing and DBI
- use Digest::SHA qw(sha1 sha1_hex);
- use DBI;
- $VERSION = substr(q$Revision: 220 $, 10);
- @ISA = qw(Apache2::AuthCookie);
- sub authen_cred ($$\@) {
- my $self = shift;
- my $r = shift;
- my @creds = @_;
- my $dbh = DBI->connect("dbi:SQLite:dbname=" . $r->dir_config->get('DatabasePath'), "", "");
- unless ($dbh) {
- $r->server->log_error("Database connection failed: " . $DBI::errstr);
- $r->print("Es ist ein unerwarteter Fehler aufgetreten");
- die;
- }
- my $q = "SELECT user_id, login FROM users WHERE login = ? AND password = ?";
- my $sth = $dbh->prepare($q);
- unless ($sth) {
- $r->server->log_error("Preparing failed for query=(" . $q . "): " . $DBI::errstr);
- $r->print("Es ist ein unerwarteter Fehler aufgetreten");
- die;
- }
- # Generate password hash
- my $sha = Digest::SHA->new;
- $sha->add($creds[1]);
- $sth->execute($creds[0], $sha->hexdigest);
- my $rd = $sth->fetchrow_hashref;
- # Found database entry?
- return unless $rd;
- # We got a entry
- my $hash = generate_hash;
- my $cookie = $rd->{'user_id'} . ":" . join(":", $rd);
- my $q = "INSERT INTO tickets (user_id, hash) VALUES (?, ?)";
- return $cookie;
- }
- sub authen_ses_key ($$$) {
- my ($self, $r, $cookie) = @_;
- my @parts = split(/:/, $cookie);
- $r->server->log_error(@parts);
- $r->server->log_error("user=" . $parts[1] . " cookie=$cookie");
- if ($parts[0] eq 1) {
- return $parts[0];
- } else {
- return;
- }
- }
- sub generate_hash {
- my @a = ("a".."z", "A".."Z", 0..9);
- join "", map {@a[rand @a]} 1..8;
- }
- 1;
Add Comment
Please, Sign In to add comment