The Perl Toolchain Summit needs more sponsors. If your company depends on Perl, please support this very important event.
RJBS / Rubric-0.155 / lib / Rubric / WebApp / Login / Post.pm 
use strict;
use warnings;
package Rubric::WebApp::Login::Post;
# ABSTRACT: process web login from query parameters
$Rubric::WebApp::Login::Post::VERSION = '0.155';
use parent qw(Rubric::WebApp::Login);

use Digest::MD5 qw(md5_hex);

# =head1 DESCRIPTION
#
# This module checks the submitted query for information needed to confirm that a
# user is logged into the Rubric.
#
# =head1 METHODS
#
# =head2 get_login_username
#
# This checks for the username in a current login request.  First it checks
# whether there is a C<current_user> value in this session.  If not, it looks for
# a C<user> query parameter.
#
# =cut

sub get_login_username {
	my ($class, $webapp) = @_;

	$webapp->session->param('current_user') || $webapp->query->param('user');
}

# =head2 authenticate_login($webapp, $user)
#
# This returns true if the username came from the session.  Otherwise, it checks
# for a C<password> query parameter and compares its md5sum against the user's
# stored password md5sum.
#
# =cut

sub authenticate_login {
	my ($self, $webapp, $user) = @_;

	return 1 if
		$webapp->session->param('current_user') and
		$webapp->session->param('current_user') eq $user;

	my $password = $webapp->query->param('password');

	return (md5_hex($password) eq $user->password);
}

# =head2 set_current_user($webapp, $user)
#
# This method sets the current user in the session and then calls the superclass
# C<set_current_user>.
#
# =cut

sub set_current_user {
	my ($self, $webapp, $user) = @_;

	$webapp->session->param(current_user => $user->username);
	$self->SUPER::set_current_user($webapp, $user);
}

1;

__END__

=pod

=encoding UTF-8

=head1 NAME

Rubric::WebApp::Login::Post - process web login from query parameters

=head1 VERSION

version 0.155

=head1 DESCRIPTION

This module checks the submitted query for information needed to confirm that a
user is logged into the Rubric.

=head1 METHODS

=head2 get_login_username

This checks for the username in a current login request.  First it checks
whether there is a C<current_user> value in this session.  If not, it looks for
a C<user> query parameter.

=head2 authenticate_login($webapp, $user)

This returns true if the username came from the session.  Otherwise, it checks
for a C<password> query parameter and compares its md5sum against the user's
stored password md5sum.

=head2 set_current_user($webapp, $user)

This method sets the current user in the session and then calls the superclass
C<set_current_user>.

=head1 AUTHOR

Ricardo SIGNES <rjbs@cpan.org>

=head1 COPYRIGHT AND LICENSE

This software is copyright (c) 2004 by Ricardo SIGNES.

This is free software; you can redistribute it and/or modify it under
the same terms as the Perl 5 programming language system itself.

=cut