[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

SF.net SVN: ledger-smb: [1714] trunk



Revision: 1714
          http://ledger-smb.svn.sourceforge.net/ledger-smb/?rev=1714&view=rev
Author:   einhverfr
Date:     2007-10-06 23:57:40 -0700 (Sat, 06 Oct 2007)

Log Message:
-----------
Authetication now works as far as the root document

Modified Paths:
--------------
    trunk/LedgerSMB/Session/DB.pm
    trunk/LedgerSMB/User.pm
    trunk/LedgerSMB.pm
    trunk/scripts/login.pl

Modified: trunk/LedgerSMB/Session/DB.pm
===================================================================
--- trunk/LedgerSMB/Session/DB.pm	2007-10-07 06:07:42 UTC (rev 1713)
+++ trunk/LedgerSMB/Session/DB.pm	2007-10-07 06:57:40 UTC (rev 1714)
@@ -135,24 +135,22 @@
 
 sub session_create {
     my ($lsmb) = @_;
-    my $lsmb;
 
     use Time::HiRes qw(gettimeofday);
+    my $dbh = $lsmb->{dbh};
+    my $login = $lsmb->{login};
 
     #microseconds are more than random enough for transaction_id
     my ( $ignore, $newTransactionID ) = gettimeofday();
     $newTransactionID = int $newTransactionID;
 
 
-    if ( !$ENV{HTTP_HOST} ) {
+    if ( !$ENV{GATEWAY_INTERFACE} ) {
 
         #don't create cookies or sessions for CLI use
         return 1;
     }
 
-    # use the central database handle
-    my $dbh = $lsmb->{dbh};
-
     # TODO Change this to use %myconfig
     my $deleteExisting = $dbh->prepare(
         "DELETE 
@@ -160,7 +158,6 @@
           WHERE session.users_id = (select id from users where username = ?) 
                 AND age(last_used) > ?::interval"
     );
-
     my $seedRandom = $dbh->prepare("SELECT setseed(?);");
 
     my $fetchSequence =
@@ -181,14 +178,12 @@
 
     my $auth = $ENV{HTTP_AUTHORIZATION};
     $auth =~ s/^Basic //i;
-    my ($login, undef) = split(/:/, MIME::Base64::decode($auth));
-    $login =~ s/[^a-zA-Z0-9._+\@'-]//g;
 
     #delete any existing stale sessions with this login if they exist
-    if ( $lsmb->{timeout} ) {
+    if ( !$lsmb->{timeout} ) {
         $lsmb->{timeout} = 86400;
     }
-
+    print STDERR "Breakpoint\n";
     $deleteExisting->execute( $login, "$lsmb->{timeout} seconds" )
       || $lsmb->dberror(
         __FILE__ . ':' . __LINE__ . ': Delete from session: ' );
@@ -218,7 +213,7 @@
 
     my $newCookieValue = $newSessionID . ':' . $newTransactionID . ':' 
 	. $lsmb->{company};
-
+    print STDERR "Breakpoint\n";
     #now set the cookie in the browser
     #TODO set domain from ENV, also set path to install path
     print qq|Set-Cookie: LedgerSMB=$newCookieValue; path=/;\n|;

Modified: trunk/LedgerSMB/User.pm
===================================================================
--- trunk/LedgerSMB/User.pm	2007-10-07 06:07:42 UTC (rev 1713)
+++ trunk/LedgerSMB/User.pm	2007-10-07 06:57:40 UTC (rev 1714)
@@ -190,44 +190,7 @@
 #           AND u.id = uc.id;"
 #    );
 
-    my $fetchUserSettings = $dbh->prepare("
-        SELECT 
-            u.username, 
-            uc.dbname, 
-            uc.port, 
-            uc.host
-            
-        FROM users u 
-        JOIN user_connection uc ON uc.user_id = u.id
-        WHERE u.username = ?
-    ");
-    
-    $fetchUserSettings->execute($login);
 
-    #$fetchUserPrefs->execute($login);
-
-    my $userHashRef = $fetchUserSettings->fetchrow_hashref;
-    if ( !$userHashRef ) {
-        &error( $self, "Access Denied" );
-    }
-
-    while ( my ( $key, $value ) = each( %{$userHashRef} ) ) {
-        $myconfig{$key} = $value;
-    }
-
-    chomp( $myconfig{'port'} );
-    chomp( $myconfig{'dbname'} );
-    chomp( $myconfig{'host'} );
-
-    $myconfig{'login'} = $login;
-    $myconfig{'dbconnect'} =
-        'dbi:Pg:dbname='
-      . $myconfig{'dbname'}
-      . ';host='
-      . $myconfig{'host'}
-      . ';port='
-      . $myconfig{'port'};
-
     return \%myconfig;
 }
 

Modified: trunk/LedgerSMB.pm
===================================================================
--- trunk/LedgerSMB.pm	2007-10-07 06:07:42 UTC (rev 1713)
+++ trunk/LedgerSMB.pm	2007-10-07 06:57:40 UTC (rev 1714)
@@ -173,12 +173,8 @@
         ($self->{action} eq 'authenticate' || !$self->{action})){
         return $self;
     }
-    my $locale   = LedgerSMB::Locale->get_handle($self->{_user}->{countrycode})
-       or $self->error(__FILE__.':'.__LINE__.": Locale not loaded: $!\n");
 
-    $self->{_locale} = $locale;
     $self->_db_init;
-    $self->{_user} = LedgerSMB::User->fetch_config($self);
     if ($self->is_run_mode('cgi', 'mod_perl')) {
         my %cookie;
         $ENV{HTTP_COOKIE} =~ s/;\s*/;/g;
@@ -190,13 +186,15 @@
 
        #check for valid session unless this is an iniital authentication
        #request -- CT
-       if (!($self->{action} eq 'authenticate' 
-                   || $self->{script} eq 'login.pl')
-            || !Session::session_check( $cookie{"LedgerSMB"}, $self) ) {
+       if (!Session::session_check( $cookie{"LedgerSMB"}, $self) ) {
             $self->_get_password("Session Expired");
             exit;
        }
+       $self->{_user} = LedgerSMB::User->fetch_config($self);
     }
+    #my $locale   = LedgerSMB::Locale->get_handle($self->{_user}->{countrycode})
+     #or $self->error(__FILE__.':'.__LINE__.": Locale not loaded: $!\n");
+       #self->{_locale} = $locale;
 
     $self->{stylesheet} = $self->{_user}->{stylesheet};
 
@@ -656,10 +654,10 @@
     # connection fails since this probably means bad credentials are entered.
     # Just in case, however, I think it is a good idea to include the DBI
     # error string.  CT
-    my $dbh = DBI->connect(
+    $self->{dbh} = DBI->connect(
         "dbi:Pg:dbname=$dbname;host=localhost;port=5432", "$login", "$password", { AutoCommit => 0 }
     ); 
-    $self->{dbh} = $dbh;
+     my $dbh = $self->{dbh};
 
     # This is the general version check
     my $sth = $dbh->prepare("
@@ -673,8 +671,8 @@
     }
 
 
-    if ($self->{script} eq 'login.pl' && $self->{action} eq 
-        'authenticate'){
+    if (($self->{script} eq 'login.pl') && ($self->{action} eq 
+        'authenticate')){
 
         return;
     }
@@ -688,10 +686,6 @@
     
     # TODO:  Add date handling settings and the like.
 
-    $self->{dbh} = $dbh;
-    if ($self->{script} eq 'autheticate' && $self->script eq 'login.pl'){
-        return;
-    }
     my $query = "SELECT t.extends, 
 			coalesce (t.table_name, 'custom_' || extends) 
 			|| ':' || f.field_name as field_def

Modified: trunk/scripts/login.pl
===================================================================
--- trunk/scripts/login.pl	2007-10-07 06:07:42 UTC (rev 1713)
+++ trunk/scripts/login.pl	2007-10-07 06:57:40 UTC (rev 1714)
@@ -28,7 +28,6 @@
         $request->{company} = 'lsmb13';
         $request->_db_init;
     }
-    $request->debug({file => '/tmp/request'});
     if ($request->{dbh} || $request->{log_out}){
         print "Content-Type: text/html\n";
         print "Set-Cookie: LedgerSMB=Login;\n";


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.