hyung-hwan/codepot
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

added authenticate_database to AccessHandler.pm

Browse Source
This commit is contained in:
hyung-hwan 2014-05-17 07:04:12 +00:00
parent 28cc187495
commit 0e3b90e4b5
3 changed files with 47 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
codepot/codepot.spec.in
View File

@ -9,7 +9,7 @@ License: GPL
Group: Applications/Utilities Group: Applications/Utilities
Source0: %{name}-%{version}.tar.gz Source0: %{name}-%{version}.tar.gz
Requires: httpd php php-ldap php-mysql subversion mod_dav_svn mod_perl perl-LDAP perl-Config-Simple perl-URI perl-DBI Requires: httpd php php-ldap php-mysql subversion mod_dav_svn mod_perl perl-LDAP perl-Config-Simple perl-URI perl-DBI perl-Digest-SHA1
#BuildRequires: #BuildRequires:
BuildRoot: %{_tmppath}/%{name}-%{version}-root BuildRoot: %{_tmppath}/%{name}-%{version}-root

2
codepot/etc/codepot.ini.in
View File

@ -94,7 +94,7 @@ svn_base_url = "${REQUEST_PROTOCOL}://${SERVER_NAME}:${SERVER_PORT}/svn"
; Login model to use. ; Login model to use.
;------------------------------------------------------------------------------ ;------------------------------------------------------------------------------
login_model = "LdapLoginModel" login_model = "LdapLoginModel"
#login_model = "DbLoginModel" #login_model = "DatabaseLoginModel"
;------------------------------------------------------------------------------ ;------------------------------------------------------------------------------
; Comma separated list of system administrator IDs ; Comma separated list of system administrator IDs

62
codepot/etc/perl/Codepot/AccessHandler.pm
View File

@ -39,6 +39,7 @@ use Config::Simple;
use Net::LDAP; use Net::LDAP;
use URI; use URI;
use DBI; use DBI;
use Digest::SHA1 qw (sha1_hex);
use Apache2::Const -compile => qw(OK DECLINED FORBIDDEN HTTP_UNAUTHORIZED HTTP_INTERNAL_SERVER_ERROR PROXYREQ_PROXY); use Apache2::Const -compile => qw(OK DECLINED FORBIDDEN HTTP_UNAUTHORIZED HTTP_INTERNAL_SERVER_ERROR PROXYREQ_PROXY);
@ -52,22 +53,24 @@ sub get_config
} }
my $config = { my $config = {
ldap_server_uri => $cfg->param ("ldap_server_uri"), login_model => $cfg->param ('login_model'),
ldap_server_protocol_version => $cfg->param ("ldap_server_protocol_version"),
ldap_auth_mode => $cfg->param ("ldap_auth_mode"), ldap_server_uri => $cfg->param ('ldap_server_uri'),
ldap_userid_format => $cfg->param ("ldap_userid_format"), ldap_server_protocol_version => $cfg->param ('ldap_server_protocol_version'),
ldap_password_format => $cfg->param ("ldap_password_format"), ldap_auth_mode => $cfg->param ('ldap_auth_mode'),
ldap_userid_admin_binddn => $cfg->param ("ldap_admin_binddn"), ldap_userid_format => $cfg->param ('ldap_userid_format'),
ldap_userid_admin_password => $cfg->param ("ldap_admin_password"), ldap_password_format => $cfg->param ('ldap_password_format'),
ldap_userid_search_base => $cfg->param ("ldap_userid_search_base"), ldap_userid_admin_binddn => $cfg->param ('ldap_admin_binddn'),
ldap_userid_search_fitler => $cfg->param ("ldap_userid_search_filter"), ldap_userid_admin_password => $cfg->param ('ldap_admin_password'),
ldap_userid_search_base => $cfg->param ('ldap_userid_search_base'),
ldap_userid_search_fitler => $cfg->param ('ldap_userid_search_filter'),
database_hostname => $cfg->param ("database_hostname"), database_hostname => $cfg->param ('database_hostname'),
database_username => $cfg->param ("database_username"), database_username => $cfg->param ('database_username'),
database_password => $cfg->param ("database_password"), database_password => $cfg->param ('database_password'),
database_name => $cfg->param ("database_name"), database_name => $cfg->param ('database_name'),
database_driver => $cfg->param ("database_driver"), database_driver => $cfg->param ('database_driver'),
database_prefix => $cfg->param ("database_prefix") database_prefix => $cfg->param ('database_prefix')
}; };
return $config; return $config;
@ -85,7 +88,7 @@ sub format_string
return $out; return $out;
} }
sub authenticate sub authenticate_ldap
{ {
my ($cfg, $userid, $password) = @_; my ($cfg, $userid, $password) = @_;
my $binddn; my $binddn;
@ -125,6 +128,21 @@ sub authenticate
return ($res->code == 0)? 1: 0; return ($res->code == 0)? 1: 0;
} }
sub authenticate_database
{
my ($dbh, $prefix, $userid, $password) = @_;
my $query = $dbh->prepare ("SELECT userid FROM ${prefix}account WHERE userid=? AND password=?");
if (!$query || !$query->execute ($userid, sha1_hex($password)))
{
return (-1, $dbh->errstr());
}
my @row = $query->fetchrow_array;
$query->finish ();
return (((scalar(@row) > 0)? 1: 0), undef);
}
sub open_database sub open_database
{ {
my ($cfg) = @_; my ($cfg) = @_;
@ -160,6 +178,7 @@ sub is_project_member
} }
my @row = $query->fetchrow_array; my @row = $query->fetchrow_array;
$query->finish ();
return (((scalar(@row) > 0)? 1: 0), undef); return (((scalar(@row) > 0)? 1: 0), undef);
} }
@ -174,6 +193,7 @@ sub is_project_public
} }
my @row = $query->fetchrow_array; my @row = $query->fetchrow_array;
$query->finish ();
return (((scalar(@row) > 0 && $row[0] eq 'Y')? 1: 0), undef); return (((scalar(@row) > 0 && $row[0] eq 'Y')? 1: 0), undef);
} }
@ -230,7 +250,15 @@ sub __handler
} }
} }
my $auth = authenticate ($cfg, $userid, $password); my $auth = -3;
if ($cfg->{login_model} eq 'LdapLoginModel')
{
$auth = authenticate_ldap ($cfg, $userid, $password);
}
elsif ($cfg->{login_model} eq 'DatabaseLoginModel')
{
$auth = authenticate_database ($dbh, $cfg->{database_prefix}, $userid, $password);
}
if ($auth <= -1) if ($auth <= -1)
{ {
# failed to contact the authentication server # failed to contact the authentication server