[Bps-public-commit] rt-authen-token branch, master, updated. da524e2538d209af1ce6f954029d13980f0a1cbd
Shawn Moore
shawn at bestpractical.com
Fri Jul 7 11:39:16 EDT 2017
The branch, master has been updated
via da524e2538d209af1ce6f954029d13980f0a1cbd (commit)
from 3354110637f991ce4c8f7a1173ffb5595c65841a (commit)
Summary of changes:
html/Callbacks/RT-Authen-Token/autohandler/Session | 58 +++++++---------------
lib/RT/Authen/Token.pm | 30 +++++++++++
2 files changed, 49 insertions(+), 39 deletions(-)
- Log -----------------------------------------------------------------
commit da524e2538d209af1ce6f954029d13980f0a1cbd
Author: Shawn M Moore <shawn at bestpractical.com>
Date: Fri Jul 7 14:32:29 2017 +0000
Factor out a UserForAuthString
diff --git a/html/Callbacks/RT-Authen-Token/autohandler/Session b/html/Callbacks/RT-Authen-Token/autohandler/Session
index 6fcc965..38c3ca3 100644
--- a/html/Callbacks/RT-Authen-Token/autohandler/Session
+++ b/html/Callbacks/RT-Authen-Token/autohandler/Session
@@ -6,48 +6,28 @@ $pass => ''
return if RT::Interface::Web::_UserLoggedIn();
return unless defined $pass;
-my ($user_id, $cleartext_token) = RT::AuthToken->ParseAuthString($pass);
-return unless $user_id;
+my ($user_obj, $token) = RT::Authen::Token->UserForAuthString($pass, $user);
+return unless $user_obj;
-my $user_obj = RT::CurrentUser->new;
-$user_obj->Load($user_id);
-return if !$user_obj->Id || $user_obj->Disabled;
+# log in
+my $remote_addr = RT::Interface::Web::RequestENV('REMOTE_ADDR');
+$RT::Logger->info("Successful login for @{[$user_obj->Name]} from $remote_addr using authentication token #@{[$token->Id]} (\"@{[$token->Description]}\")");
-if (length $user) {
- my $check_user = RT::CurrentUser->new;
- $check_user->Load($user);
- return unless $check_user->Id && $user_obj->Id == $check_user->Id;
-}
-
-my $tokens = RT::AuthTokens->new(RT->SystemUser);
-$tokens->LimitOwner(VALUE => $user_id);
-while (my $token = $tokens->Next) {
- if ($token->IsToken($cleartext_token)) {
- $token->UpdateLastUsed;
-
- # log in
- my $remote_addr = RT::Interface::Web::RequestENV('REMOTE_ADDR');
- $RT::Logger->info("Successful login for @{[$user_obj->Name]} from $remote_addr using authentication token #@{[$token->Id]} (\"@{[$token->Description]}\")");
+# It's important to nab the next page from the session before we blow
+# the session away
+my $next = RT::Interface::Web::RemoveNextPage($ARGS{'next'});
+ $next = $next->{'url'} if ref $next;
- # It's important to nab the next page from the session before we blow
- # the session away
- my $next = RT::Interface::Web::RemoveNextPage($ARGS{'next'});
- $next = $next->{'url'} if ref $next;
+RT::Interface::Web::InstantiateNewSession();
+$session{'CurrentUser'} = $user_obj;
- RT::Interface::Web::InstantiateNewSession();
- $session{'CurrentUser'} = $user_obj;
-
- # Really the only time we don't want to redirect here is if we were
- # passed user and pass as query params in the URL.
- if ($next) {
- RT::Interface::Web::Redirect($next);
- }
- elsif ($ARGS{'next'}) {
- # Invalid hash, but still wants to go somewhere, take them to /
- RT::Interface::Web::Redirect(RT->Config->Get('WebURL'));
- }
-
- return;
- }
+# Really the only time we don't want to redirect here is if we were
+# passed user and pass as query params in the URL.
+if ($next) {
+ RT::Interface::Web::Redirect($next);
+}
+elsif ($ARGS{'next'}) {
+ # Invalid hash, but still wants to go somewhere, take them to /
+ RT::Interface::Web::Redirect(RT->Config->Get('WebURL'));
}
</%INIT>
diff --git a/lib/RT/Authen/Token.pm b/lib/RT/Authen/Token.pm
index 137c5a6..94730d7 100644
--- a/lib/RT/Authen/Token.pm
+++ b/lib/RT/Authen/Token.pm
@@ -12,6 +12,36 @@ use RT::AuthTokens;
RT->AddStyleSheets("rt-authen-token.css");
RT->AddJavaScript("rt-authen-token.js");
+sub UserForAuthString {
+ my $self = shift;
+ my $authstring = shift;
+ my $user = shift;
+
+ my ($user_id, $cleartext_token) = RT::AuthToken->ParseAuthString($authstring);
+ return unless $user_id;
+
+ my $user_obj = RT::CurrentUser->new;
+ $user_obj->Load($user_id);
+ return if !$user_obj->Id || $user_obj->Disabled;
+
+ if (length $user) {
+ my $check_user = RT::CurrentUser->new;
+ $check_user->Load($user);
+ return unless $check_user->Id && $user_obj->Id == $check_user->Id;
+ }
+
+ my $tokens = RT::AuthTokens->new(RT->SystemUser);
+ $tokens->LimitOwner(VALUE => $user_id);
+ while (my $token = $tokens->Next) {
+ if ($token->IsToken($cleartext_token)) {
+ $token->UpdateLastUsed;
+ return ($user_obj, $token);
+ }
+ }
+
+ return;
+}
+
=head1 NAME
RT-Authen-Token - token-based authentication
-----------------------------------------------------------------------
More information about the Bps-public-commit
mailing list