X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;f=SL%2FAuth%2FDB.pm;h=ab8788abda9cf7c4f8b255cd8e49bfb68ecb148e;hb=e0ad5757c7f9551f808b55c114ff8892f09689f4;hp=e70112be1d3e557236ca6a7e5a8359014ce5100c;hpb=58fdd50dbb6b909d48b2846f36857b2bd2219441;p=kivitendo-erp.git diff --git a/SL/Auth/DB.pm b/SL/Auth/DB.pm index e70112be1..ab8788abd 100644 --- a/SL/Auth/DB.pm +++ b/SL/Auth/DB.pm @@ -25,6 +25,10 @@ sub new { return $self; } +sub reset { + # nothing to do here +} + sub authenticate { $main::lxdebug->enter_sub(); @@ -32,15 +36,7 @@ sub authenticate { my $login = shift; my $password = shift; - my $dbh = $self->{auth}->dbconnect(); - - if (!$dbh) { - $main::lxdebug->leave_sub(); - return ERR_BACKEND; - } - - my $query = qq|SELECT password FROM auth."user" WHERE login = ?|; - my ($stored_password) = $dbh->selectrow_array($query, undef, $login); + my $stored_password = $self->{auth}->get_stored_password($login); my ($algorithm, $algorithm2); @@ -48,7 +44,7 @@ sub authenticate { # passwords. Hash it for easier comparison. $stored_password = SL::Auth::Password->hash(password => $stored_password) unless $stored_password; ($algorithm, $stored_password) = SL::Auth::Password->parse($stored_password); - ($algorithm2, $password) = SL::Auth::Password->parse(SL::Auth::Password->hash(password => $password, algorithm => $algorithm, login => $login)); + ($algorithm2, $password) = SL::Auth::Password->parse(SL::Auth::Password->hash_if_unhashed(password => $password, algorithm => $algorithm, login => $login)); $main::lxdebug->leave_sub(); @@ -59,6 +55,10 @@ sub can_change_password { return 1; } +sub requires_cleartext_password { + return 0; +} + sub change_password { $main::lxdebug->enter_sub(); @@ -74,7 +74,7 @@ sub change_password { return ERR_BACKEND; } - $password = SL::Auth::Password->hash(password => $password) unless $is_crypted; + $password = SL::Auth::Password->hash(login => $login, password => $password) unless $is_crypted; do_query($main::form, $dbh, qq|UPDATE auth."user" SET password = ? WHERE login = ?|, $password, $login);