diff options
author | Nathan Angelacos <nangel@tetrasec.net> | 2007-12-05 16:44:24 +0000 |
---|---|---|
committer | Nathan Angelacos <nangel@tetrasec.net> | 2007-12-05 16:44:24 +0000 |
commit | a2fc97fd31df9a05c66cb3dbf4246727fff97f88 (patch) | |
tree | 2d1e8510f4fe0e0abbbab119b6e1123ed4084547 /lib | |
parent | 9e9c8f167b068fe506e633c71f2395f59bd8ce0b (diff) | |
download | acf-core-a2fc97fd31df9a05c66cb3dbf4246727fff97f88.tar.bz2 acf-core-a2fc97fd31df9a05c66cb3dbf4246727fff97f88.tar.xz |
reworked authenticator
git-svn-id: svn://svn.alpinelinux.org/acf/core/trunk@410 ab2d0c66-481e-0410-8bed-d214d4d58bed
Diffstat (limited to 'lib')
-rw-r--r-- | lib/authenticator-plaintext.lua | 63 |
1 files changed, 37 insertions, 26 deletions
diff --git a/lib/authenticator-plaintext.lua b/lib/authenticator-plaintext.lua index 62af3bd..6c58565 100644 --- a/lib/authenticator-plaintext.lua +++ b/lib/authenticator-plaintext.lua @@ -15,12 +15,11 @@ local sess = require ("session") local pvt={} +pvt.parse_authfile = function(filename) + local row = {} -pvt.read_authfile = function(id) - id = id or "" - -- open our password file - local f = io.open (self.conf.confdir .. "/passwd" ) + local f = io.open (filename) if f then local m = f:read("*all") .. "\n" f:close() @@ -28,25 +27,32 @@ pvt.read_authfile = function(id) for l in string.gmatch(m, "(%C*)\n") do local userid, password, username, roles = string.match(l, "([^:]*):([^:]*):([^:]*):(.*)") - if userid == id then - local r = {} - for x in string.gmatch(roles, "([^,]*),?") do - table.insert (r, x ) - end - - local a = {} - a.userid = userid - a.password = password - a.username = username - a.roles = r - return (a) + local r = {} + for x in string.gmatch(roles, "([^,]*),?") do + table.insert (r, x ) end + + local a = {} + a.userid = userid + a.password = password + a.username = username + a.roles = r + table.insert (row, a) end + return row else return false end end +pvt.get_id = function(userid, authstruct) + if authstruct == nil then return false end + for x = 1,#authstruct do + if authstruct[x].userid == userid then + return authstruct[x] + end + end +end --- public methods @@ -54,28 +60,33 @@ end -- if false: the reason for failure authenticate = function ( userid, password ) password = password or "" - - local t = pvt.read_authfile(userid) + userid = userid or "" + + local t = pvt.parse_authfile(conf.confdir .. "/passwd") if t == false then - return false, "Userid not found" - elseif t.password ~= password then - return false, "Invalid password" + return false, "password file is missing" else - return true + local id = pvt.get_id (userid, t) + if id == false then + return false, "Userid not found" + end + if id.password ~= password then + return false, "Invalid password" + end + end + return true end -end - -- This function returns the username and roles -- or false on an error userinfo = function ( userid ) - local t = pvt.read_authfile(userid) + local t = pvt.parse_authfile(conf.confdir .. "/passwd") if t == false then return false else - return t + pvt.get_id (userid, t) end end |