[Rt-commit] r14198 - in rt/branches/3.999-DANGEROUS: lib/RT/Model

sunnavy at bestpractical.com sunnavy at bestpractical.com
Thu Jul 17 02:25:02 EDT 2008


Author: sunnavy
Date: Thu Jul 17 02:25:01 2008
New Revision: 14198

Modified:
   rt/branches/3.999-DANGEROUS/   (props changed)
   rt/branches/3.999-DANGEROUS/lib/RT/Model/User.pm

Log:
 r14602 at sunnavys-mb:  sunnavy | 2008-07-17 14:19:44 +0800
 added generate_auth_token, generate_auth_string, validate_auth_string to Model/User.pm


Modified: rt/branches/3.999-DANGEROUS/lib/RT/Model/User.pm
==============================================================================
--- rt/branches/3.999-DANGEROUS/lib/RT/Model/User.pm	(original)
+++ rt/branches/3.999-DANGEROUS/lib/RT/Model/User.pm	Thu Jul 17 02:25:01 2008
@@ -743,6 +743,52 @@
     return 1;
 }
 
+=head3 generate_auth_token
+
+Generate a random authentication string for the user.
+
+=cut
+
+sub generate_auth_token {
+    my $self = shift;
+    my $token = substr(Digest::MD5::md5_hex(time . {} . rand()),0,16);
+    return $self->set_attribute( name => "AuthToken", content => $token );
+}
+
+=head3 generate_auth_string
+
+Takes a string and returns back a hex hash string. Later you can use
+this pair to make sure it's generated by this user using L</ValidateAuthString>
+
+=cut
+
+sub generate_auth_string {
+    my $self = shift;
+    my $protect = shift;
+
+    my $str = $self->auth_token . $protect;
+    utf8::encode($str);
+
+    return substr(Digest::MD5::md5_hex($str),0,16);
+}
+
+=head3 validate_auth_string
+
+Takes auth string and protected string. Returns true is protected string
+has been protected by user's L</AuthToken>. See also L</GenerateAuthString>.
+
+=cut
+
+sub validate_auth_string {
+    my $self = shift;
+    my $auth_string = shift;
+    my $protected = shift;
+
+    my $str = $self->auth_token . $protected;
+    utf8::encode( $str );
+
+    return $auth_string eq substr(Digest::MD5::md5_hex($str),0,16);
+}
 
 =head2 sub set_disabled
 


More information about the Rt-commit mailing list