package SL::Auth::DB;
+use strict;
+
+use Carp;
+use Scalar::Util qw(weaken);
+
use SL::Auth::Constants qw(:all);
+use SL::Auth::Password;
use SL::DBUtils;
-use strict;
-
sub new {
$main::lxdebug->enter_sub();
my $self = {};
$self->{auth} = shift;
+ weaken $self->{auth};
bless $self, $type;
my $self = shift;
my $login = shift;
my $password = shift;
- my $is_crypted = shift;
my $dbh = $self->{auth}->dbconnect();
my $query = qq|SELECT password FROM auth."user" WHERE login = ?|;
my ($stored_password) = $dbh->selectrow_array($query, undef, $login);
- $password = crypt $password, substr($login, 0, 2) if (!$password || !$is_crypted);
- $stored_password = crypt $stored_password, substr($login, 0, 2) if (!$stored_password);
+ my ($algorithm, $algorithm2);
+
+ # Empty password hashes in the database mean just that -- empty
+ # passwords. Hash it for easier comparison.
+ $stored_password = SL::Auth::Password->hash(password => $stored_password) unless $stored_password;
+ ($algorithm, $stored_password) = SL::Auth::Password->parse($stored_password);
+ ($algorithm2, $password) = SL::Auth::Password->parse(SL::Auth::Password->hash_if_unhashed(password => $password, algorithm => $algorithm, login => $login));
$main::lxdebug->leave_sub();
return 1;
}
+sub requires_cleartext_password {
+ return 0;
+}
+
sub change_password {
$main::lxdebug->enter_sub();
return ERR_BACKEND;
}
- $password = crypt $password, substr($login, 0, 2) if (!$is_crypted);
+ $password = SL::Auth::Password->hash(password => $password) unless $is_crypted;
do_query($main::form, $dbh, qq|UPDATE auth."user" SET password = ? WHERE login = ?|, $password, $login);
projects / kivitendo-erp.git / blobdiff