[Bps-public-commit] rt-authen-token branch, master, updated. da524e2538d209af1ce6f954029d13980f0a1cbd

Shawn Moore shawn at bestpractical.com
Fri Jul 7 11:39:16 EDT 2017 

The branch, master has been updated
       via  da524e2538d209af1ce6f954029d13980f0a1cbd (commit)
      from  3354110637f991ce4c8f7a1173ffb5595c65841a (commit)

Summary of changes:
 html/Callbacks/RT-Authen-Token/autohandler/Session | 58 +++++++---------------
 lib/RT/Authen/Token.pm                             | 30 +++++++++++
 2 files changed, 49 insertions(+), 39 deletions(-)

- Log -----------------------------------------------------------------
commit da524e2538d209af1ce6f954029d13980f0a1cbd
Author: Shawn M Moore <shawn at bestpractical.com>
Date:   Fri Jul 7 14:32:29 2017 +0000

    Factor out a UserForAuthString

diff --git a/html/Callbacks/RT-Authen-Token/autohandler/Session b/html/Callbacks/RT-Authen-Token/autohandler/Session
index 6fcc965..38c3ca3 100644
--- a/html/Callbacks/RT-Authen-Token/autohandler/Session
+++ b/html/Callbacks/RT-Authen-Token/autohandler/Session
@@ -6,48 +6,28 @@ $pass => ''
 return if RT::Interface::Web::_UserLoggedIn();
 return unless defined $pass;
 
-my ($user_id, $cleartext_token) = RT::AuthToken->ParseAuthString($pass);
-return unless $user_id;
+my ($user_obj, $token) = RT::Authen::Token->UserForAuthString($pass, $user);
+return unless $user_obj;
 
-my $user_obj = RT::CurrentUser->new;
-$user_obj->Load($user_id);
-return if !$user_obj->Id || $user_obj->Disabled;
+# log in
+my $remote_addr = RT::Interface::Web::RequestENV('REMOTE_ADDR');
+$RT::Logger->info("Successful login for @{[$user_obj->Name]} from $remote_addr using authentication token #@{[$token->Id]} (\"@{[$token->Description]}\")");
 
-if (length $user) {
-    my $check_user = RT::CurrentUser->new;
-    $check_user->Load($user);
-    return unless $check_user->Id && $user_obj->Id == $check_user->Id;
-}
-
-my $tokens = RT::AuthTokens->new(RT->SystemUser);
-$tokens->LimitOwner(VALUE => $user_id);
-while (my $token = $tokens->Next) {
-    if ($token->IsToken($cleartext_token)) {
-        $token->UpdateLastUsed;
-
-        # log in
-        my $remote_addr = RT::Interface::Web::RequestENV('REMOTE_ADDR');
-        $RT::Logger->info("Successful login for @{[$user_obj->Name]} from $remote_addr using authentication token #@{[$token->Id]} (\"@{[$token->Description]}\")");
+# It's important to nab the next page from the session before we blow
+# the session away
+my $next = RT::Interface::Web::RemoveNextPage($ARGS{'next'});
+   $next = $next->{'url'} if ref $next;
 
-        # It's important to nab the next page from the session before we blow
-        # the session away
-        my $next = RT::Interface::Web::RemoveNextPage($ARGS{'next'});
-           $next = $next->{'url'} if ref $next;
+RT::Interface::Web::InstantiateNewSession();
+$session{'CurrentUser'} = $user_obj;
 
-        RT::Interface::Web::InstantiateNewSession();
-        $session{'CurrentUser'} = $user_obj;
-
-        # Really the only time we don't want to redirect here is if we were
-        # passed user and pass as query params in the URL.
-        if ($next) {
-            RT::Interface::Web::Redirect($next);
-        }
-        elsif ($ARGS{'next'}) {
-            # Invalid hash, but still wants to go somewhere, take them to /
-            RT::Interface::Web::Redirect(RT->Config->Get('WebURL'));
-        }
-
-        return;
-    }
+# Really the only time we don't want to redirect here is if we were
+# passed user and pass as query params in the URL.
+if ($next) {
+    RT::Interface::Web::Redirect($next);
+}
+elsif ($ARGS{'next'}) {
+    # Invalid hash, but still wants to go somewhere, take them to /
+    RT::Interface::Web::Redirect(RT->Config->Get('WebURL'));
 }
 </%INIT>
diff --git a/lib/RT/Authen/Token.pm b/lib/RT/Authen/Token.pm
index 137c5a6..94730d7 100644
--- a/lib/RT/Authen/Token.pm
+++ b/lib/RT/Authen/Token.pm
@@ -12,6 +12,36 @@ use RT::AuthTokens;
 RT->AddStyleSheets("rt-authen-token.css");
 RT->AddJavaScript("rt-authen-token.js");
 
+sub UserForAuthString {
+    my $self = shift;
+    my $authstring = shift;
+    my $user = shift;
+
+    my ($user_id, $cleartext_token) = RT::AuthToken->ParseAuthString($authstring);
+    return unless $user_id;
+
+    my $user_obj = RT::CurrentUser->new;
+    $user_obj->Load($user_id);
+    return if !$user_obj->Id || $user_obj->Disabled;
+
+    if (length $user) {
+        my $check_user = RT::CurrentUser->new;
+        $check_user->Load($user);
+        return unless $check_user->Id && $user_obj->Id == $check_user->Id;
+    }
+
+    my $tokens = RT::AuthTokens->new(RT->SystemUser);
+    $tokens->LimitOwner(VALUE => $user_id);
+    while (my $token = $tokens->Next) {
+        if ($token->IsToken($cleartext_token)) {
+            $token->UpdateLastUsed;
+            return ($user_obj, $token);
+        }
+    }
+
+    return;
+}
+
 =head1 NAME
 
 RT-Authen-Token - token-based authentication

-----------------------------------------------------------------------

More information about the Bps-public-commit mailing list