internal package
Foswiki::Users::HtPasswdUser
internal package
Foswiki::Users::HtPasswdUser is a
Foswiki::Users::Password
Support for htpasswd and htdigest format password files.
Subclass of
[[http://eugenemasoniccemetery.org/wiki/System/PerlDoc?module=Foswiki::Users::Password][Foswiki::Users::Password]]
.
See documentation of that class for descriptions of the methods of this class.
ObjectMethod
finish()
Break circular references.
ObjectMethod
readOnly( ) → boolean
returns true if the password file is not currently modifyable
_readPasswd ( $lock, $cache );
Read the password file. The content of the file is cached in
the password object.
We put a shared lock while reading if requested to prevent
other processes from writing while we read but still allows
parallel reading. The caller must never request a shared lock
if there is already an exclusive lock.
- if $lockShared is true, a shared lock is requested./
- if $cache is true, the in-memory cache will be returned if available.
This routine implements the auto-detection code for password entries:
Type |
Length |
Matches |
htdigest-md5 |
n/a |
$Foswiki::cfg{AuthRealm} |
(Realm has to be an exact match) |
sha1 |
33 |
^\{SHA\} |
crypt-md5 |
34 |
^\$1\$ |
apache-md5 |
37 |
^\$apr1\$ |
bcrypt |
60 |
^\$2a\$ |
crypt |
13 |
|
next field contains an email address |
plain |
any |
|
next field contains an email address |
sha |
|
|
(I don't recall what this encoding is, maybe an older implementation?) |
htdigest-md5 |
any |
|
If next field contains a md5 hash, Fallthru match in case realm changed |
_dumpPasswd( $db ) -> $boolean
Dumps the memory password database to a newline separated string
_savePasswd( $db ) -> $passwordE
Creates a new password file, and saves the content of the
internal password database to the file.
After writing the file, the cache timestamp is reset.
The umask is overridden during save, so that the password file is not world or group readable.
encrypt( $login, $passwordU, $fresh ) -> $passwordE
Will return an encrypted password. Repeated calls
to encrypt with the same login/passU will return the same passE.
However if the passU is changed, and subsequently changed
back
to the old login/passU pair, then the old passE is no longer valid.
If $fresh is true, then a new password not based on any pre-existing
salt will be used. Set this if you are generating a completely
new password.
ObjectMethod
fetchPass( $login ) → $passwordE
Implements
Foswiki::Password
Returns encrypted password if succeeds.
Returns 0 if login is invalid.
Returns undef otherwise.
setPassword( $login, $newPassU, $oldPassU ) -> $boolean
If the $oldPassU matches matches the user's password, then it will
replace it with $newPassU.
If $oldPassU is not correct and not 1, will return 0.
If $oldPassU is 1, will force the change irrespective of
the existing password, adding the user if necessary.
Otherwise returns 1 on success, undef on failure.
The password file is locked for exclusive access before being updated.
ObjectMethod
removeUser( $login ) → $boolean
Removes the user identified by $login from the database
and saves the password file.
Returns 1 on success, undef on failure.
ObjectMethod
checkPassword( $login, $password ) → $boolean
Checks the validity of $password by looking up the user in the
password file, and comparing the stored hash to the computed
hash of the supplied password.
Returns 1 on success, 0 on failure.
ObjectMethod
isManagingEmails() → $boolean
Returns true if the password manager is managing emails. This
implementaiton always returns true.
ObjectMethod
getEmails($login) → @array
Looks up the user in the database, Returns a list of email addresses
for the user. or returns an empty list.
ObjectMethod
setEmails($login, @emails ) → $boolean
Sets the identified user $login to the list of @emails.
ObjectMethod
findUseByEmail($email ) → @array
Searches the password DB for users who have set this email.
and returns and array of $login identifiers.