# WWW:Auth::DB
#
# Copyright (c) 2002 Jonathan A. Waxman <jowaxman@law.upenn.edu>
# All rights reserved.
#
# This program is free software; you can redistribute it and/or
# modify it under the same terms as Perl itself.


package WWW::Auth::DB;
use base 'WWW::Auth::Base';


use strict;
use WWW::Auth::Config;


sub _init {
  my $self   = shift;
  my %params = @_;

  $self->{_table}     = $params{Table}    || WWW::Auth::Config->table
    || return $self->error ('No database table specified.');
  $self->{_uid_field} = $params{UIDField} || WWW::Auth::Config->uid_field
    || return $self->error ('No UID database field specified.');
  $self->{_pwd_field} = $params{PwdField} || WWW::Auth::Config->pwd_field
    || return $self->error ('No password database field specified.');

  my $dsn      = $params{DSN}      || WWW::Auth::Config->dsn
    || return $self->error ('No DSN specified.');
  my $user     = $params{User}     || WWW::Auth::Config->user
    || return $self->error ('No database user specified.');
  my $password = $params{Password} || WWW::Auth::Config->password
    || return $self->error ('No database password specified.');

  $self->{_db}        = $params{DB}
    || WWW::Auth::Config->db (DSN	=> $dsn,
                              User	=> $user, 
                              Password	=> $password)
    || return $self->error (WWW::Auth::Config->error ());

  return 1;
}

sub auth {
  my $self = shift;
  my ($uid, $pwd, %params) = @_;

  my ($upwd) = $self->{_db}->select (Fields    => $self->{_pwd_field},
                                     Table     => $self->{_table},
                                     Where     => "$self->{_uid_field}='$uid'");
  return defined $upwd
         && $upwd eq crypt ($pwd, $upwd) ? 1 : (0, 'Username/Password incorrect');
#  return ($upwd !~ /^\s*$/ || $upwd eq crypt ($pwd, $upwd))
#    ? (0, 'Username/Password incorrect') : 1;
}


1;