Making Realm a bonafide object. No change to docs yet, but passes all

[catagits/Catalyst-Plugin-Authentication.git] / lib / Catalyst / Plugin / Authentication / Credential / Password.pm

diff --git a/lib/Catalyst/Plugin/Authentication/Credential/Password.pm b/lib/Catalyst/Plugin/Authentication/Credential/Password.pm
index 081dca7..624143b 100644 (file)
--- a/lib/Catalyst/Plugin/Authentication/Credential/Password.pm
+++ b/lib/Catalyst/Plugin/Authentication/Credential/Password.pm
@@ -1,5 +1,3 @@
-#!/usr/bin/perl
-
 package Catalyst::Plugin::Authentication::Credential::Password;
 use base qw/Class::Accessor::Fast/;
 
@@ -11,28 +9,30 @@ use Catalyst::Exception ();
 use Digest              ();
 
 BEGIN {
-    __PACKAGE__->mk_accessors(qw/_config/);
+    __PACKAGE__->mk_accessors(qw/_config realm/);
 }
 
 sub new {
-    my ($class, $config, $app) = @_;
+    my ($class, $config, $app, $realm) = @_;
     
     my $self = { _config => $config };
     bless $self, $class;
     
+    $self->realm($realm);
+    
     $self->_config->{'password_field'} ||= 'password';
     $self->_config->{'password_type'}  ||= 'clear';
     $self->_config->{'password_hash_type'} ||= 'SHA-1';
     
     my $passwordtype = $self->_config->{'password_type'};
-    if (!grep /$passwordtype/, ('clear', 'hashed', 'salted_hash', 'crypted', 'self_check')) {
+    if (!grep /$passwordtype/, ('none', 'clear', 'hashed', 'salted_hash', 'crypted', 'self_check')) {
         Catalyst::Exception->throw(__PACKAGE__ . " used with unsupported password type: " . $self->_config->{'password_type'});
     }
     return $self;
 }
 
 sub authenticate {
-    my ( $self, $c, $authstore, $authinfo ) = @_;
+    my ( $self, $c, $realm, $authinfo ) = @_;
 
     ## because passwords may be in a hashed format, we have to make sure that we remove the 
     ## password_field before we pass it to the user routine, as some auth modules use 
@@ -40,7 +40,7 @@ sub authenticate {
     my $userfindauthinfo = {%{$authinfo}};
     delete($userfindauthinfo->{$self->_config->{'password_field'}});
     
-    my $user_obj = $authstore->find_user($userfindauthinfo, $c);
+    my $user_obj = $realm->find_user($userfindauthinfo, $c);
     if (ref($user_obj)) {
         if ($self->check_password($user_obj, $authinfo)) {
             return $user_obj;
@@ -60,9 +60,11 @@ sub check_password {
         my $password = $authinfo->{$self->_config->{'password_field'}};
         my $storedpassword = $user->get($self->_config->{'password_field'});
         
-        if ($self->_config->{password_type} eq 'clear') {
+        if ($self->_config->{'password_type'} eq 'none') {
+            return 1;
+        } elsif ($self->_config->{'password_type'} eq 'clear') {
             return $password eq $storedpassword;
-        }  elsif ($self->_config->{'password_type'} eq 'crypted') {            
+        } elsif ($self->_config->{'password_type'} eq 'crypted') {            
             return $storedpassword eq crypt( $password, $storedpassword );
         } elsif ($self->_config->{'password_type'} eq 'salted_hash') {
             require Crypt::SaltedHash;
@@ -283,6 +285,12 @@ from the user object. The supported options are:
 
 =over 8
 
+=item none
+
+No password check is done. An attempt is made to retrieve the user based on
+the information provided in the $c->authenticate() call. If a user is found, 
+authentication is considered to be successful.
+
 =item clear
 
 The password in user is in clear text and will be compared directly.