annotate Lib/IMPL/Security/Auth/Simple.pm @ 134:44977efed303

Significant performance optimizations Fixed recursion problems due converting objects to JSON Added cache support for the templates Added discovery feature for the web methods
author wizard
date Mon, 21 Jun 2010 02:39:53 +0400
parents 6d3bca490556
children 4267a2ac3d46
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
51
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
1 package IMPL::Security::Auth::Simple;
71
wizard
parents: 68
diff changeset
2 use strict;
51
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
3
81
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 73
diff changeset
4 use base qw(IMPL::Object IMPL::Security::Auth);
51
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
5 use Digest::MD5;
52
15d720913562 security in work
wizard@linux-odin.local
parents: 51
diff changeset
6
15d720913562 security in work
wizard@linux-odin.local
parents: 51
diff changeset
7 use IMPL::Class::Property;
81
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 73
diff changeset
8 use IMPL::Security::Auth qw(:Const);
52
15d720913562 security in work
wizard@linux-odin.local
parents: 51
diff changeset
9
81
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 73
diff changeset
10 BEGIN {
52
15d720913562 security in work
wizard@linux-odin.local
parents: 51
diff changeset
11 private property _passwordImage => prop_all;
15d720913562 security in work
wizard@linux-odin.local
parents: 51
diff changeset
12 private property _sessionCookie => prop_all;
15d720913562 security in work
wizard@linux-odin.local
parents: 51
diff changeset
13 }
15d720913562 security in work
wizard@linux-odin.local
parents: 51
diff changeset
14
15d720913562 security in work
wizard@linux-odin.local
parents: 51
diff changeset
15 sub CTOR {
15d720913562 security in work
wizard@linux-odin.local
parents: 51
diff changeset
16 my ($this,$secData) = @_;
15d720913562 security in work
wizard@linux-odin.local
parents: 51
diff changeset
17
87
6d3bca490556 small fixes in the security moodules
wizard
parents: 81
diff changeset
18 my ($passImg,$cookie) = split /\|/,$secData;
81
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 73
diff changeset
19
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 73
diff changeset
20 $this->_passwordImage($passImg);
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 73
diff changeset
21 $this->_sessionCookie($cookie);
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 73
diff changeset
22 }
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 73
diff changeset
23
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 73
diff changeset
24 sub secData {
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 73
diff changeset
25 my ($this) = @_;
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 73
diff changeset
26
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 73
diff changeset
27 if ($this->_sessionCookie) {
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 73
diff changeset
28 return join ('|',$this->_passwordImage, $this->_sessionCookie );
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 73
diff changeset
29 } else {
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 73
diff changeset
30 return $this->_passwordImage;
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 73
diff changeset
31 }
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 73
diff changeset
32 }
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 73
diff changeset
33
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 73
diff changeset
34 sub isTrusted {
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 73
diff changeset
35 my ($this) = @_;
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 73
diff changeset
36
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 73
diff changeset
37 $this->_sessionCookie ? 1 : 0;
52
15d720913562 security in work
wizard@linux-odin.local
parents: 51
diff changeset
38 }
51
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
39
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
40 sub DoAuth {
52
15d720913562 security in work
wizard@linux-odin.local
parents: 51
diff changeset
41 my ($this,$challenge) = @_;
51
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
42
52
15d720913562 security in work
wizard@linux-odin.local
parents: 51
diff changeset
43 if (Digest::MD5::md5_hex($challenge) eq $this->_passwordImage) {
72
wizard
parents: 71
diff changeset
44 return (AUTH_SUCCESS,$this->_sessionCookie($this->GenSSID));
51
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
45 } elsee {
81
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 73
diff changeset
46 return (AUTH_FAIL,$this->_sessionCookie(undef));
52
15d720913562 security in work
wizard@linux-odin.local
parents: 51
diff changeset
47 }
15d720913562 security in work
wizard@linux-odin.local
parents: 51
diff changeset
48 }
15d720913562 security in work
wizard@linux-odin.local
parents: 51
diff changeset
49
15d720913562 security in work
wizard@linux-odin.local
parents: 51
diff changeset
50 sub ValidateSession {
15d720913562 security in work
wizard@linux-odin.local
parents: 51
diff changeset
51 my ($this,$cookie) = @_;
15d720913562 security in work
wizard@linux-odin.local
parents: 51
diff changeset
52
81
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 73
diff changeset
53 die new IMPL::InvalidOperationException("The context is untrusted") unless $this->_sessionCookie;
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 73
diff changeset
54
52
15d720913562 security in work
wizard@linux-odin.local
parents: 51
diff changeset
55 if ($cookie eq $this->_sessionCookie) {
72
wizard
parents: 71
diff changeset
56 return (AUTH_SUCCESS,undef);
52
15d720913562 security in work
wizard@linux-odin.local
parents: 51
diff changeset
57 } else {
72
wizard
parents: 71
diff changeset
58 return (AUTH_FAIL,undef);
51
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
59 }
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
60 }
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
61
71
wizard
parents: 68
diff changeset
62 sub CreateSecData {
wizard
parents: 68
diff changeset
63 my ($self,%args) = @_;
wizard
parents: 68
diff changeset
64
wizard
parents: 68
diff changeset
65 die new IMPL::InvalidArgumentException("The parameter is required",'password') unless $args{password};
wizard
parents: 68
diff changeset
66
87
6d3bca490556 small fixes in the security moodules
wizard
parents: 81
diff changeset
67 return Digest::MD5::md5_hex($args{password});
71
wizard
parents: 68
diff changeset
68 }
wizard
parents: 68
diff changeset
69
wizard
parents: 68
diff changeset
70 sub SecDataArgs {
72
wizard
parents: 71
diff changeset
71 password => 'SCALAR'
71
wizard
parents: 68
diff changeset
72 }
wizard
parents: 68
diff changeset
73
51
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
74 1;
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
75
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
76 __END__
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
77
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
78 =pod
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
79
71
wizard
parents: 68
diff changeset
80 =head1 NAME
wizard
parents: 68
diff changeset
81
wizard
parents: 68
diff changeset
82 C<IMPL::Security::Auth::Simple> Модуль простой авторизации.
wizard
parents: 68
diff changeset
83
51
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
84 =head1 DESCRIPTION
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
85
72
wizard
parents: 71
diff changeset
86 Использует алгоритм MD5 для хранения образа пароля.
71
wizard
parents: 68
diff changeset
87
72
wizard
parents: 71
diff changeset
88 =head1 MEMBERS
71
wizard
parents: 68
diff changeset
89
72
wizard
parents: 71
diff changeset
90 =over
wizard
parents: 71
diff changeset
91
81
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 73
diff changeset
92 =item C<CTOR($secData)>
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 73
diff changeset
93
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 73
diff changeset
94 Создает объект аутентификации, передавая ему данные для инициализации.
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 73
diff changeset
95
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 73
diff changeset
96 =item C<[get]secData>
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 73
diff changeset
97
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 73
diff changeset
98 Возвращает данные безопасности, которые можно использовать для восстановления
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 73
diff changeset
99 состояния объекта.
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 73
diff changeset
100
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 73
diff changeset
101 =item C<[get]isTrusted>
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 73
diff changeset
102
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 73
diff changeset
103 Является ли объект доверенным для аутентификации сессии (тоесть хранит данные
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 73
diff changeset
104 для аутентификации сессии).
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 73
diff changeset
105
72
wizard
parents: 71
diff changeset
106 =item C<DoAuth($challenge)>
wizard
parents: 71
diff changeset
107
wizard
parents: 71
diff changeset
108 Аутентифицирует пользователя. Используется один этап. C<$challenge>
wizard
parents: 71
diff changeset
109 открытый пароль пользователя.
wizard
parents: 71
diff changeset
110
wizard
parents: 71
diff changeset
111 Возвращает C<($status,$challenge)>
wizard
parents: 71
diff changeset
112
wizard
parents: 71
diff changeset
113 =over
wizard
parents: 71
diff changeset
114
wizard
parents: 71
diff changeset
115 =item C<$status>
wizard
parents: 71
diff changeset
116
wizard
parents: 71
diff changeset
117 Результат либо C<AUTH_SUCCESS>, либо C<AUTH_FAIL>
wizard
parents: 71
diff changeset
118
73
wizard
parents: 72
diff changeset
119 =item C<$challenge>
wizard
parents: 72
diff changeset
120
wizard
parents: 72
diff changeset
121 В случае успеха возвращает cookie (уникальный номер) сессии
wizard
parents: 72
diff changeset
122
wizard
parents: 72
diff changeset
123 =back
wizard
parents: 72
diff changeset
124
wizard
parents: 72
diff changeset
125 =item C<ValidateSession($challenge)>
wizard
parents: 72
diff changeset
126
wizard
parents: 72
diff changeset
127 Проверяет аутентичность сессии. Использует один этап. C<$challenge> cookie
wizard
parents: 72
diff changeset
128 сессии, полученный при выполнении метода C<DoAuth>.
wizard
parents: 72
diff changeset
129
wizard
parents: 72
diff changeset
130 Возвращает C<($status,$challenge)>
wizard
parents: 72
diff changeset
131
wizard
parents: 72
diff changeset
132 =over
wizard
parents: 72
diff changeset
133
wizard
parents: 72
diff changeset
134 =item C<$status>
wizard
parents: 72
diff changeset
135
wizard
parents: 72
diff changeset
136 Результат либо C<AUTH_SUCCESS>, либо C<AUTH_FAIL>
wizard
parents: 72
diff changeset
137
wizard
parents: 72
diff changeset
138 =item C<$challenge>
wizard
parents: 72
diff changeset
139
wizard
parents: 72
diff changeset
140 Всегда C<undef>
72
wizard
parents: 71
diff changeset
141
wizard
parents: 71
diff changeset
142 =back
wizard
parents: 71
diff changeset
143
wizard
parents: 71
diff changeset
144 =back
51
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
145
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
146 =cut