after the break: when overloaded objects lie about themselves

[catagits/Catalyst-Plugin-Authentication.git] / lib / Catalyst / Plugin / Authentication / Credential / Password.pm

diff --git a/lib/Catalyst/Plugin/Authentication/Credential/Password.pm b/lib/Catalyst/Plugin/Authentication/Credential/Password.pm
index 7ade966..f9d9b62 100644 (file)
--- a/lib/Catalyst/Plugin/Authentication/Credential/Password.pm
+++ b/lib/Catalyst/Plugin/Authentication/Credential/Password.pm
@@ -10,31 +10,39 @@ use Catalyst::Exception ();
 use Digest              ();
 
 sub login {
-    my ( $c, $user, $password ) = @_;
+    my ( $c, $user, $password, @rest ) = @_;
 
     for ( $c->request ) {
-        unless ( $user ||= $_->param("login")
-            || $_->param("user")
-            || $_->param("username") )
-        {
+        unless (
+            defined($user)
+                or
+            $user = $_->param("login")
+                 || $_->param("user")
+                 || $_->param("username")
+        ) {
             $c->log->debug(
-                "Can't login a user without a user object or user ID param");
+                "Can't login a user without a user object or user ID param")
+                  if $c->debug;
             return;
         }
 
-        unless ( $password ||= $_->param("password")
-            || $_->param("passwd")
-            || $_->param("pass") )
-        {
-            $c->log->debug("Can't login a user without a password");
+        unless (
+            defined($password)
+                or
+            $password = $_->param("password")
+                     || $_->param("passwd")
+                     || $_->param("pass")
+        ) {
+            $c->log->debug("Can't login a user without a password")
+              if $c->debug;
             return;
         }
     }
 
     unless ( Scalar::Util::blessed($user)
-        and $user->isa("Catalyst:::Plugin::Authentication::User") )
+        and $user->isa("Catalyst::Plugin::Authentication::User") )
     {
-        if ( my $user_obj = $c->get_user($user) ) {
+        if ( my $user_obj = $c->get_user( $user, $password, @rest ) ) {
             $user = $user_obj;
         }
         else {
@@ -52,8 +60,7 @@ sub login {
     }
     else {
         $c->log->debug(
-            "Failed to authenticate user '$user'. Reason: 'Incorrect password'"
-          )
+            "Failed to authenticate user '$user'. Reason: 'Incorrect password'")
           if $c->debug;
         return;
     }
@@ -76,11 +83,14 @@ sub _check_password {
         $d->add($password);
         $d->add( $user->password_post_salt || '' );
 
-        my $stored   = $user->hashed_password;
-        my $computed = $d->digest;
+        my $stored      = $user->hashed_password;
+        my $computed    = $d->clone()->digest;
+        my $b64computed = $d->clone()->b64digest;
 
         return ( ( $computed eq $stored )
-              || ( unpack( "H*", $computed ) eq $stored ) );
+              || ( unpack( "H*", $computed ) eq $stored )
+              || ( $b64computed eq $stored)
+              || ( $b64computed.'=' eq $stored) );
     }
     elsif ( $user->supports(qw/password salted_hash/) ) {
         require Crypt::SaltedHash;
@@ -123,6 +133,15 @@ with a password.
       Authentication::Credential::Password
       /;
 
+    package MyApp::Controller::Auth;
+
+    # *** NOTE ***
+    # if you place an action named 'login' in your application's root (as
+    # opposed to inside a controller) the following snippet will recurse,
+    # giving you lots of grief.
+    # never name actions in the root controller after plugin methods - use
+    # controllers and : Global instead.
+
     sub login : Local {
         my ( $self, $c ) = @_;