projects / kivitendo-erp.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Das Benutzer-Passwort nicht im Klartext in Session-Tabelle ablegen
[kivitendo-erp.git] / SL / Auth.pm
diff --git a/SL/Auth.pm b/SL/Auth.pm
index 784b185..3ff6a1c 100644 (file)
--- a/SL/Auth.pm
+++ b/SL/Auth.pm
@@ -11,6 +11,7 @@ use YAML;
 use SL::Auth::Constants qw(:all);
 use SL::Auth::DB;
 use SL::Auth::LDAP;
+use SL::Auth::Password;
 
 use SL::SessionFile;
 use SL::User;
@@ -163,6 +164,15 @@ sub authenticate {
   return $result;
 }
 
+sub store_credentials_in_session {
+  my ($self, %params) = @_;
+
+  $params{password} = SL::Auth::Password->hash_if_unhashed(login => $params{login}, password => $params{password})
+    unless $self->{authenticator}->requires_cleartext_password;
+
+  $self->set_session_value(login => $params{login}, password => $params{password});
+}
+
 sub dbconnect {
   $main::lxdebug->enter_sub(2);
 
Unnamed repository; edit this file 'description' to name the repository.